• 12 top tips to making BYOD secure

The following top tips address security issues of both laptops and smartphones that connect to the network from outside the perimeter:

  • Establish Reverse Web Proxy
  • Establish SSL VPN Tunnels
  • Scan VPN Traffic Through a Next-Gen Firewall
  • Add Strong Authentication
     

Tip 1 - Establish Reverse Web Proxy

By providing standard browser access to web resources, reverse proxies can authenticate and encrypt web-based access to network resources from outside the perimeter. Reverse proxy delivers access agnostically to both laptop and smartphone platforms, thus minimizing deployment overhead.



Designed by Freepik

Claim your FREE* Cyber Security Assessment


Tip 2 - Establish SSL VPN Tunnels

Agent-based encrypted SSL VPN tunnels add easy “in-office” network-level access to critical client-server resources for both laptops and smartphones connecting from outside the perimeter. Administrators should select SSL VPN gateway solutions that have certified smartphone clients from the same vendors. This provides a single point of management and similar user experience for both laptops and smartphones, rather than trying to cobble together and support one solution for laptops and a different solution for smartphones.

Tip 3 Scan VPN Traffic

Both laptops and smartphones can act as conduits to enable malware to cross the network perimeter, over WiFi or 3G/4G connections. Integrated deployment with a Next-Generation Firewall (NGFW) establishes a Clean VPN™ that decrypts then scans all the content. NGFW gateway security measures (e.g., Anti-Virus, Anti-Spyware, Intrusion Prevention Service) can decontaminate threats before they enter the network.


Designed by Freepik

Tip 4 Add Strong Authentication

A secure solution for laptops, smartphones and tablets should integrate seamlessly with standard authentication methods such as two-factor authentication and integrated one-time passwords.

The following best practices address security issues with laptops (because they do not have a white-listed app environment like smartphones) that connect to the network from outside the perimeter:

  • Deploy Endpoint Control
  • Create a Secure Virtual Desktop
  • Enforce Cache Cleaner
  • These practices are detailed further in the following pages.

Tip 5 Deploy Endpoint Control

To help determine and enforce acceptable security policy compliance for managed and unmanaged Windows, Macintosh and Linux laptops outside the perimeter, endpoint control can determine the presence of security applications and allow, quarantine or deny access based on security policy and user identity. As addressed above, this is very important for laptops, but less important for smartphones due to their white-listed app distribution environment.


Designed by Freepik

Claim your FREE* Cyber Security Assessment

Tip 6 Create a Secure Virtual desktop

Secure virtual desktop environments can prevent users from leaving sensitive data behind on unmanaged Windows laptops. They accomplish this by removing all files and links generated during the VPN session upon disconnection.
 

Tip 7 Enforce Cache Cleaner

A cache cleaner can remove all browser-based tracking information from a Windows and Mac laptop once the user logs off or closes the browser.


Designed by Freepik

The following best practices address security issues of both laptops and smartphones that connect to the network from inside the perimeter:

  • Scan WiFi Traffic through a Next-Gen Firewall
  • Control Application Traffic
  • Prevent Data Leakage
  • Block Inappropriate Web Access
  • Block Outbound Botnet Attacks

 

Tip 8 Scan WiFi Traffic through a Next-Gen Firewall

Integrating NGFW with 802.11a/b/g/n wireless connectivity creates a Clean Wireless™ network when the laptop or smartphone user is inside the perimeter.


Claim your FREE* Cyber Security Assessment
 

Tip 9 Control Application Traffic

In general, mobile device apps are either critical business solutions or personal time-wasters. An Application Intelligence and Control solution can enable IT to define and enforce how application and bandwidth assets are used.
 

Tip 10 Prevent Data Leakage

Data leakage protection technology applied to laptops and smartphones inside the perimeter can scan inbound and outbound traffic and take policy-driven action to block or allow file transmission based upon watermarked content.  It can also forward non-compliant watermarked files to IT, HR or management for further remediation.
 

Tip 11- Block inappropriate web access

Content filtering for both laptops and smartphones (and even corporate desktops) used inside the perimeter can enforce company browsing policies for mobile users and help them comply with regulatory mandates by ensuring a non-hostile network environment.

Tip 12 – Block outbound Botnet Attacks

Anti-malware scanning can identify and block outbound botnet attacks launched from laptops and smartphones connected from inside the perimeter.



Claim your FREE* Cyber Security Assessment
 

  • Up to 4 hour’s consultancy from one of Probrand's qualified ACE practitioners
  • Identify and analyse issues
  • Guidance on improvements needed
  • Part of the Government Cyber Essentials campaign

 



Claim your FREE Cyber Security Assessment

Related

View all Guides

Other Guides