Dell’s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations:
—Tips for deploying or expanding BYOD programs while remaining compliant
—Recommendations for securing and controlling access to devices, data and networks
—Guidance for deploying solutions designed to help ease BYOD management and compliance
2. www.utgsolutions.com
@utgsolutions 678.730.0345
Inside
ü Tips for deploying or expanding BYOD
programs while remaining compliant
ü Recommendations for securing and controlling
access to devices, data and networks
ü Guidance for deploying solutions designed to
help ease BYOD management and compliance
3. www.utgsolutions.com
@utgsolutions 678.730.0345
Carefully Align BYOD with Security
Dell recommends that companies carefully
align their bring-your-own-device (BYOD)
program with data security and privacy
regulations to avoid any pitfalls concerning
compliance.
4. www.utgsolutions.com
@utgsolutions 678.730.0345
BYOD Comes with a Cost
While BYOD initiatives can be great for
employees, they often pose a potential
nightmare for employers as failure to comply
with regulations can result in companies
suffering financial penalties, litigation and
damage to their reputation.
5. www.utgsolutions.com
@utgsolutions 678.730.0345
HIPAA
For example, to meet Health Insurance
Portability and Accountability Act (HIPAA)
standards, healthcare providers, insurers,
employers, schools and other organizations
must secure access to all patient healthcare and
payment information.
7. www.utgsolutions.com
@utgsolutions 678.730.0345
Protect Your Private Information
Even in sectors with fewer regulations,
organizations are under increasing pressure to
protect private information.
For that reason, Dell advocates the following
five best practices for protecting regulated data
and employee privacy:
8. www.utgsolutions.com
@utgsolutions 678.730.0345
Identify, Confirm and Protect Regulated Data
Start by identifying all regulated data and
then determining which data will be
generated on, accessed from, stored on, or
transmitted by BYO devices.
Once regulated data has been identified,
organizations can decide on the best
strategies for protecting it and ensuring
compliance.
9. www.utgsolutions.com
@utgsolutions 678.730.0345
Identify, Confirm and Protect Regulated Data
Heavily regulated data may require a multifaceted
approach, including a combination of:
ü Encryption to keep data safe in the event of a
breach
ü Secure workspaces to keep regulated data from
commingling with personal information
ü Virtualization for heightened IT control of
applications and the data they access
10. www.utgsolutions.com
@utgsolutions 678.730.0345
Identify, Confirm and Protect Regulated Data
ü Data leakage protection (DLP) to control which
data mobile employees can transmit through
BYO devices and to prevent the transfer of
regulated data from a secure app to an insecure
app
ü The ability to remotely wipe data from a device,
if necessary.
11. www.utgsolutions.com
@utgsolutions 678.730.0345
Control Access to Data and Networks
ü Deploy solutions for monitoring, tracking and
controlling access rights according to a user’s
identity, device type, location, time of access
and resources accessed.
ü In addition, prevent employees from accessing
data on unsecured (or jailbroken) devices or
transmitting unsecured data using their own
device.
12. www.utgsolutions.com
@utgsolutions 678.730.0345
Control Access to Data and Networks
ü A complete solution for identity and access management
(IAM), firewalls and virtual private networks can protect
data and networks.
ü It also can help control administrative complexity and
support numerous device types, operating systems, user
roles, data types and regulatory requirements.
ü The solution should make it simple for authorized users
to access information and resources from personally
owned devices to maximize mobile flexibility and
productivity.
13. www.utgsolutions.com
@utgsolutions 678.730.0345
Secure Devices
ü Demand extra security for employee-owned
devices.
ü As a first step, require a password to access
devices or the secure workspaces on them.
ü In addition, a smart card reader or fingerprint
reader can prevent unauthorized access to
tablets and laptops if they are lost, stolen or
inadvertently used by family or friends.
14. www.utgsolutions.com
@utgsolutions 678.730.0345
Develop Compliant Apps with Proof of Compliance
Be sure the applications developed for mobiles devices
maintain compliance.
To assess application compliance, ask the following
questions:
ü Can the multifactor authentication required for
enterprise applications be employed on smartphones?
ü Are the mobile devices storing sensitive information as
an employee interacts with an enterprise application?
15. www.utgsolutions.com
@utgsolutions 678.730.0345
Develop Compliant Apps with Proof of Compliance
ü Does a secure web session expire in the same amount of
time on a tablet as it would on a corporate desktop?
ü To assist with the application compliance process, many
companies enlist the help of an application development
consultant with experience and expertise in ensuring the
compliance of mobile apps.
ü To show proof of compliance, be sure the solution
supports appropriate reports and audit trails while
controlling complexity.
16. www.utgsolutions.com
@utgsolutions 678.730.0345
Train Employees on the Importance of Maintaining Compliance
ü Employees must understand the critical
importance of adhering to regulations and
potential consequences of compliance failures.
ü Mobile employees must be especially sensitive
to potential breaches while outside corporate
walls.
ü A signature on a document promising
adherence to rules is not enough. Ongoing
education is essential.
19. www.utgsolutions.com
@utgsolutions 678.730.0345
Delivering Complete and Connected Software Solutions
UTG Dell solutions empower companies of all sizes to experience the
“Power to Do More”by delivering scalable yet simple-to-use solutions
that can increase productivity, responsiveness and efficiency.
UTG solutions are uniquely positioned to address today’s most
pressing business and IT challenges with holistic, connected
solutions across five core solution areas, encompassing data center
and cloud management, information management, mobile
workforce management, security and data protection.
We help customers simplify IT, mitigate risk and accelerate business
results.