System Security

Making your business safe and efficient whilst harnessing BYOD

LAST EDITED:
PUBLISHED:
28/7/2023

As more and more employees use their own devices for work purposes, it's crucial for companies to develop effective policies and procedures to manage the risks associated with Bring Your Own Device (BYOD).

As more and more employees use their own devices for work purposes, it's crucial for companies to develop effective policies and procedures to manage the risks associated with Bring Your Own Device (BYOD). This term can refer to the policy itself or is used to paraphrase the concept, eg. a smartphone is a BYOD device.

Checklist

We know that managing devices can be daunting, so our cyber security experts have put together a quick and easy to follow checklist to help you get started on Mobile Device Management (MDM) right now!

Install commercial MDM software

  • We strongly suggest you invest in the software if your company is more than 20% BYOD. With an MDM, your IT Security can specify a set of minimum requirements for each phone, computer, or server in a profile. Those profiles get automatically pushed and applied to devices in your network. Any violation of the policy, say lack of local firewall or VPN, will “fail” the profile and drop that device’s access to your sensitive applications. 

Develop a clear BYOD policy

  • Define when, how, and why employees can use their own devices for work purposes and what is restricted.

Require multi-factor authentication

  • Enable and enforce multi-factor authentication for all accounts and applications that users can log into from their personal devices.

Enforce password policies

  • Implement strong password policies and regularly change passwords. Length trumps complexity!

Encrypt sensitive data

  • Encrypt all sensitive data stored on employees' devices. Depending on the OS type, opt for full disk encryption (eg. Filevault and Bitlocker).

Provide security training

  • Attending regular security awareness training educates employees on best practices and their impact on the business.

Regularly update software and systems

  • Regularly update all devices with the latest security patches and software versions.

Remote wipe capability

  • Implement the ability to erase all data from a lost or stolen device.

Monitor network access

  • Configure logging across all network access, flag or stop suspicious activity with IP blacklisting, and limit BYOD-based access to only necessary personnel.

Regularly evaluate the BYOD policy

  • Review the policy and make updates as necessary to ensure its effectiveness.  

By following these steps, companies can manage BYOD in an optimal manner, reducing the risk of security breaches and unauthorised access to sensitive information. It is important to regularly review and update these policies to ensure that they remain effective in protecting against potential security threats.

System Security
Checklist
Intermediate

Related articles

System Security

Making your business safe and efficient whilst harnessing COPE

By following these steps, companies can manage COPE devices in a secure manner, reducing the risk of security breaches and unauthorised access to sensitive information. It is important to regularly review and update these policies to ensure that they remain effective in protecting against potential security threats.

System Security

Strengthen remote access security

Sharing your RDP credentials with a third-party is like giving a complete stranger the keys to the front door of your house. Without proper credential management, you might be leaving copies of your keys out for anyone to use.

News

Karma ransomware rapid evolution

Karma ransomware has been observed targeting various organisations across several sectors with no specific industry targets. Each of the eight concurrent versions of the ransomware seems to be improving and rapidly evolving to stay up to date with the latest ransomware techniques. This pace of evolution suggests that the developer, ‘Eugene’, is highly skilled and chooses victims carefully to target the most vulnerable.

View all

Sign Up to Our Newsletter

Our weekly Asia Cyber Summary is a snappy, non-technical overview of regional cybersecurity news that helps you stay informed. Test it today, you can always unsubscribe. 

Let’s talk
System Security
Intermediate