ABSTRACT

BYOD solutions include not just the device and the applications (apps) on that device. Mobile devices (e.g., laptops, phones, tablets) are also used to connect to organizational systems. This chapter, which is based on information provided by the National Institute of Standards and Technology (NIST), illustrates how a hypothetical organization deals with computer security issues in its enterprise operating environment. In the real world, many solutions exist for computer security problems. No single solution can solve similar security problems in all environments. Likewise, the solutions presented in this example may not be appropriate for all environments. Essentially, there are two methodologies that are used to ensure that mobile devices are securely accessing the network: Agent-based solutions and Network-based Mobile Device Management (MDM). In the Network-based MDM paradigm, no agents are actually stored on the client device. Instead, network devices are intelligent enough to make security decisions based on user identity, device type, location, and time. Both should be supported. This chapter does not delve into these specific issues. That will be discussed in Chapter 5, which provide guidelines for managing and securing mobile devices in the enterprise.