Smartphone, tablet security and management guidelines on tap from NIST

By , Network World |  Security, Mobile Security, NIST

"If the device is organization issued, the client application typically manages the configuration and security of the entire device. If the device is BYOD, the client application typically manages only the configuration and security of itself and its data, not the entire device. The client application and data are essentially sandboxed from the rest of the device's applications and data, both helping to protect the enterprise from a compromised device and helping to preserve the privacy of the device's owner," the NIST document states.

The document's authors also appear to favor restricting BYOD devices more fully. "Preventing an organization-issued mobile device from syncing with a personally-owned computer necessitates security controls on the mobile device that restrict what devices it can synchronize with. Preventing a personally-owned mobile device from syncing with an organization-issued computer necessitates security controls on the organization-issued computer, restricting the connection of mobile devices. Finally, preventing the use of remote backup services can possibly be achieved by blocking use of those services (e.g., not allowing the domain services to be contacted) or by configuring the mobile devices not to use such services."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness