Company Owned and BYOD Devices

Published by Joe D on

How are employees connecting?

In times where everyone who does their job from a computer is working from home, companies are being creative about making the environment available to the workers.  Is the risk of a work at home environment being completely considered?  We will examine the different scenarios:

 

Company Provided Workstations – In most cases, companies are providing laptop or desktop computers to their employees to work at home.  When a company does this, they are providing the necessary security controls such as, a secure VPN or TLS connection, protection from malware, access controls, and device management on the provisioned workstation.  With the use of a secure, encrypted connection the employee operates from a remote connection as if they were a node in the office.  This technology has been in circulation for some time but is being leveraged now more than ever.  This is clearly the most secure form of working in a remote environment.

 

Personally Owned Devices – In some instances, companies are allowing their employees to use personally owned devices to perform their job.  When set up properly, this can still be a secure method of computing.  However, the caveat is that the sessions that are established are done through a virtual session over a web browser that does not allow for the ingress or egress of data to the personally owned workstation.  For example, a company my implement an email portal that does not allow the user to save messages or attachments to their local device.  Similarly, users are not allowed to move files from the personally owned workstation to the company servers.  The two primary reasons for this are Data Loss Prevention and Protection from Malware, respectively.

 

Companies that allow the ingress or egress of data to and from a personally owned device introduce an elevated level of risk.

 

Mobile Devices – The other popular method of remote work is through a mobile device or phone.  Like the use of a desktop or laptop, company will want to ensure that if data is moved to or from a mobile device, it is done in such a way that the data cannot leak to an unsecured area of the device and non-company data can be moved from the device to the company computing environment.

 

How can the risks be mitigated?

The most secure methods of remote working are:

  1. Provide a company desktop or laptop with full controls and a VPN to connect
  2. When personally owned devices are used, ensure that data cannot be moved to or from the personally owned device.

Implement a full Mobile Device Management or Container solution to segregate company information assets from personal data.

Categories: Uncategorized

Related Posts

Uncategorized

The Importance of Penetration Testing, Including Application Penetration Testing

Introduction In an era of escalating cybersecurity threats, proactive defense measures are essential to protect an organization’s systems and data.  Penetration testing, or ethical hacking, plays a crucial role in identifying and addressing security vulnerabilities Read more…

Uncategorized

File Sharing in the Cloud

In the not-too-distant past, our primary method for sharing files was to exchange a USB Drive, SD card, or email.  All these mediums have various limitations and vulnerabilities.  Specifically, malicious actors use these vehicles to Read more…

Uncategorized

Risk Treatment

Now that risk is identified, how do we address it?  In information security, new risks surface daily.  These new risks are the result of the evolving threat landscape, implementation of new technologies, changes in regulatory Read more…