{"id":33,"date":"2012-09-07T10:40:00","date_gmt":"2012-09-07T10:40:00","guid":{"rendered":"http:\/\/mayanktrivedi.net\/technotes\/2012\/09\/07\/byod-program-controls-requirement\/"},"modified":"2022-04-06T20:23:29","modified_gmt":"2022-04-06T20:23:29","slug":"byod-program-controls-requirement","status":"publish","type":"post","link":"http:\/\/mayanktrivedi.net\/technotes\/2012\/09\/07\/byod-program-controls-requirement\/","title":{"rendered":"BYOD Program &#038; Controls Requirement"},"content":{"rendered":"<div dir=\"ltr\" style=\"text-align: left;\"><\/p>\n<div style=\"text-align: justify;\">BYOD or Bring Your Own Device is the way organizations are planning to take.&nbsp; The talk is going abuzz in the corporate world as it would help organizations reduce their IT budget and increase operational efficiency.&nbsp; In my view it is not that bad an idea, but would require looking a bit deeper at the Compliance perspective and the risks that would emanate when an organization would run BYOD.&nbsp; The Organizations would require investing and managing various technological solutions to ensure that the Data Privacy and Protection Laws of the world are addresses and that the common framework of controls is enforced across all the devices that come in being due to BYOD.&nbsp; <o:p><\/o:p><\/div>\n<div style=\"text-align: justify;\"><\/div>\n<div style=\"text-align: justify;\">The BYOD program from the aspect of controlling data access and ensuring data protection would need to evaluate and consider deploying following technologies:<o:p><\/o:p><\/div>\n<div style=\"mso-list: l0 level1 lfo1; text-align: justify; text-indent: -.25in;\"><\/div>\n<ul>\n<li style=\"text-align: justify;\"><span style=\"font-size: 7pt; text-indent: -0.25in;\">&nbsp;&nbsp;<\/span><span style=\"text-indent: -0.25in;\">Jump Server \u2013 to log in to the organizations corporate network and provide viral desktop environment to the users.&nbsp; The virtual desktop would have all the desired user settings including file &amp; print configuration, Proxy settings, mailbox configuration and the application shortcuts for the desired applications for the user concerned<\/span><\/li>\n<li style=\"text-align: justify;\"><span style=\"text-indent: -0.25in;\">Network Admission Control \u2013 to control the risks emanating from the unpatched and unprotected personal devices that can introduce Trojans, viruses, worms, BOTS etc in the corporate network.&nbsp; The Organizations would need to critically look at investing on a strict Anti-Virus &amp; Patch Management Regime Supported by the Network Admission Control devices.<\/span><\/li>\n<li style=\"text-align: justify;\"><span style=\"text-indent: -0.25in;\">Two Factor Authentications \u2013 to ensure that the password compromises do not impact \/ provide access to the corporate network. Additionally this would also help organizations to be able to support the Work from Home (WFH) program thus further reducing their operational cost associated with Facility Management for the ever growing number of seats with workforce increase.<\/span><\/li>\n<\/ul>\n<p><o:p><\/o:p>  <\/p>\n<div style=\"mso-list: l0 level1 lfo1; text-align: justify; text-indent: -.25in;\"><o:p><\/o:p><\/div>\n<div style=\"mso-list: l0 level1 lfo1; text-align: justify; text-indent: -.25in;\"><o:p><\/o:p><\/div>\n<div style=\"text-align: justify;\">These are just the indicative controls that should be considered or rather implemented by the organizations seriously going the BYOD path.&nbsp; Certainly the CXOs of the world would be better placed to take the final decision on the set of controls from the likes of IDM, DLP, SSO to add to.&nbsp; This would certainly require an indepth assessment on the requirements and the risks emanating to an organization.<o:p><\/o:p><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>BYOD or Bring Your Own Device is the way organizations are planning to take.&nbsp; The talk is going abuzz in the corporate world as it would help organizations reduce their IT budget and increase operational efficiency.&nbsp; In my view it is not that bad an idea, but would require looking a bit deeper at the &hellip;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,26,31,44],"tags":[],"class_list":["post-33","post","type-post","status-publish","format-standard","hentry","category-governance-risk-and-compliance","category-information-security-controls","category-information-security-risks","category-it-security-controls","entry entry-center"],"_links":{"self":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/33","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/comments?post=33"}],"version-history":[{"count":1,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/33\/revisions"}],"predecessor-version":[{"id":174,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/33\/revisions\/174"}],"wp:attachment":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/media?parent=33"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/categories?post=33"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/tags?post=33"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}