10 Best Practices to secure BYODs
SmartPhones and iPhones are great for employee productivity but they introduce security risks to your organization
1More employees and enterprise associates are bringing their own iPhones to the office. How sure are you that they are secure. While iPhones are great for employee productivity, they can introduce security risks to your organization.
Best practices to secure SmartPhone and iPhones are:
- Implement a formal written BYOD policy that clearly states which devices and applications are supported
- Set up a locking password on each device. Integrate password usage with wipe the phone after x number of invalid tries. At the same time have a way to restore the phone if the phone is wiped.
- Implement a phone locater on all SmartPhones. In the case of the iPhone use the "Find My Phone" application.
- Protect the access point of your network so that only devices that meet your stringent security requirements are allowed access to you network and data.
- Implement anti-virus where possible. In the case of iPhone there is not anti-virus. That means that you email service provider needs to do the scan BEFORE emails are sent to the device.
- Manage authorized applications so the contact and other sensitive data is not extracted from the device by the applications.
- Utilized data encryption on e-mails and enterprise data
- Utilize the cloud as a back up source
- Be wary of applications like QR coder readers. They can direct the user to sites that can take control of the device.
- Monitor access and data usage by device and by user. Have processes in place that actively inform management of any potential ares were the network and data can be compromised.
IT Infrastructure Policy Bundle
The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.
We have just completed a major update of most of the individual polices and almost all of the electronic forms.
- CIO IT Infrastructure Policy Bundle (All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable)
- Backup and Backup Retention Policy
- Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
- BYOD Policy Template (Includes electronic BYOD Access and Use Agreement Form)
- Google Glass Policy (Includes Google Glass Access and Use Agreement Form)
- Incident Communication Plan Policy (Updated to include social networks as a communication path)
- Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy(Includes 5 electronic forms to aid in the quick deployment of this policy)
- Mobile Device Access and Use Policy
- Patch Management Policy
- Outsourcing and Cloud Based File Sharing Policy
- Physical and Virtual Server Security Policy
- Record Management, Retention, and Destruction Policy
- Safety Progam
- Sensitive Information Policy(HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
- Service Level Agreement (SLA) Policy Template with KPI Metrics
- Social Networking Policy(includes electronic form)
- Technology Acquisition Policy
- Telecommuting Policy(includes 6 electronic forms to effectively manage work at home staff)
- Text Messaging Sensitive and Confidential Information (includes electronic form)
- Travel, Electronic Meeting, and Off-Site Meeting Policy
- Wearable Device Policy
- IT Infrastructure Electronic Forms