Page 67 - index
P. 67
Companies should have a written BYOD policy ensuring that employees do not retain data
owned by the company when they leave an organization.
Hacking Issues
Protecting smartphones from hacking attacks is a big challenge for organizations. According to
CBS News, smartphones have recently become the prime targets for hackers. With password-
cracking software available for download on the internet, anyone can purchase a password-
hacking tool and hack mobile devices. When a device is hacked, it can be used to connect to a
corporate network to access business-critical information.
How Can You Secure Your BYOD Environment?
Firstly, organizations should not implement a BYOD policy unless they are fully prepared to
handle it. By weighing drawbacks and benefits along with compliance issues, organizations can
prepare a written BYOD policy that addresses BYOD security issues comprehensively.
This policy should include compliance aspects such as how and when corporate data should be
deleted from a device, what type of data can be accessed through a personal device, how data
are moved between personal devices and business servers, and what type of encryption should
be in force.
Business data and personal data have to be differentiated, and access to corporate data must
be privilege-based. Most importantly, employees need to be educated about their
responsibilities, and instructed on safe practices for smartphone use within corporate networks.
Without proper co-operation from employees, it is not easy to manage a BYOD environment.
By performing an audit on access to personal data and the types of devices used, organizations
can add an extra layer of security.
Secondly, the BYOD policy should provide clear password specifications for employees. The
password should have a minimum length and should be locked after a time lapse.
Based on the number of specified failed password attempts, the device should be reset to
factory settings. It should be possible to lock the device remotely, change password, or wipe off
its entire content with ease.
Thirdly, businesses need a comprehensive mobile device management suite. With an array of
versatile mobile devices, hybrid networks and multiple business procedures, it is not easy for
businesses to manually manage and monitor each and every device within the network.
A powerful mobile device management (MDM) solution provides a centralized dashboard to
manage and monitor the entire range of devices effectively.
67 Cyber Warnings E-Magazine – December 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
