BYOD requires a comprehensive set of security policies

NCP Engineering believes that app wrapping combined with the new security tools offered in IOS and Android are only the start in a BYOD environment.

BYOD requires a comprehensive set of security policies

Not long ago, I published a commentary focused on Cortado and app wrapping (see  Cortado Corporate Server 7 versus app wrapping ). As is often the case, a comment on a conversation with representatives of one company leads to conversations with others. This time, representatives of NCP Engineering reached out and asked if I'd like to speak with Joerg Hirschmann, CTO of NCP Engineering.

Hirschmann is a strong proponent of an active defense system for corporate systems, data and applications. He believes that while end-point security tools — such as those offered by Cortado — can be very useful, they must be incorporated into a larger set of security management policies. Hirschmann's view: Wrapping applications is only a start. 

IOS and Android have started down a useful path by adding access controls, Hirschmann says, but these are far from a comprehensive in-depth security framework.

Ed Bott

Here's how you can still get a free Windows 10 upgrade

You can still use Microsoft's free upgrade tools to install Windows 10 on an old PC running Windows 7 or Windows 8.1. No product key is required, and the digital license says you're activated and ready to go.

Read More

The server operating systems, applications, databases, and networks must all be considered as well. This, Hirschmann believes, leads to the requirement for careful planning, monitoring, and sophisticated firewalls and even to the use of virtual private networks.  He suggests that staff using their own devices should be mindful of the networks they are using. Coffee shop and hotel networks might be convenient, but they may not be really safe.

The questions he suggests IT planners address should include the following:

  • Are the passwords people use really secure and safe?

  • Are the networks protected so application conversations cannot be overheard and the proprietary data extracted?

  • Are applications being developed with security in mind rather than security being an afterthought?

NCP Engineering believes that its firewall and its VPN clients and services should be a part of organization's planning for BYOD programs.

What is your company doing in this area?