Recent research by independent security consultancy Context Information Security, as reported in this Dark Reading article, highlights an important finding regarding enterprise bring-your-own-device (BYOD) implementation: There will always be a trade-off between convenience and security.
The researchers investigated three leading Mobile Device Management (MDM) solutions commonly deployed as part of many BYOD roll-outs with Android and iOS mobile devices. Each of the three MDM solutions was shown to provide adequate BYOD security, but like any comparable offering, they were found to be limited by the operating system on which they’re applied.
From the article:
“For example, MDM solutions in a BYOD environment cannot prevent unknown malicious applications from recording sound via the phone’s microphone or tracking user location using the built in GPS. And while Jailbreak/Root detection is implemented by all the MDM solutions reviewed, they work in very much the same way as antivirus, only detecting known Jailbreak/Root methods and applications, which are often trivial to bypass by technical users or malicious hackers. Implementation weaknesses of MDM solutions may also inadvertently leak sensitive information and users can compromise security by downloading apps and disregarding operating system permissions requested by the applications.”
And while there’s no surefire method of guaranteeing comprehensive security in an enterprise BYOD environment, the combination of technical security controls and a clearly articulated BYOD user policy will help dramatically limit the risks.
Embedded devices, such as office printers and MFPs, are another key BYOD-security consideration when users are onsite with their personal smartphones or tablets. Which is why Xerox ConnectKey devices help lessen the demands placed on IT staff, delivering worry-free BYOD connectivity so administrators can focus on preventing other, potentially more damaging security threats.
