You are browsing the apps on your smartphone and you see one that catches your attention. It is from a trusted source, so you press Download App without a second thought. What you don’t realize is that this simple app could cause a security risk to your corporation. IT departments are beginning to realize the dangers caused by bring your own devices (BYOD), such as personal cell phones and tablets, and they need to have set security policies in place for these devices.

 

Mobile Device Management (MDM) applications can help impose password enforcement, remote locking and wiping, and app inventory control. It is also recommended that remote or BYOD users only access the corporate network using a virtual private network (VPN).


The National Institute of Standards and Technology recommends the following BYOD security measures for organizations:

  • Remotely wipe the device if it is lost or stolen
  • Require a password or other domain authentication
  • Have the device automatically lock after it is idle for a set amount of time
  • Restrict which applications can be installed through whitelisting
  • Restrict the use of synchronization services
  • Digitally sign applications
  • Distribute the organization’s applications from a dedicated mobile application store

 

Controlling accessible websites by having a blacklist and whitelist reduces the chances of a user going to a malicious site. A blacklist is a list of sites that users are prevented from accessing from or through the corporate network. Whitelisting can be used to restrict which applications can be installed on corporate devices or devices that use the corporate network.