dcsimg

How to Minimize the Impact of BYOD and Improve Security

  • How to Minimize the Impact of BYOD and Improve Security-

    Secure Access to Data

    Today, users obtain access to their PIM data by simply entering their email address and their Windows password on their mobile device. Based on the settings of the Exchange Server, the device will either be automatically approved and the data synchronization will begin or the device will be quarantined until manually approved by the administrator.

    The automatic approval process presents a security vulnerability because the users are poorly authenticated only by their username and password (single-factor authentication). Alternatively, manual approval by the administrator presents the problem, especially in larger companies, of the system administrator knowing whether to approve a quarantined device or not. How does he/she distinguish between a valid user device and a hacker attempting to get access to a user's e-mail?

    To authenticate the identity of the user requesting remote access to company systems and data, take the following steps:

    • Ensure authentication of the users accessing data.
    • If data is synchronized:
      -- Ensure that the device is authenticated.
      -- Link the device to a named user.
      -- Encrypt the transport of data.
    • If access is granted to centralized systems, the user must be authenticated.
1 | 2 | 3 | 4 | 5 | 6 | 7

How to Minimize the Impact of BYOD and Improve Security

  • 1 | 2 | 3 | 4 | 5 | 6 | 7
  • How to Minimize the Impact of BYOD and Improve Security-2

    Secure Access to Data

    Today, users obtain access to their PIM data by simply entering their email address and their Windows password on their mobile device. Based on the settings of the Exchange Server, the device will either be automatically approved and the data synchronization will begin or the device will be quarantined until manually approved by the administrator.

    The automatic approval process presents a security vulnerability because the users are poorly authenticated only by their username and password (single-factor authentication). Alternatively, manual approval by the administrator presents the problem, especially in larger companies, of the system administrator knowing whether to approve a quarantined device or not. How does he/she distinguish between a valid user device and a hacker attempting to get access to a user's e-mail?

    To authenticate the identity of the user requesting remote access to company systems and data, take the following steps:

    • Ensure authentication of the users accessing data.
    • If data is synchronized:
      -- Ensure that the device is authenticated.
      -- Link the device to a named user.
      -- Encrypt the transport of data.
    • If access is granted to centralized systems, the user must be authenticated.

When today's hacker and identity theft threats combine with the new challenges presented by the trend of 'bring your own device' (BYOD), companies must take decisive action to deliver secure, flexible and convenient authentication to employees and their devices alike.

BYOD has always posed a headache to system administrators, since these mobile devices are accessing corporate data. In recent years, the trend has blossomed into BYOE or "bring your own everything," as employees blur boundaries by bringing not only their own smartphones, tablets and laptops to the office, but also their own applications and networks.

This infusion of personal devices, apps and networks into the corporate environment presents a significant security challenge, as controlling access to corporate data and network assets is complicated by the presence of devices, networks and applications not fully under the IT department's control. Many security and IT administrators have spent sleepless nights trying to address well-known and widespread security issues surrounding data synchronization on unsecured devices accessing the corporate network. In this slideshow, SMS Passcode has identified critical steps organizations can take to minimize the impact of BYOD and manage devices in a secure way.