Q

Is the DoD mobile device strategy applicable to enterprises?

Can enterprises utilize the DoD mobile device strategy as a measuring stick when allowing devices on a network? Expert Joseph Granneman decides.

This Content Component encountered an error

New mobile devices, including those running BlackBerry 10 and Samsung's Knox, were recently approved for employee use under the U.S. DoD mobile device strategy. If the Department of Defense approves a device, is it safe to expedite BYOD approval of those devices in an enterprise environment?

Ask the Expert

Have questions about enterprise security? Send them via email today! (All questions are anonymous.)

You shouldn't look to the U.S. Department of Defense's approval of mobile devices as the basis of device approval for your bring your own device (BYOD) strategy. The Department of Defense approved these devices, but only after applying strict configuration guidelines. The configuration of these devices is just as crucial to a BYOD deployment as the configuration of PCs and servers in enterprise networks.

The DoD configuration may be applicable to your environment, but it sacrifices usability for security. For example, under the DoD's configuration, CEOs would not be able to use their iPhone on a public network or with their in-car Bluetooth. I doubt that this would be acceptable in an enterprise environment where usability tends to have more sway than security. The information security practitioner who implements such a configuration could even run into job security issues.

The DoD mobile device strategy is based on a risk management process. Any company looking to implement BYOD should start there as well. First, determine the information that should be protected on the applicable devices and analyze any potential risks to that information. Then, build a custom configuration and device management strategy by weighing these risks with the company's risk tolerance. Such steps help build a better balance between usability and security for a BYOD deployment.

This was first published in January 2014

Dig deeper on Handheld and Mobile Device Security Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close