255
Quick Start 15:
BYOD Security Tips
It is becoming clear that allowing workers to use their smart devices
for work-related activities is reaping positive benets for those com-
panies who have said yes to BYOD. ey have denitely been seeing
a strong uptick in worker satisfaction (not to mention saving dollars
by not having to purchase corporate-issued devices). But it can’t be
entered into willy-nilly. For those companies ill-prepared there is a
very strong negative: e fortress for your data security could easily
be breached. What follows are methods for securing against mobile
malware and other risks.
PROCEDURES/ISSUES/POLICIES
1. e security option exists, but how many users really password
protect their devices—making them unusable until they enter
the password or pin? Your BYOD policy has to strongly state and
enforce this if the device is being used to access and work with
corporate data. A password or pin has to be created and used rou-
tinely. is is step that will protect your data if the device is lost
or stolen.
2. ere should be put into eect a set time that the device will lock and
users will have to re-enter pin or password to gain reentry.
3. Keeping it simple is never a good idea when it comes to passwords.
Your policy should state that all passwords must contain both letters
and numbers.
4. As security products exist that allow companies to remotely wipe
lost or stolen devices, users must agree to this option if you allow
them to use their device for work.
256 • Bring Your Own Devices (BYOD) Survival Guide
5. Also available is technology that will allow companies to remotely
disable work accounts from users who leave or are red from your
rm. is must be included in your BYOD policy.
6. If a device is rooted or jailbroken, immediate suspension of rights to
access to corporate networks and data should be enacted.
7. If a phone has third-party apps, its owners’ ready and free access
to your corporate network and data should be immediately
denied. It’s these type of apps that have been known to give IT a
security migraine.
8. Employees should be prompted to create new passwords every 90
days.
BIBLIOGRAPHY
Burt, J. (2012, June 8). BYOD security: 8 steps enterprises can take to limit risks to company
data. eWeek. Retrieved from http://www.eweek.com/c/a/Security/BYOD-Security-8
-Steps-Enterprises-Can-Take-to-Limit-Risks-to-Company-Data-608974/.

Get Bring Your Own Devices (BYOD) Survival Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.