Last updated: 16 May 2016
Bring Your Own Device (BYOD) is a growing movement in the global workplace and can certainly be a win-win situation for both the company and its employees. A comprehensive Cisco study revealed employees allowed to preform work activities using their own personal devices gain an average of 37 minutes of productive time per week and are generally more satisfied than non-BYOD employees. In addition, companies that implement BYOD policies reduce and avoid costs associated with technology upgrades.
While Bring Your Own Device continues to grow at a prolific rate, IT teams face the challenge of securing and enabling access to the enterprise ecosystem via a wide range of devices from different manufacturers. So how does corporate IT deal with the BYOD phenomenon while ensuring the security of corporate networks and data?
To support National Cyber Security Awareness Month (NCSAM), which is tackling this very issue this week, I thought I would provide my recommendations.
There are several methods which can be used in combination to create a layered security approach, but to achieve the highest security standards, IT departments should consider providing staff with a personal security device that is independent of the mobile phone. One-time password (OTP) hardware tokens increase the security of the login process by ensuring the person accessing the network has two factors of identity verification – a dynamic password and the OTP device. Digital identity certificates further raise the mobile security bar and enable other applications such as digital signature and e-mail and file encryption.
Many enterprises already have a corporate PKI badge solution in place, but are now faced with the challenge of how to use existing authenticators on new mobile devices, most which don’t have USB slots or embedded smart card readers. A wireless solution is one way to tackle this quandary. Bluetooth is a connectivity channel implemented across different endpoints, making it compatible with any mobile device. For example, Gemalto MobilePKI solutions provide either a Bluetooth-enabled badge holder or USB token. The user simply pairs the Bluetooth device with their mobile device. Once the devices are paired, the smart card will be recognized and processed, just as when the smart card is inserted into an internal reader on a laptop.
As enterprise mobility and BYOD continues to increase, corporate IT must adapt and find methods to bring these mobile devices into the fold of the corporate network. Too often, security standards are relaxed or ignored for mobile users because solutions are limited for many devices. With the alarming rise in enterprise breaches and hacking schemes, corporate IT can’t afford to disregard corporate security compliance. There are methods, such as Bluetooth-powered authentication, that can secure mobile devices while providing employees with the anywhere, any device access they want.
To learn more, check out our white paper, BYOD and Mobile Security. You can also visit www.staysafeonline.org/ncsam to learn about and support National Cyber Security Awareness Month, and connect with NCSAM on Twitter using #CyberAware.