Rorie Hood, Mobile security researcher
2 mins read
BYOD devices will often not be subject to corporate security policies in the same way as company issued devices. This can result in devices running outdated software with known security vulnerabilities as the responsibility for maintaining the security of the devices is shifted from the organization to the device owners.
One of the most effective methods of implementing and maintaining a secure BYOD policy is to require employees to register their device with a corporate Mobile Device Management (MDM) solution that provides access to the corporate network and internal services via network authentication.
This will allow the organization to enforce an MDM policy on the BYOD devices, while allowing the device access to specific corporate resources. MDM can often be configured to allow the user to un-enrol, should they no longer wish to participate in the BYOD program. A correctly configured MDM solution will remove any corporate data from the device upon unenrolment.
BYOD programs should always be implemented with caution. Appropriate steps should be taken in order to segregate BYOD devices from other devices on the network, especially those that hold sensitive data or perform critical operations.
The safest approach would be to provide the devices with an independent network that is separated from other devices in the corporate infrastructure. It is also advisable the BYOD devices are monitored in order to detect any threats to the network originating from unmanaged devices.