Mobile Security in the BYOD

I presented at the AccessData User Conference this year about mobile security and spoke about the BYOD or Bring Your Own Device phenomenon in today’s corporate world. At that time, BYOD was taken by my audience as “he misspelled BYOB”. No, I did not forget my own beverage, further more this term had only been located in a handful of articles during my research for the event at ADUC. Since; BYOD talk has gone viral ; for good reason.

Bring Your Own Device really has manifested into today’s working environment at an alarming rate. This is evinced in the many companies I consult with; the principal factor: cost. It is simply cheaper to allow an employee to bring their own device. In essence, this allows the company the freedom to grant the employee the choice of bringing their own device to work; attach to the corporate network and (steal) stay “connected” and productive while mobile. Fantastic concept when you look at the money saved for cellular contracts, equipment and employee data overages. Ludicrous idea when you think of the litigation expenses, liability and governing of a device not owned or controlled by the company.

This BYOD is not something that will be removed from the corporate scene, but there should be a movement on how to mitigate exposure. Some suggestions:

1. Create a policy outlining usage of a BYOD on the corporate network – This should outline the governing agencies access to the device
2. Forensic staff to respond to possible data breach armed with proper software and training with mobile devices.
3. Mobile Data Monitoring software
4. Consult with a security company
5. Look to purchasing devices maintained by your internal IT group.

The BYOD issues will continue to grow as the “connected” workforce grows. Statistically, the number of data loss events seen in the US involving a mobile device outnumber the events that do not. Due to data speeds, device storage and device capabilities continual growth the number might grow gradually but the data loss volume will increase exponentially.

The technology is here to stay and will forever be in our offices, our companies and societies streets. It is now up to the organizations to prepare themselves for a response to a data loss event.

About Lee Reiber

Pioneering mobile device forensic examiner, consultant and trainer, software development innovator and former LE officer with the Boise Police Department
This entry was posted in Information and tagged , , , , , , . Bookmark the permalink.

Leave a Reply