Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. There are several options for deploying mobile devices. One deployment model is Corporate-Owned Personally-Enabled (COPE). COPE devices are owned by the enterprise and issued to the employee. COPE architectures provide the flexibility of allowing both enterprises and employees to install applications onto the enterprise-owned mobile device.
Securing mobile devices is essential to continuity of business operations. While mobile devices can increase efficiency and productivity, they can also leave sensitive data vulnerable. Mobile device security tools can address such vulnerabilities by helping secure access to networks and resources.
The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) built a laboratory environment to explore the challenges of securing mobile devices while managing risks and how various technologies could be integrated to help organizations secure their COPE devices.
This NIST Cybersecurity Practice Guide demonstrates how organizations can use standards-based, commercially available products to help meet their COPE mobile device security and privacy needs.
Mobile devices are a staple within modern workplaces. As employees use COPE devices to perform tasks, organizations are challenged with ensuring that these devices process, modify, and store sensitive data securely. COPE devices bring unique threats to the enterprise and therefore should be managed in a manner distinct from desktop platforms.
These challenges include securing them from different types of application- and network-based attacks on mobile devices that have an always-on connection to the internet. Mobile devices also introduce potential privacy implications for employees using the devices for personal activities.
Managing the security and privacy of workplace mobile devices and minimizing the risk posed can be challenging because there are many mobile device security tools available. Proper implementation can be difficult because the method of implementation varies considerably from tool to tool. In addition, unfamiliarity with the threats to mobile devices can increase implementation challenges.
Download the report to learn more.