BYOD requires a comprehensive set of security policies

BYOD requires a comprehensive set of security policies

Summary: NCP Engineering believes that app wrapping combined with the new security tools offered in IOS and Android are only the start in a BYOD environment.

SHARE:
TOPICS: Security
0
BYOD requires a comprehensive set of security policies

Not long ago, I published a commentary focused on Cortado and app wrapping (see Cortado Corporate Server 7 versus app wrapping). As is often the case, a comment on a conversation with representatives of one company leads to conversations with others. This time, representatives of NCP Engineering reached out and asked if I'd like to speak with Joerg Hirschmann, CTO of NCP Engineering.

Hirschmann is a strong proponent of an active defense system for corporate systems, data and applications. He believes that while end-point security tools — such as those offered by Cortado — can be very useful, they must be incorporated into a larger set of security management policies. Hirschmann's view: Wrapping applications is only a start. 

IOS and Android have started down a useful path by adding access controls, Hirschmann says, but these are far from a comprehensive in-depth security framework.

The server operating systems, applications, databases, and networks must all be considered as well. This, Hirschmann believes, leads to the requirement for careful planning, monitoring, and sophisticated firewalls and even to the use of virtual private networks.  He suggests that staff using their own devices should be mindful of the networks they are using. Coffee shop and hotel networks might be convenient, but they may not be really safe.

The questions he suggests IT planners address should include the following:

  • Are the passwords people use really secure and safe?

  • Are the networks protected so application conversations cannot be overheard and the proprietary data extracted?

  • Are applications being developed with security in mind rather than security being an afterthought?

NCP Engineering believes that its firewall and its VPN clients and services should be a part of organization's planning for BYOD programs.

What is your company doing in this area?

Topic: Security

About

Daniel Kusnetzky, a reformed software engineer and product manager, founded Kusnetzky Group LLC in 2006. He's literally written the book on virtualization and often comments on cloud computing, mobility and systems software. In his spare time, he's also the managing partner of Lux Sonus LLC, an investment firm.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion