SlideShare una empresa de Scribd logo

Bring Your Own Device (BYOD)

Descargar como PPTX, PDF
K
k33a

Bring Your Own Device

Educación
1 de 28
INTRODUCTION • Bring Your Own Device (BYOD) has become one of the most influential trends that has or will touch each and every IT organization. • The term has come to define a megatrend occurring in IT that requires sweeping changes to the way devices are used in the workplace. 2
WHAT IS BYOD? • Bring your own device (BYOD) (also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC)) refers to the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications. Source: Wikipedia 3
THE CONFLICT Corporate space Consumer space Devices with functionality limited to phone calls and email Mobile phones Smart phones offering tens of thousands of useful apps, typically iPhone Restricted storage for official files and email What to Store Providers such as Google and Yahoo offering virtually unlimited storage to store whatever you want Long replacement cycles – up to four years for hardware and eight years for software Update Cycles Very rapid updated hardware – immediate download of new apps and services Highly standardized, inflexible and often restricted environment Style and Customization High variety of consumer devices, systems, applications and “skins” 4
BALANCE 5
BUSINESS DRIVERS Consumer Devices Multiple Needs and Multiple Devices Work and Personal Overlap Anywhere, Anytime Mobility Video, Collaboration, and Rich Media Applications 6
BENEFITS OF BYOD Improved employee convenience and satisfaction Higher agility in business operation Attraction and retention tool for talented workers Increased employee productivity Greater workforce mobility 7
CHALLENGES FOR IT ORGANIZATION Unclear cost benefits Providing Device Choice and Support Maintaining Secure Access to the Corporate Network On-Boarding of New Devices Enforcing Company Acceptable Usage Policies Visibility of Devices on the Network Protecting Data and Loss Prevention Revoking Access Potential for New Attack Vectors Ensuring Wireless LAN Performance and Reliability Managing the Increase in Connected Devices 8
CHALLENGES FOR END USER Keeping it Simple Mixing Personal Device With Work Getting the Productivity and Experience Needed 9
PRIVACY CHALLENGES • Personal nature of device and expectation of privacy • • • Mobile nature of the devices • • Remote working and travel (checking to see if employee is where they are supposed to be) Where monitoring may occur on a personal device: • • • • • Is prohibited web surfing on a company device allowed on the personal device? Personal data: pictures, videos, personal emails, bank statements, tax returns, social security numbers, chat histories, user names/passwords, medical information While connected to the network Data in transmission between personal device and network Monitoring of “sandboxed” or company area of mobile device. Monitoring of entire device (e.g. key stroke logger; recording browser history, etc.) Location 10
PRIVACY CHALLENGES – INVESTIGATIONS • Investigations (internal, criminal, audits) • Security breach response – forensic investigations • Litigation holds • eDiscovery (searching for, preserving and collecting data) • Information requests/demands/subpoenas/regulatory investigations 11
INCIDENT RESPONSE CHALLENGES • Obtaining access to the device and data thereon • • • Physical possession Unlocked/login credentials Unencrypted • Remote wiping • Timing issues • • • Damage to the device • • • • • Incident detection Litigation holds/tampering of evidence Installation of software may be required Data loss Software corruption Loss of use Privacy issues • • Cooperation issue Ability to tie to business need and limit scope 12
Governance & Risk Analysis 13
QUADRANT DIAGRAM High Embrace Contain Disregard Block Value to Business Low Security pressure High 14
BYOD GOVERNANCE • Creation of organization-specific BYOD policies developed in conjunction with Legal, HR, IT, Procurement, Sales, and others • Transparent guidelines on who is eligible or not for the program • New employee agreements for support, risk, and responsibility. • Adjustments to service levels and service desk training. • Funding and reimbursement strategies. • Employee education and IT publishing specifications on acceptable devices. • Customization by country and possible tax implications for both employee and employer 15
BYOD GOVERNANCE • Individual responsibility needs are heightened under BYOD programs • Corporate management needs to be transparent in requiring greater management control over an individual’s devices in order to allow BYOD programs to work • Internal audit team’s knowledge of the organization’s mobile strategy needs to evolve just as quickly as the mobile landscape • Governance must include an interdisciplinary Steering Committee to identify, discuss, and evaluate risks from an interdisciplinary perspective 16
RISK ANALYSIS • Performing a risk analysis prior to implementing a BYOD program is crucial • Interdisciplinary teams should be involved in the risk analysis • Risk assessment should incorporate the likelihood as well as the impact of the risks • Risk analysis should address identification of the associated BYOD information risks to the organization: • • • • Handling of personally identifiable information (PII) Handling of high value organizational information Handling of other data impacted by regulatory compliance (healthcare data, credit card data) Risk assessment mitigation plans must be owned by the business and IT stakeholders and properly implemented 17
Mobile Device Management 18
MOBILE DEVICE MANAGEMENT • Mobile Device Management (MDM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises • MDM functionality typically includes over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, ruggedized mobile computers, mobile printers, mobile POS devices, etc. • By controlling and protecting the data and configuration settings for all mobile devices in the network, MDM can reduce support costs and business risks • The intent of MDM is to optimize the functionality and security of a mobile communications network while minimizing cost and downtime 19
MOBILE DEVICE MANAGEMENT • Mobile Device Management software (MDM) can consist of four main components: • • • • Software management - Manage and support mobile applications, content and operating systems (configuration, updates, patches/fixes) Network service management - Gain information off of the device that captures location, usage, and cellular and WLAN network info (provisioning, usage, service, reporting) Hardware management - Provisioning and support (asset/inventory, activation) beyond basic asset management. Security management - Enforcement of standard device security, authentication and encryption (remote wipe, policy enforcement). 20
Deployment Basics 21
3 MODELS 22
APPLICATION STRATEGIES 23
HIGH LEVEL ARCHITECTURE 24
25
ACTION POINTS TO OVERCOME SECURITY CONCERNS 26
Q&A 27
THANK YOU 28

Recomendados

BYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsBYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And Benefits
Modis
 
BYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesBYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security Issues
Harsh Kishore Mishra
 
BYOD
BYODBYOD
BYOD
Neeraj Muduli
 
An Introduction on Design and Implementation on BYOD and Mobile Security
An Introduction on Design and Implementation on BYOD and Mobile SecurityAn Introduction on Design and Implementation on BYOD and Mobile Security
An Introduction on Design and Implementation on BYOD and Mobile Security
Sina Manavi
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
Murray Security Services
 
Bring your own device
Bring your own deviceBring your own device
Bring your own device
C/D/H Technology Consultants
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
devalnaik
 
It Policies
It PoliciesIt Policies
It Policies
James Sutter
 

Recomendados

BYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsBYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And Benefits
Modis
 
BYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesBYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security Issues
Harsh Kishore Mishra
 
BYOD
BYODBYOD
BYOD
Neeraj Muduli
 
An Introduction on Design and Implementation on BYOD and Mobile Security
An Introduction on Design and Implementation on BYOD and Mobile SecurityAn Introduction on Design and Implementation on BYOD and Mobile Security
An Introduction on Design and Implementation on BYOD and Mobile Security
Sina Manavi
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
Murray Security Services
 
Bring your own device
Bring your own deviceBring your own device
Bring your own device
C/D/H Technology Consultants
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
devalnaik
 
It Policies
It PoliciesIt Policies
It Policies
James Sutter
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
Robert Crane
 
Internet Domains
Internet DomainsInternet Domains
Internet Domains
adil raja
 
Domain name system presentation
Domain name system presentationDomain name system presentation
Domain name system presentation
Anchit Dhingra
 
Intranet and extranet
Intranet and extranetIntranet and extranet
Intranet and extranet
Sharda University
 
Dell Technologies - Company and Portfolio Introduction in 20 Minutes
Dell Technologies - Company and Portfolio Introduction in 20 MinutesDell Technologies - Company and Portfolio Introduction in 20 Minutes
Dell Technologies - Company and Portfolio Introduction in 20 Minutes
Dell Technologies
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
charlesgarrett
 
Datacenter Strategy, Design, and Build
Datacenter Strategy, Design, and BuildDatacenter Strategy, Design, and Build
Datacenter Strategy, Design, and Build
Christopher Kelley
 
Datacenter overview
Datacenter overviewDatacenter overview
Datacenter overview
Heather Brotherton
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security Policy
Robot Mode
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policy
marindi
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
internet intranet and extranet
internet intranet and extranetinternet intranet and extranet
internet intranet and extranet
FLYMAN TECHNOLOGY LIMITED
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance Center
Craig Jahnke
 
Microsoft Office 365
Microsoft Office 365Microsoft Office 365
Microsoft Office 365
Novosco
 
Domain Controller.pptx
Domain Controller.pptxDomain Controller.pptx
Domain Controller.pptx
ENTERTAINMENTHASNOEN
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
SaimaRafiq
 
Business application of internet
Business application of internetBusiness application of internet
Business application of internet
Nelson Kuriakose
 
data resource management
data resource management data resource management
data resource management
soodsurbhi123
 
Data security
Data securityData security
Data security
ForeSolutions
 
Mobile Device Policy Template
Mobile Device Policy Template Mobile Device Policy Template
Mobile Device Policy Template
Demand Metric
 
BYOD Presentation for 2015 Year
BYOD Presentation for 2015 YearBYOD Presentation for 2015 Year
BYOD Presentation for 2015 Year
SunnyhillsSchool
 
Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD] Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD]
Md Yousup Faruqu
 

Más contenido relacionado

La actualidad más candente

Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
charlesgarrett
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policy
marindi
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
SaimaRafiq
 
data resource management
data resource management data resource management
data resource management
soodsurbhi123
 

La actualidad más candente (20)

Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Internet Domains
Internet DomainsInternet Domains
Internet Domains
 
Domain name system presentation
Domain name system presentationDomain name system presentation
Domain name system presentation
 
Intranet and extranet
Intranet and extranetIntranet and extranet
Intranet and extranet
 
Dell Technologies - Company and Portfolio Introduction in 20 Minutes
Dell Technologies - Company and Portfolio Introduction in 20 MinutesDell Technologies - Company and Portfolio Introduction in 20 Minutes
Dell Technologies - Company and Portfolio Introduction in 20 Minutes
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
 
Datacenter Strategy, Design, and Build
Datacenter Strategy, Design, and BuildDatacenter Strategy, Design, and Build
Datacenter Strategy, Design, and Build
 
Datacenter overview
Datacenter overviewDatacenter overview
Datacenter overview
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security Policy
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policy
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
internet intranet and extranet
internet intranet and extranetinternet intranet and extranet
internet intranet and extranet
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance Center
 
Microsoft Office 365
Microsoft Office 365Microsoft Office 365
Microsoft Office 365
 
Domain Controller.pptx
Domain Controller.pptxDomain Controller.pptx
Domain Controller.pptx
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
Business application of internet
Business application of internetBusiness application of internet
Business application of internet
 
data resource management
data resource management data resource management
data resource management
 
Data security
Data securityData security
Data security
 
Mobile Device Policy Template
Mobile Device Policy Template Mobile Device Policy Template
Mobile Device Policy Template
 

Destacado

Byod for djh students final
Byod for djh students finalByod for djh students final
Byod for djh students final
Sue Miller
 
Segurança da Informação em BYOD
Segurança da Informação em BYODSegurança da Informação em BYOD
Segurança da Informação em BYOD
Microsoft
 
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
Clever Consulting
 
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
Microsoft Technet France
 

Destacado (20)

BYOD Presentation for 2015 Year
BYOD Presentation for 2015 YearBYOD Presentation for 2015 Year
BYOD Presentation for 2015 Year
 
Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD] Business Case Of Bring Your Own Device[ BYOD]
Business Case Of Bring Your Own Device[ BYOD]
 
Byod for djh students final
Byod for djh students finalByod for djh students final
Byod for djh students final
 
Byod parent presentation copy of
Byod parent presentation copy of Byod parent presentation copy of
Byod parent presentation copy of
 
Audit Principles
Audit PrinciplesAudit Principles
Audit Principles
 
Palestra “Reforçando a Educação Nomádica: Implementando BYOD e Cloud Computin...
Palestra “Reforçando a Educação Nomádica: Implementando BYOD e Cloud Computin...Palestra “Reforçando a Educação Nomádica: Implementando BYOD e Cloud Computin...
Palestra “Reforçando a Educação Nomádica: Implementando BYOD e Cloud Computin...
 
Segurança da Informação em BYOD
Segurança da Informação em BYODSegurança da Informação em BYOD
Segurança da Informação em BYOD
 
09 età di_pericle
09 età di_pericle09 età di_pericle
09 età di_pericle
 
Il pnsd a scuola
Il pnsd a scuolaIl pnsd a scuola
Il pnsd a scuola
 
Byod in-a-box
Byod in-a-boxByod in-a-box
Byod in-a-box
 
Pesquisa sobre BYOD
Pesquisa sobre BYODPesquisa sobre BYOD
Pesquisa sobre BYOD
 
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
Come affrontare le sfide del BYOD, Bring Your Own Device - Clever News, 01/2013
 
Pnsd azioni
Pnsd azioniPnsd azioni
Pnsd azioni
 
Byod
ByodByod
Byod
 
PNSD presentazione a Cagliari
PNSD presentazione a CagliariPNSD presentazione a Cagliari
PNSD presentazione a Cagliari
 
Etude de l’impact des programmes d’égalité des chances portés par HEC et la F...
Etude de l’impact des programmes d’égalité des chances portés par HEC et la F...Etude de l’impact des programmes d’égalité des chances portés par HEC et la F...
Etude de l’impact des programmes d’égalité des chances portés par HEC et la F...
 
BYOD
BYOD BYOD
BYOD
 
Byod par où commencer normand cyr
Byod par où commencer normand cyrByod par où commencer normand cyr
Byod par où commencer normand cyr
 
Les phénomènes BYOD, BYOC, WYOD, CYOD & COPE
Les phénomènes BYOD, BYOC, WYOD, CYOD & COPELes phénomènes BYOD, BYOC, WYOD, CYOD & COPE
Les phénomènes BYOD, BYOC, WYOD, CYOD & COPE
 
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
Protéger vos données dans un contexte BYOD/Office 365 avec le nouveau service...
 

Similar a Bring Your Own Device (BYOD)

IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD World
mkeane
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 
Preparing for Mobile Device Management & Bring your Own Device
Preparing for Mobile Device Management & Bring your Own DevicePreparing for Mobile Device Management & Bring your Own Device
Preparing for Mobile Device Management & Bring your Own Device
Waterstons Ltd
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Security
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
AugmentedWorldExpo
 
Ten Commandments of BYOD
Ten Commandments of BYODTen Commandments of BYOD
Ten Commandments of BYOD
K Singh
 

Similar a Bring Your Own Device (BYOD) (20)

BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Outside the Office: Mobile Security
Outside the Office: Mobile SecurityOutside the Office: Mobile Security
Outside the Office: Mobile Security
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
 
Secure Android Mobile Device: SOTI MobiControl and Android Plus technology
Secure Android Mobile Device: SOTI MobiControl and Android Plus technology Secure Android Mobile Device: SOTI MobiControl and Android Plus technology
Secure Android Mobile Device: SOTI MobiControl and Android Plus technology
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD World
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
Byod security
Byod security Byod security
Byod security
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
 
Preparing for Mobile Device Management & Bring your Own Device
Preparing for Mobile Device Management & Bring your Own DevicePreparing for Mobile Device Management & Bring your Own Device
Preparing for Mobile Device Management & Bring your Own Device
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
How to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry MigrationHow to Manage the Great BlackBerry Migration
How to Manage the Great BlackBerry Migration
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization
 
BYOD - Secure the data, not the device
BYOD - Secure the data, not the deviceBYOD - Secure the data, not the device
BYOD - Secure the data, not the device
 
Ten Commandments of BYOD
Ten Commandments of BYODTen Commandments of BYOD
Ten Commandments of BYOD
 

Más de k33a

The Communist Manifesto
The Communist ManifestoThe Communist Manifesto
The Communist Manifesto
k33a
 

Más de k33a (6)

An Overview of Consumer Privacy Regulations for TSPs in India
An Overview of Consumer Privacy Regulations for TSPs in IndiaAn Overview of Consumer Privacy Regulations for TSPs in India
An Overview of Consumer Privacy Regulations for TSPs in India
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP)Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP)
 
Trusted Platform Module (TPM)
Trusted Platform Module (TPM)Trusted Platform Module (TPM)
Trusted Platform Module (TPM)
 
Unified Extensible Firmware Interface (UEFI)
Unified Extensible Firmware Interface (UEFI)Unified Extensible Firmware Interface (UEFI)
Unified Extensible Firmware Interface (UEFI)
 
The Communist Manifesto
The Communist ManifestoThe Communist Manifesto
The Communist Manifesto
 

Último

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
SoniaTolstoy
 

Último (20)

social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 

Bring Your Own Device (BYOD)

  • 1.
  • 2. INTRODUCTION • Bring Your Own Device (BYOD) has become one of the most influential trends that has or will touch each and every IT organization. • The term has come to define a megatrend occurring in IT that requires sweeping changes to the way devices are used in the workplace. 2
  • 3. WHAT IS BYOD? • Bring your own device (BYOD) (also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC)) refers to the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications. Source: Wikipedia 3
  • 4. THE CONFLICT Corporate space Consumer space Devices with functionality limited to phone calls and email Mobile phones Smart phones offering tens of thousands of useful apps, typically iPhone Restricted storage for official files and email What to Store Providers such as Google and Yahoo offering virtually unlimited storage to store whatever you want Long replacement cycles – up to four years for hardware and eight years for software Update Cycles Very rapid updated hardware – immediate download of new apps and services Highly standardized, inflexible and often restricted environment Style and Customization High variety of consumer devices, systems, applications and “skins” 4
  • 6. BUSINESS DRIVERS Consumer Devices Multiple Needs and Multiple Devices Work and Personal Overlap Anywhere, Anytime Mobility Video, Collaboration, and Rich Media Applications 6
  • 7. BENEFITS OF BYOD Improved employee convenience and satisfaction Higher agility in business operation Attraction and retention tool for talented workers Increased employee productivity Greater workforce mobility 7
  • 8. CHALLENGES FOR IT ORGANIZATION Unclear cost benefits Providing Device Choice and Support Maintaining Secure Access to the Corporate Network On-Boarding of New Devices Enforcing Company Acceptable Usage Policies Visibility of Devices on the Network Protecting Data and Loss Prevention Revoking Access Potential for New Attack Vectors Ensuring Wireless LAN Performance and Reliability Managing the Increase in Connected Devices 8
  • 9. CHALLENGES FOR END USER Keeping it Simple Mixing Personal Device With Work Getting the Productivity and Experience Needed 9
  • 10. PRIVACY CHALLENGES • Personal nature of device and expectation of privacy • • • Mobile nature of the devices • • Remote working and travel (checking to see if employee is where they are supposed to be) Where monitoring may occur on a personal device: • • • • • Is prohibited web surfing on a company device allowed on the personal device? Personal data: pictures, videos, personal emails, bank statements, tax returns, social security numbers, chat histories, user names/passwords, medical information While connected to the network Data in transmission between personal device and network Monitoring of “sandboxed” or company area of mobile device. Monitoring of entire device (e.g. key stroke logger; recording browser history, etc.) Location 10
  • 11. PRIVACY CHALLENGES – INVESTIGATIONS • Investigations (internal, criminal, audits) • Security breach response – forensic investigations • Litigation holds • eDiscovery (searching for, preserving and collecting data) • Information requests/demands/subpoenas/regulatory investigations 11
  • 12. INCIDENT RESPONSE CHALLENGES • Obtaining access to the device and data thereon • • • Physical possession Unlocked/login credentials Unencrypted • Remote wiping • Timing issues • • • Damage to the device • • • • • Incident detection Litigation holds/tampering of evidence Installation of software may be required Data loss Software corruption Loss of use Privacy issues • • Cooperation issue Ability to tie to business need and limit scope 12
  • 13. Governance & Risk Analysis 13
  • 15. BYOD GOVERNANCE • Creation of organization-specific BYOD policies developed in conjunction with Legal, HR, IT, Procurement, Sales, and others • Transparent guidelines on who is eligible or not for the program • New employee agreements for support, risk, and responsibility. • Adjustments to service levels and service desk training. • Funding and reimbursement strategies. • Employee education and IT publishing specifications on acceptable devices. • Customization by country and possible tax implications for both employee and employer 15
  • 16. BYOD GOVERNANCE • Individual responsibility needs are heightened under BYOD programs • Corporate management needs to be transparent in requiring greater management control over an individual’s devices in order to allow BYOD programs to work • Internal audit team’s knowledge of the organization’s mobile strategy needs to evolve just as quickly as the mobile landscape • Governance must include an interdisciplinary Steering Committee to identify, discuss, and evaluate risks from an interdisciplinary perspective 16
  • 17. RISK ANALYSIS • Performing a risk analysis prior to implementing a BYOD program is crucial • Interdisciplinary teams should be involved in the risk analysis • Risk assessment should incorporate the likelihood as well as the impact of the risks • Risk analysis should address identification of the associated BYOD information risks to the organization: • • • • Handling of personally identifiable information (PII) Handling of high value organizational information Handling of other data impacted by regulatory compliance (healthcare data, credit card data) Risk assessment mitigation plans must be owned by the business and IT stakeholders and properly implemented 17
  • 19. MOBILE DEVICE MANAGEMENT • Mobile Device Management (MDM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises • MDM functionality typically includes over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, ruggedized mobile computers, mobile printers, mobile POS devices, etc. • By controlling and protecting the data and configuration settings for all mobile devices in the network, MDM can reduce support costs and business risks • The intent of MDM is to optimize the functionality and security of a mobile communications network while minimizing cost and downtime 19
  • 20. MOBILE DEVICE MANAGEMENT • Mobile Device Management software (MDM) can consist of four main components: • • • • Software management - Manage and support mobile applications, content and operating systems (configuration, updates, patches/fixes) Network service management - Gain information off of the device that captures location, usage, and cellular and WLAN network info (provisioning, usage, service, reporting) Hardware management - Provisioning and support (asset/inventory, activation) beyond basic asset management. Security management - Enforcement of standard device security, authentication and encryption (remote wipe, policy enforcement). 20
  • 25. 25
  • 26. ACTION POINTS TO OVERCOME SECURITY CONCERNS 26