Minimizing BYOD Risks

Wed, 05/29/2013 - 9:34am
Dale Gonzalez, Product Strategist, Dell SecureWorks

Businesses that allow their employees to use mobile devices need to be aware of their vulnerabilities and how they could infect the company network. If a company issues and follows good security policies for its desktops and laptops, both of those are likely to be more secure than any tablet or mobile phone because there are limited actions that can be taken to secure them.  Mobile phones are especially vulnerable because people download applications onto them, and most of those apps have not been vetted by security professionals. Many of the apps that are downloaded onto a phone can grab the users address book and other data most people don’t want to share. Even if employees use their mobile devices to connect to no server other than their company’s email system, if the phone has malware on it, it could spread to the network. However, with the right controls in place, there are ways employees can connect to their company email securely.

Secure mobile applications are available that allow safe connections to the company email server. Employees must download the application onto their mobile phones. Once the app is downloaded, employees can safely connect to the company email system. They just click on the application, and then input a password to connect to the company server. That allows them to see all their emails and to email other people using the company email system. That application system is sandboxed inside the mobile phone, so if the phone itself got infected, it would not infect the network because the only part of the device that connects to the company network is the secure sandboxed email application. But this type of application is only for company emails and does not provide protection for connecting to the company network other than the email system. For example, that application would not allow someone to safely connect to any company server other than the email server.

[Continue Reading...]


Share this Story

You may login with either your assigned username or your e-mail address.
The password field is case sensitive.