The key to a secure BYOD-enabled enterprise

Implementing a BYOD program poses a number of security concerns, because if left unmanaged, it can impact your network availability and cause data loss. According to Gartner, more than half of all global employees participated in a BYOD program in 2013; those companies that have opened up their doors to allow corporate data access on any device will need the right network access strategies and data policies in place to secure their environment and proprietary content.

The key to a secure BYOD-enabled enterprise is having well-managed content repositories that are accessible but secure, but there are obviously a number of ways to go about this. Three key security areas to address to make your BYOD strategy secure are -

  • Data Sync and Storage: When data is in motion it’s at a higher risk of being hacked, no matter how strong the encryption levels are. Many public cloud solutions constantly sync content between all devices, putting sensitive corporate information at a higher risk for a breach. Work with a solution where data is not constantly synced between devices, users can use their mobile device to access the data where it lives, whether that’s an internal server, Microsoft SharePoint, Documentum or Windows File Shares. This means that data stays at rest more often, decreasing the opportunity for data to be leaked or breached. In this manner businesses can get the flexibility and productivity benefits of a BYOD program, without compromising security or losing control of data.
  • Access Permissions: A crucial element of implementing a BYOD policy is establishing how users can access your network from their mobile devices. Integration with LDAP or Active Directory into this process will ensure that only authorized employees are accessing data. For instance, just because a marketing employee can access the network from a mobile phone, doesn’t mean they should be able to open HR documentation – all established information access protocols need to be left in place, no matter the device. And speaking of opening documentation, once an employee does open a file on their mobile phone you need to be certain the file remains within a secure container, instead of being stored locally, which can cause data duplication and potential breaches.
  • Authentication Methods: Approving any number of new devices to access a network requires updated authentication methods. Whether this is done through a protocol like Kerberos or through password-authenticated key agreements is up to each individual enterprise. A triple-layer architecture where the web, app and data layers all have their own authentication tokens, dramatically decreases the risk of data loss, no matter how many devices are accessing the network.

kiteworks by Accellion addresses the three key security areas outlined above. To obtain more detail on how kiteworks mobile first design includes key innovations that set a new bar for mobile productivity contact  - jason.reid@mpa.co.nz

 

 

Latest Security Problems Solved

Privileged Password Management - Pitfalls to consider More >
SIEM matures, however landscape changes. More >
What Does It Take To Lower Your Mobile Cost Of Ownership? More >
2014: The Year Encryption Comes of Age More >
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >