System Security

Making your business safe and efficient whilst harnessing COCE

LAST EDITED:
PUBLISHED:
29/7/2023

By following these steps, companies can ensure the secure use of corporate-owned, corporate-enabled (COCE) devices for work purposes only, reducing the risk of security breaches and unauthorized access to sensitive information. It is important to regularly review and update these policies to ensure that they remain effective in protecting against potential security threats.

COCE stands for "Corporate-Owned, Corporate-Enabled" devices. COCE refers to a policy where an organisation provides employees with corporate-owned devices (e.g. laptops, smartphones, etc.) that are only to be used for work purposes. The organisation has full control over the device and is responsible for maintaining its security and privacy.

COCE devices are not meant to be used for personal purposes, and the organisation may have strict security measures in place to prevent it. This policy is often used to ensure that sensitive corporate information remains secure and that employees are only using company-provided devices for work purposes.

Checklist

We know that managing devices can be daunting, so our cyber security experts have put together a quick and easy to follow checklist to help you get started on Mobile Device Management (MDM) right now!

Develop a clear COCE policy

  • Define the guidelines and restrictions for the use of corporate-owned devices for work purposes only.

Require multi-factor authentication

  • Enable multi-factor authentication for all systems and accounts to enhance security.

Enforce password policies

  • Implement strong password policies and regularly change passwords.

Install mobile device management software

  • Use MDM software to monitor and manage the security of corporate-owned devices.

Encrypt sensitive data

  • Encrypt all sensitive data stored on corporate-owned devices.

Provide security training

  • Provide regular security awareness training for employees to educate them on security best practices.

Regularly update software and systems

  • Regularly update all devices with the latest security patches and software versions.

Remote wipe capability

  • Implement the ability to erase all data from a lost or stolen device.

Monitor network access

  • Monitor network access and limit it to only necessary personnel.

Restrict jailbreak/rooting

  • Implement security measures to prevent jailbreaking or rooting of corporate-owned devices.

Regularly evaluate the COCE policy

  • Regularly evaluate the COCE policy and make updates as necessary to ensure its effectiveness.

By following these steps, companies can ensure the secure use of corporate-owned, corporate-enabled (COCE) devices for work purposes only, reducing the risk of security breaches and unauthorized access to sensitive information. It is important to regularly review and update these policies to ensure that they remain effective in protecting against potential security threats.

System Security
Checklist
Intermediate

Related articles

News

How Blackpanda deploys darknet scanning in incident response

Asia’s premiere incident response company Blackpanda and top US darknet intelligence company, DarkOwl are pleased to announce a partnership that will provide Blackpanda’s clients with expanded protection and detection of cyber risk.

Exposed Services

Strengthen your business security with multi-factor authentication

By following this checklist and implementing Multi-Factor Authentication correctly, you significantly enhance your cyber security posture and reduce the risk of unauthorised access and data breaches.

Web Security

Cookie settings: Cross-Origin-Resource-Policy

The Cross-Origin-Resource-Policy (CORP) header is important for web security as it helps prevent Cross-Site Request Forgery (CSRF) attacks by controlling access to resources across different domains. By setting the cookie property in the CORP header to "same-site", "strict", or "none", you can control whether cookies can be sent in cross-origin requests, and if so, under what conditions. This can help prevent attackers from using malicious websites to steal user credentials or perform other unauthorised actions.

View all

Sign Up to Our Newsletter

Our weekly Asia Cyber Summary is a snappy, non-technical overview of regional cybersecurity news that helps you stay informed. Test it today, you can always unsubscribe. 

Let’s talk
System Security
Intermediate