1 / 10

Emerging Topic: BYOD

Emerging Topic: BYOD. By: Jeff Altomare. Background. BYOD or Bring your own device is a current trend within the business world . Ex. Mobile phone, tablet, laptop BYOD is when employees bring their own devices that they are comfortable with to their work place to work on

olaf
Download Presentation

Emerging Topic: BYOD

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Emerging Topic:BYOD By: Jeff Altomare

  2. Background • BYOD or Bring your own device is a current trend within the business world. • Ex. Mobile phone, tablet, laptop • BYOD is when employees bring their own devices that they are comfortable with to their work place to work on • Instead of the company providing the device for you

  3. Statistics on BYOD • The use of BYOD within organizations that employees were surveyed from: • Yes- 68% • No- 37% • Don’t know- 2%

  4. Reasons for allowing BYOD • Mobility • Productivity • Familiarity • Reduction in costs of supplying electronic equipment

  5. Reasons for not allowing BYOD • Threats and Vulnerabilities • Physical Security • Management ofdevices on network • Disparate Operating systems and hardware

  6. Limits on types of devices • Risk- All employees utilize different types of devices and OS on their devices • Control • Preventative- Set requirements of the types of devices that are allowed within the organization • I.E- OS, Storage, Processor • Residual Risk- If parameters for device are followed there should be little residual risk.

  7. Security of Device • Risk- Lost or stolen device can lead to breach of data from the person who acquires the device. • Control • Preventative- have a password to safeguard the asset, additionally change the default username and password • Corrective- Have the ability to wipe data from device remotely • Residual Risk- zero residual risk would exist due to the data being wiped from the device

  8. Security of Device (cont.) • Risk- Anti-virus on device is not up to date leading to a breach of company data • Controls • Preventative- encrypt data on the device so PII is not easily identifiable • Preventative- updating of anti-virus • Residual Risk would be medium because new viruses are released daily

  9. Installation of insecure applications • Risk- employee downloads insecure application on to device that contains malware or any other malicious bots. • Control • Preventative- Make list of acceptable applications that are allowed on devices that will be used on the corporate network • Detective- Monitoring the use of the device to detect misuse or malware • Corrective- Revoke access of personal devices for employees • Residual Risk would be low due to the fact that it eventually leads to revocation

  10. Disgruntled employee • Risk- employee could use phone number adversely by keeping the number that he used to talk with clients and take them from organization and using corporate data. • Control • Preventative- enter into agreement that number will be owned by company throughout duration of employment • Corrective- ability to remotely wipe all corporate data from the device. • There would be little residual risk if controls worked as designed

More Related