Close The BYOD Security Hole

A bring-your-own-device policy it a low-cost way to use Apple devices without spending a lot of money, but don’t forget security.

A bring-your-own-device policy is a low-cost way to let employees use Apple devices without a huge capital investment. But the downside is security. In a recent Virgin Media Business survey of 500 British CIOs, more than half reported network breaches from employee-owned devices accessing the network. Dartmouth-Hitchcock Medical Center, a major northern New England healthcare provider with nearly 8,500 employees, has policies and processes that let its staff use Apple devices on the network securely, without having to manage them centrally.
Lessons Learned
>> Know that management will be an issue.
Windows PCs continue to be the medical centers only centrally purchased and supported systems, in part due to the difficulties it has had centrally managing Macs. Macs dont have full Active Directory support, among other things, says Bill Weyrick, senior manager of information systems.
>> Set up a separate guest WLAN.
Dartmouth-Hitchcocks first and most fundamental level of security has been to provide a guest Wi-Fi network with a completely separate IP space and service provider, and to configure business-critical apps so they cant run from that address space. This approach provides basic BYOD network access, including for patient and guest devices, without compromising network security.
>> Write a policy for employee-owned devices that has teeth.
Dartmouth-Hitchcock lets employees use personally owned Apple devices to access email and enterprise apps that dont involve medical records. Employees must have device-level authentication and let IT verify theyre using a password and encrypting certain data, and allow remote wipe if the device is lost. The hospital doesnt allow Android devices because the policy-level security its using cant monitor security status with the same level of confidence that it has with the iPhone.
>> OS X is out for certificate-level authentication.
Only Windows devices can be used for the most secure level of access, since Dartmouth-Hitchcock requires those devices to be certificate-authenticated and centrally managed.
>> Explore thin client.
Dartmouth-Hitchcock uses Citrix to securely serve mission-critical apps to both Macs and PCs, keeping patient data off the client.
>> Consider outsourced support. Dartmouth-Hitchcock limits iPad use to projects funded and supported by nonstandard means, such as loaner iPads for kids in the childrens hospital and devices used by the hospitals Boards of Trustees to access meeting materials. Outsourcers manage both projects.
Go to the main story:
Why Apple Is ITs Arch Frenemy
Continue to the sidebar:
Apple Doesn’t Rule The School

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Close The BYOD Security Hole