Byod security

•

0 likes•84 views

Key Points To Be Discussed : Introduction Inscope items Statistics on BYOD issues worldwide Why we need to think about protection Used Cases before going to create a Playbook [Open to all for discussion continued on Key Takeaways] Key Takeaways: Inscope items, Important concerns, & Solutions sharing Speaker - J. Gokulavan Designation: Senior Manager Compliance

Technology

Agenda Style
BYOD An Overview, List; Concerns; Why Protect;
Consideration & Issue List
Information01
Collective Creation
PlayBook02

BYOD An Overview
Bring Your Own Device (BYOD) as a trend is catching at enterprises of
all sizes. The Small to Medium Business (SMB) finds this a cheap
solution in spends incurred on Asset renting/purchasing.
BYOD policies of even a formal BYOD initiative may seem overkill for
an SMB. If an employee's personal device is accessing your corporate
network and being used to conduct corporate business on a regular
basis, then your SMB needs at least a basic BYOD framework that
covers device security, network security, and related policies.

What Qualifies under BYOD
Any device and associated devices that connects with companies
network, client network or associated networks for business reasons.
Laptop
iPad/Tabs
Mobile Phones
Storage Devices
Network Connectivity Devices
Smart Watches
IoT connected to BYOD

Concerns about BYOD security
Exit
Employees leaving company
with insider knowledge47%
Theft/Loss
Theft or Loss of devices.
Include servicing of devices
also
44%
Data
Unauthorized data distribution
42%
Control
Lack of control over devices
42%
Compliance
Impact on compliance, legal,
contractual, security.40%

Why do we need protection?
• Out of 70 Million Devices Stolen only 7% recovered
• 15% of employees have accessed sensitive data from
non-work-sanctioned areas
• 54% of organizations don’t include BYOD in Backup Plan
• 65% of companies cannot wipe devices remotely
• 76% of companies do not encrypt mobile devices
ITAAS

Things to be considered
11 Clear instructions on what kind of devices are allowed and
disallowed; what configuration & what apps are allowed and
disallowed.
Specify the devices & apps allowed and disallowed
3 A clear service policy for devices under BYOD criteria. Also,
integrate the BYOD policy with already available policies as
required.
BYOD Service Policy & Integration
2 Establish a strict security policy for all the devices that enter the
premises, physically, logically and directly to client systems.
Specify Security Policy for BYOD
4 Special attention on what happens during service, device thefts &
employee exit.
Service, Theft & Exit Strategy

Issue List
• User X using her personal laptop directly logged in to client VPN.
Client security found User X system infected with virus and
reported to company.
• User Y using his BYOD took all the codes and transmitted
through Bluetooth/WiFI to his another device.
• User A dealing with sensitive data had lost his device during
transit at an airport. And the device was not encrypted.
• User B sharing her personal laptop with kids ended up seeing all
the company files stored were deleted from network.
Points to Ponder

In Scope
• Organization
• Employee
• Clients
• Transmission devices & service providers
• Devices used for official work
• Travel
• Vendors/Contractors

Important Concerns
• Exit of employee with data
• Theft/data loss
• Control of the employee and device
• Compliance (Legal, Statutory, Contractual)
• Sensitive information getting exposed due to usage in public place
• Applications and Social media access beyond control
• Poor mobile management
• Log monitoring
• Geographical based access issues
• Patch management and AV updates
• Encryption & Security protocols

Solutions
• BYOD Policy to be defined and implemented
• Awareness broadcast [scheduled]
• MDM should be in place
• Use SSO Services OKTA
• VDI [Virtual Desktop Infrastructure]
• CISCO Identify Services Engine (ISE)
• Microsoft Intune
• Mobileiron
• Scalefusion
• ManageEngine - Desktop Central

Today, most companies tell their employees that it's okay to bring their own devices to work. However, while there are many benefits to your company that go hand-in-hand with this policy, when you allow employees to BYOD (Bring Your Own Device), you are also allowing them to bring in a host of challenges for your IT department, your security, and your budget. In this powerpoint, we explore the pros and cons of BYOD and discuss the development of a BYOD policy that makes sense for your business.

BYOD (Bring Your Own Device)

Michael W. Chitwa

BYOD is an acronym that stands for bring your own device. It has been defined as an IT policy that facilitates for employees to utilize their personal mobile devices such as smart phones and tablets at work (Singh, 2012). Bring your own device can be viewed as a policy because any organization planning to adopt it needs to specify rules and regulations for the introduction and use of personal mobile devices at the workplace. It can also be defined as an emerging trend that involves employees carrying their personal mobile devices to work for usage and connectivity to an enterprise network (Ravindra & Sadana, 2013). A trend can be defined as a novel (new) and fashionable way of doing something. In this context, a bring your own device trend can be viewed as a new cost effective and convenient way or method used by organizations to enable employees access the company infrastructure.

Bring your own device

C/D/H Technology Consultants

The trend towards personally owned devices in the workplace is on the rise, requiring IT organizations to address this concept with flexibility, yet without compromising security and regulatory requirements. Download the slide deck as C/D/H discusses: ■Why the move to personal devices? ■How and what technologies are involved? ■Advantages and disadvantages of personal devices ■Managing personal devices ■Four different corporate policies ■What’s next For more information about C/D/H, contact us at (616) 776-1600 or (248) 546-1800.

Bring Your Own Device (BYOD)

Murray Security Services

Byod

Asifulla Azad

As the Internet of Things is deployed across a wide range of industrial, consumer, and business environments, of special interest and concern is the need to implement IoT solutions with careful attention to security. While many of the challenges in IoT security are similar to the challenges of securing information technology (IT) computing environments, there are special considerations due to the scale, operating conditions, system capabilities, and wide range of device types which are used in IoT solutions. Further, these systems, by connecting the electronic and physical worlds, must address both operations technology (OT) security and information technology (IT) security. In this session we will discuss the existing and emerging capabilities from IBM which we are both building into our IoT platform as well as the solutions built on top of that platform. Security features address the full spectrum of designing, building, deploying, and operating IoT solutions and are being built to enable a risk-based approach to applying these security capabilities. Both well-established and new technologies such as blockchain-based collaboration are part of these security capabilities. We consider device, network, application, and user security, with consideration for confidentiality, integrity, and availability of the systems and information. Considerations for safety and privacy also factor into the capabilities which IBM is building to secure IoT environments.

Webinar Express: Securing BYOD without MDM

Bitglass

Protecting Your Business from Unauthorized IBM i Access

Precisely

Understanding and controlling all the points of access to IBM i systems IBM i is securable BUT not secured by default. To comply with increasingly strict IT security regulations, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing risks and taking control of logon security, powerful authorities, and system access. With the right tools and process, you can ensure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise on your IBM i systems. View this webcast on-demand to learn: • How to secure network access and communication port • How to implement different authentication options and tradeoffs • How to limit the number of privileged user accounts • How Syncsort’s security solutions can help

Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses

AugmentedWorldExpo

While companies have made significant strides with mobile device security software on smart phones and tablets, the wearables category is a different story. Personal data, customer data, and sensitive corporate information is at risk with data leaks exposed at multiple end points. There are a number of factors contributing to this situation that we will look at in this presentation as well as best practices to address them. The miniaturization of sensors and cameras and unprecedented connectivity have created a scenario where data can be captured and stored very easily, and at times unwittingly, by users. Lack of policies and careless use of enterprise wearables can be more of a security risk than cyber criminals. The trend of this problem will likely get worse, market forecasts show that IoT devices and wearables will surpass volumes of mobile devices over the next few years. The great promise and benefits of these devices coupled with privacy and security concerns make this technology a double edge sword. Augmented World Expo (AWE) is back for its seventh year in our largest conference and expo featuring technologies giving us superpowers: augmented reality (AR), virtual reality (VR) and wearable tech. Join over 4,000 attendees from all over the world including a mix of CEOs, CTOs, designers, developers, creative agencies, futurists, analysts, investors, and top press in a fantastic opportunity to learn, inspire, partner, and experience first hand the most exciting industry of our times. See more at http://AugmentedWorldExpo.com

Internet of things

varungoyal98

CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps

CloudIDSummit

David McNeely, Director of Product Management, Centrify When it comes to identity, thinking outside of the box benefits both end users and IT organizations alike. IDaaS allows enterprises to make identity a transparent and ubiquitous part of their cloud and mobile applications, securely. Whether you’re developing application services, in-house mobile apps or taking advantage of existing SaaS apps, gain insight into integrating and managing mobile user access with your existing Identity Services, all while ensuring consistency in authentication, authorization, security policy and compliance. Attend this session and learn how to establish one single login for users and one unified identity infrastructure for IT.

Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...

Information Security Awareness Group

IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...

CableLabs

As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry? Gerald Faulhaber Professor Emeritus, Business Economics & Public Policy, Wharton School https://www.cablelabs.com/informed/

Achieving Secure BYOD in Government Agencies

Proofpoint

BYOD is creating challenges for government agencies globally. Providing a robust mobile file sharing solution is necessary for government agencies implementing BYOD programs and taking advantage of cloud computing technologies. During this webinar, learn how agencies can: -Improve collaboration with secure online file sharing -Achieve FIPS 140-2 compliance -Enable secure mobile productivity -Mobilize content management systems -Maximize ROI with cloud computing

Outpost24 webinar - preventing wireless attacks with device visibility and t...

Outpost24

BYOD / Mobile-Device Security Guidelines for CxO's

Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)

Internet & iot security

Usman Anjum

Innovative software solutions for industry 4.0 (English+Mandarin)

Ishay Tentser

Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...

team-WIBU

An attack to an Industrial Internet of Things (IIoT) system typically starts with an attack on one or more endpoints. As defined by the Industrial Internet Consortium (IIC), an endpoint is a component that has an interface for network communication and it can be of various types, including a device endpoint or an endpoint that provides cloud connectivity. Endpoints are the only place in an IIoT system where execution code is stored, started and updated and data is stored, modified or applied. In many cases, an attacker will, therefore, try to access the execution code and attack the weakest point in the devices’ security implementation, then modify or replace the execution code with malicious intent. The IIC has recently presented an endpoint protection/security model and policy in its Industry Internet Security Framework (IISF) document. The technical report is an in-depth cross-industry-focused security framework reflecting thousands of hours of knowledge and experiences from security experts, collected, researched and evaluated for the benefit of all IIoT system deployments.

Cybersecurity in the Era of IoT

Amy Daly

Watch this previously recorded webinar event with special guest Karthik Sundaram of Frost & Sullivan as he expands on his recently published research, “Cybersecurity in the Era of Industrial IoT". Leveraging insights from actual use cases, new policy initiatives, and available solutions, the research explores cybersecurity approaches, including a deep dive into the concept of “defense-in-depth” and its implications for a converged IT-OT environment in the future.

Security For Business: Are You And Your Customers Safe

woodsy01

needforsecurityDavid Joao Vieira Carvalho

Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...

Dr Dev Kambhampati

Wp byod

Byod+ +bring+your+own+device

What's hot

Business Case Of Bring Your Own Device[ BYOD]

Md Yousup Faruqu

Mobile security blunders and what you can do about them

Ben Rothke

Securing your IoT Implementations

TechWell

Webinar Express: Securing BYOD without MDM

Bitglass

Protecting Your Business from Unauthorized IBM i Access

Precisely

Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses

AugmentedWorldExpo

Internet of things

varungoyal98

CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps

CloudIDSummit

Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...

Information Security Awareness Group

IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...

CableLabs

Achieving Secure BYOD in Government Agencies

Proofpoint

Outpost24 webinar - preventing wireless attacks with device visibility and t...

Outpost24

BYOD / Mobile-Device Security Guidelines for CxO's

Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)

Internet & iot security

Usman Anjum

Innovative software solutions for industry 4.0 (English+Mandarin)

Ishay Tentser

Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...

team-WIBU

Cybersecurity in the Era of IoT

Amy Daly

Security For Business: Are You And Your Customers Safe

woodsy01

needforsecurityDavid Joao Vieira Carvalho

Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...

Dr Dev Kambhampati

What's hot (20)

Business Case Of Bring Your Own Device[ BYOD]

Mobile security blunders and what you can do about them

Securing your IoT Implementations

Webinar Express: Securing BYOD without MDM

Protecting Your Business from Unauthorized IBM i Access

Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses

Internet of things

CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps

Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...

IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...

Achieving Secure BYOD in Government Agencies

Outpost24 webinar - preventing wireless attacks with device visibility and t...

BYOD / Mobile-Device Security Guidelines for CxO's

Internet & iot security

Innovative software solutions for industry 4.0 (English+Mandarin)

Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...

Cybersecurity in the Era of IoT

Security For Business: Are You And Your Customers Safe

needforsecurity

Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...

Similar to Byod security

Wp byod

Byod+ +bring+your+own+device

BYOD Security

Hexnode

The Accidental Cloud: Privacy and Security Issues in a BYOD Worldmkeane

PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)

Pace IT at Edmonds Community College

Implementing Enterprise Wireless Security Policy in the BYOD Era

Kappa Data

BYOD opens your network to new risks and vulnerabilities. Tools to understand what is happening in your network, combined with the necessary actions to prevent misuse become a real MUST HAVE. Kappa Data is proud to announce its cooperation with Airtight Networks, one of Juniper Networks Technology Partners, today one of the only companies in the world that can definitively stop unapproved smartphones and tablets bypassing your security.

Exemplo de política BYOD

Fernando Palma

Security Testing for IoT Systems

Security Innovation

IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.

Smarter Commerce Summit - IBM MobileFirst Services

Chris Pepin

Leveraging byod

ManageEngine

Ten Commandments of BYODK Singh

IoT Security: Debunking the "We Aren't THAT Connected" Myth

Security Innovation

In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise. As organizations migrate from a primarily offline to online business model, they are failing to consider IoT’s unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks. This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their “harmless” IoT device and what the stealth risk to their organization and consumers is. Topics covered include: - IoT security – why it’s so different….and tough - The IoT ecosystem and attack surface - Managing liability - IoT risks to consumers and vendors - Auditing IoT software development

BYOD - What Every CFO Needs To Know

Kirill Bensonoff

08 pdf show-239

#TheFraudTube

BYOD- A Productivity CatalystPacket One

BYOD: Six Essentials for Success

DMIMarketing

Exploring byod approaches for mobile learning

Debbie Richards

Bring-your-own-device (BYOD) has emerged as a cost-effective solution, allowing organizations to adopt an mLearning approach without having to provide the devices. What are the concerns of BYOD, and how can you address them? What are the opportunities for BYOD? What are the key elements to consider when deploying mobile learning for a BYOD environment? BYOD offers employees and corporations countless business benefits, from increased efficiency to controlled costs on provisioning a mobile workforce. This session will review the concerns and opportunities for BYOD in mobile learning. You will learn about BYOD policies, view examples, and learn about the importance of working with your IT department to ensure a successful BYOD mLearning program. You will also explore key elements to consider when deploying mobile learning for a BYOD environment. And finally, you will learn about BYOD mobile learning policies and how to implement them.

Preparing for Mobile Device Management & Bring your Own Device

Waterstons Ltd

Smart phones and tablets are invading the business environment at top speed, with “bring your own device” (BYOD) providing a number of benefits for organisations across all sectors. With the right implementation, and ongoing secure support, performance through technology can be achieved in areas such as employee satisfaction, cost reduction, team work and collaboration and productivity. Charlie Hales and Nigel Robson cover the important considerations a business should make before implementing an MDM/BYOD strategy, and will consider the ongoing implications of allowing corporate data to be accessed on personal devices ensuring the maximum benefit to businesses, customers and the end users.

Ravi i ot-security

skumartarget

Mobile Device Policy Template

Demand Metric

Similar to Byod security (20)

Wp byod

Byod+ +bring+your+own+device

BYOD Security

The Accidental Cloud: Privacy and Security Issues in a BYOD World

PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)

Implementing Enterprise Wireless Security Policy in the BYOD Era

Exemplo de política BYOD

Security Testing for IoT Systems

Smarter Commerce Summit - IBM MobileFirst Services

Leveraging byod

Ten Commandments of BYOD

IoT Security: Debunking the "We Aren't THAT Connected" Myth

BYOD - What Every CFO Needs To Know

08 pdf show-239

BYOD- A Productivity Catalyst

BYOD: Six Essentials for Success

Exploring byod approaches for mobile learning

Preparing for Mobile Device Management & Bring your Own Device

Ravi i ot-security

Mobile Device Policy Template

Recently uploaded

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Bits & Pixels using AI for Good.........

Alison B. Lowndes

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Recently uploaded (20)

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Mission to Decommission: Importance of Decommissioning Products to Increase E...

FIDO Alliance Osaka Seminar: Overview.pdf

Accelerate your Kubernetes clusters with Varnish Caching

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

UiPath Test Automation using UiPath Test Suite series, part 3

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Neuro-symbolic is not enough, we need neuro-*semantic*

Bits & Pixels using AI for Good.........

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

ODC, Data Fabric and Architecture User Group

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

When stars align: studies in data quality, knowledge graphs, and machine lear...

Epistemic Interaction - tuning interfaces to provide information for AI support

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

The Art of the Pitch: WordPress Relationships and Sales

Byod security

1. BYOD Security Info & PlayBook

2. Agenda Style BYOD An Overview, List; Concerns; Why Protect; Consideration & Issue List Information01 Collective Creation PlayBook02

3. Information BYOD Security

4. BYOD An Overview Bring Your Own Device (BYOD) as a trend is catching at enterprises of all sizes. The Small to Medium Business (SMB) finds this a cheap solution in spends incurred on Asset renting/purchasing. BYOD policies of even a formal BYOD initiative may seem overkill for an SMB. If an employee's personal device is accessing your corporate network and being used to conduct corporate business on a regular basis, then your SMB needs at least a basic BYOD framework that covers device security, network security, and related policies.

5. What Qualifies under BYOD Any device and associated devices that connects with companies network, client network or associated networks for business reasons. Laptop iPad/Tabs Mobile Phones Storage Devices Network Connectivity Devices Smart Watches IoT connected to BYOD

6. Concerns about BYOD security Exit Employees leaving company with insider knowledge47% Theft/Loss Theft or Loss of devices. Include servicing of devices also 44% Data Unauthorized data distribution 42% Control Lack of control over devices 42% Compliance Impact on compliance, legal, contractual, security.40%

7. Why do we need protection? • Out of 70 Million Devices Stolen only 7% recovered • 15% of employees have accessed sensitive data from non-work-sanctioned areas • 54% of organizations don’t include BYOD in Backup Plan • 65% of companies cannot wipe devices remotely • 76% of companies do not encrypt mobile devices ITAAS

8. Things to be considered 11 Clear instructions on what kind of devices are allowed and disallowed; what configuration & what apps are allowed and disallowed. Specify the devices & apps allowed and disallowed 3 A clear service policy for devices under BYOD criteria. Also, integrate the BYOD policy with already available policies as required. BYOD Service Policy & Integration 2 Establish a strict security policy for all the devices that enter the premises, physically, logically and directly to client systems. Specify Security Policy for BYOD 4 Special attention on what happens during service, device thefts & employee exit. Service, Theft & Exit Strategy

9. Issue List • User X using her personal laptop directly logged in to client VPN. Client security found User X system infected with virus and reported to company. • User Y using his BYOD took all the codes and transmitted through Bluetooth/WiFI to his another device. • User A dealing with sensitive data had lost his device during transit at an airport. And the device was not encrypted. • User B sharing her personal laptop with kids ended up seeing all the company files stored were deleted from network. Points to Ponder

10. PlayBook Collective Creation

11. In Scope • Organization • Employee • Clients • Transmission devices & service providers • Devices used for official work • Travel • Vendors/Contractors

12. Important Concerns • Exit of employee with data • Theft/data loss • Control of the employee and device • Compliance (Legal, Statutory, Contractual) • Sensitive information getting exposed due to usage in public place • Applications and Social media access beyond control • Poor mobile management • Log monitoring • Geographical based access issues • Patch management and AV updates • Encryption & Security protocols

13. Solutions • BYOD Policy to be defined and implemented • Awareness broadcast [scheduled] • MDM should be in place • Use SSO Services OKTA • VDI [Virtual Desktop Infrastructure] • CISCO Identify Services Engine (ISE) • Microsoft Intune • Mobileiron • Scalefusion • ManageEngine - Desktop Central

14. Thank YouFrom CISO Team

Byod security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Byod security

Similar to Byod security (20)

Recently uploaded

Recently uploaded (20)

Byod security