BYOD and Your Security Part I

In the first part of his discussion on BYOD , Panseh Tsewole takes a look at how we got here . Why is BYOD a hot topic at most enterprises . Panseh believes it is an important component of a successful information security program .  He will devote the next few weeks blogging on this topic .

For a long time , organizations provided employees with company owned portable devices being it a laptop or a Blackberry device .  Often , the employees were allowed to use these devices to check emails, store contact and downloading of rich applications wasn’t allowed .   The last few years more powerful devices such as the IPhone , with rich features have been developed and heavily marketed to consumers .  Employees have embraced these devices and prefer to use these devices  they own , for work purpose.

Organizations for the most part has embraced employees using their own devices for work purpose . It makes business sense as it reduces capital expenditure on procuring these devices . However, allowing employees to bring in their own device is fraught with risk to an enterprise’s assets .

There are security , privacy and legal concerns to deal with . The questions to be considered include how much control would the enterprise exert over a BYOD ? What is the level of management being assigned to the BYOD ? How is a theft of BYOD going to be handled ? Is the enterprise going to allow its data to be stored on the BYOD ? Which BYOD are going to permitted access and how do we go about determining which to allow? How many BYOD per user would be allowed to connect to the network ? How are applications going to push the BYOD ? Can we restrict the user’s access to certain sites on their own device ?  How far are we going to go support the BYODs ?

These are some of the questions that need to be answered prior to the introducing BYOD on an enterprise network .