NIST Guidance for Mobile Device Security

By

Get tips for BYOD deployment from NIST.

Many organizations allow employees to use their personal mobile devices for work-related activities – a practice known as bring your own device (BYOD). This approach offers great convenience but can “also introduce vulnerabilities in the enterprise’s IT infrastructure,” explains a new practice guide published by NIST.

“Personally owned mobile devices are typically unmanaged and may lack security and privacy protections,” NIST says. “Unmanaged devices are at greater risk of unauthorized access to sensitive information, tracking, email phishing, eavesdropping, misuse of device sensors, or compromise of organizational data due to lost devices,” among other risks.

This publication provides an example solution using standards-based, commercially available products along with detailed implementation guidance, including how to:

  • Detect and protect against installing mobile malware, phishing attempts, and network-based attacks 
  • Provide users with access to protected business resources
  • Enable selective device wipe capability of organizational data and applications
  • Protect against organizational data loss by restricting an employee’s ability to copy and paste, perform a screen capture, or store organizational data in unapproved locations
  • Protect employee privacy

Learn more at NIST.
 
 

 
 

10/16/2023

Related content

comments powered by Disqus