With the proliferation of mobile devices, (tablets, smartphones, thumb drives, etc.) Bring Your Own Device (BYOD) has become a major concern for many organizations. Beyond accounting for company approved devices, Infosec Professionals also have to deal with many personal devices being connected to their networks.
A recent article posted on Dark Reading outlines these concerns, stating that "Organizations are concerned about the dangers posed by unauthorized mobile devices, according to a study published last week, but many aren't sure what's being done about it."
This illustrates a disconnect between IT departments and management and, more importantly, a lack of strong policy in regard to BYOD.
Organizations and their IT staff should incorporate BYOD into their overall security policy and should put an emphasis on communication and training.
Once a policy has been set, the next step is enforcing the policy. Using Data Loss Prevention (DLP) or Endpoint Security applications provide a strong foundation for managing which devices are authorized to access the network and can add a measure of security. In addition, mandate that any devices accessing company data should be secured at some level, preferably through encryption.
The popularity of smart phones and tablets is only increasing. A recent report from technology research company Gartner shows "sales of tablet computers are on pace to reach 63.6 million units" and "would be up over 250 percent from 2010".
With no signs of slowing down, BYOD is an issue that needs to be addressed by organizations sooner rather than later.
For the full Dark Reading article, click here.