SC Congress NY: To cut BYOD security costs, get specific

Share this article:

A secure approach to bring-your-own-device (BYOD) in the workplace starts with defining user guidelines, which ultimately determine the bottom line for companies: what technology should be implemented and how much it will cost.

Security experts at this year's SC Congress in New York City believe that a long-term plan is the most efficient defense against BYOD breaches.

“You're never going to have 100 percent security, so what remains is your users' ability to understand your [BYOD] requirements,” said Yonesy Nunez, senior vice president and BISO of IT risk implementation at Citi Group, at the conference Thursday.

Nunez spoke to attendees at SC Congress New York, a conference and expo for security professionals hosted by SC Magazine, about having a game plane for BYOD security.

Keith Wilson, the managing director and CISO of the Teachers Insurance and Annuity Association – College Retirement Equities Fund (TIAA-CREF) said that once policies were in place for personal devices, container-based solutions for storing information, where data is sandboxed according to classification, would keep BYOD security guidelines from being derailed.

“If you are going to do true BYOD, I feel pretty strongly that you need to look at a container-based approach,” Wilson said of protecting sensitive information.

Companies must also address who is going to own mobile devices used for corporate purposes, who will then manage its use, and what model will be used to protect those devices.

Vijay Viswanathan, director and CISO at HD Supply, an Atlanta-based industrial distribution company, said that year-to-year strategies for BYOD security policies are the way to go.

“Based on the type of organization you are in, you need a long-term strategy for BYOD,” he said. Wilson added that, with the right BYOD security model in place, management can reduce support costs and successfully stave off threats.

“The cost reduction is real,” Wilson said. “It just depends on how you roll [the support model] out.”

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.