A CISO's checklist for BYOD

by Amitabh Sinha on Oct 20, 2015 6:00:00 AM

BYOD Strategy

After a very thought provoking conversation with a CISO from a top 10 university, we distilled her thoughts into four key points for a sound BYOD strategy. First, let me level set with a definition of BYOD: Any device which is used for both personal and business needs. It could be a phone, a tablet, a PC, or a Mac. It could be owned by the employee, a consultant, a contractor, a firm you just acquired, or a student.

What are the requirements for a BYOD solution from a CISO perspective?Checklist for BYOD Secure data with Workspace BYOD soluton

(1) Protect the data, not the device: The key objective of the CISO is to protect enterprise data.  Locking down a device does not guarantee that the data is protected. 

(2) Make it simple for end users: Make it simple for end users to access their work applications and data. If you restrict or it make it difficult, then end users will look for ways to work around the problem by leveraging non-sanctioned sharing and collaboration tools. 

(3) Visibility into work on an endpoint: So, let's assume you find a tool that makes it simple for your end users to access business apps. Also, let's assume that the solution protects the data accessed by those applications, whether online or offline. You still need visibility into what users are doing on the endpoint. Not visibility into their personal behavior, but visibility into business access. Visibility into work access will let you detect abnormal behavior.

(4) Alarms about abnormal access: Seeing is believing, but alarms will drive action. In this highly connected world, detecting abnomal behavior early can fend off serious breaches. So you need to be able to detect abnormal access patterns. For example, why is a user accessing work from both Nigeria and New York? Or why is a user downloading tens of documents today when they have only downloaded a few documents monthly for the last few months? Abnormal access patterns help you detect breakdowns in the security systems you have put in place.  

Want to know more about Workspot today? Click the image below to download the solution brief:
Azure DaaS

Subscribe To Our Blog

Recent Posts

skydive3.jpg
author avatar

This post was written by Amitabh Sinha

Amitabh has more than twenty years of experience across enterprise software, end user computing, mobile, and database software. Amitabh co-founded Workspot with Puneet Chawla and Ty Wang in August 2012. Prior to Workspot, Amitabh was the General Manager for Enterprise Desktops and Apps at Citrix Systems. In his five years at Citrix, Amitabh was VP Product Management for XenDesktop and VP Engineering for the Advanced Solutions Group. Amitabh has a Ph.D. in Computer Science from the University of Illinois, Urbana-Champaign.

Connect with Amitabh