Welcome!

Wireless Authors: Yeshim Deniz, Pat Romanski, Bob Gourley, Elizabeth White, Liz McMillan

Related Topics: Cloud Expo, Wireless, Web 2.0

Cloud Expo: Article

Popularity of BYOD Highlights Need for Mobile Cloud Security

Cloud Security Alliance hones mobile device management

The explosion of mobile devices in recent times has forced enterprises to tackle security issues as more employees are taking to accessing privileged company resources such as email, file servers and databases with their personal phones and tablets. An earlier report by research firm Gartner indicated that the security concern is increasing with this rapid proliferation with 90% of enterprises having already deployed mobile devices, mainly smart phones and with 86% of enterprises surveyed planning to deploy media tablets this year. These devices are now mature enough to replace many of the roles played by laptops or even traditional workstations. Considering the popularity of personal use tablets and the increasing time that employees spend on these units, it makes sense for enterprises to integrate them under a centralized IT network to save employee time and company resources.

Cloud Security Alliance which advocates practices for providing security in cloud computing has released a report identifying steps that companies need to take before they deploy a “Bring your own Device” (BYOD) policy. The 17 key elements for mobile BYOD security management fall under one of three major categories: software and hardware, inventory and security. They include Policy, Risk Management, Device Diversity/Degree of Freedom, Configuration Management, Software Distribution, Enterprise AppStore, Content Library, Procurement, Provisioning, Device Policy Compliance and Enforcement, Enterprise Activation/Deactivation,  Enterprise Asset Disposition, Process Automation, User Activity Logging/Workplace Monitoring, Security Settings, Selective Wipe/Remote Wipe/Lock and  Identity Management/Authentication/Encryption.

At the core of mobile device management is of course an identity management system armed with secure protocols with authentication which allows employees who have been given prior access to use their device for enterprise applications and content with just a single sign-on. CSA also suggests that IT departments include a system-centric functionality to secure and manage data and applications, as well as information-centric functionality such as the delivery of the enterprise application store or content library. While different companies will have different security needs and tolerance levels based on the type of business, the report provides implementation measures as well as potentials risks along with a ‘Must Have’ or ‘Optional” rating to help organizations better prioritize their security efforts. To read the full report, visit https://cloudsecurityalliance.org/research/mobile/#_resources.

More Stories By Lavenya Dilip

Lavenya Dilip was responsible for Marketing at Green Rack Systems.