December 22, 2024

Skylight Webzine

Online since 2000

Openness and data protection of Bring Your Own Device concept


The concept of BYOD (Bring Your Own Device) in enterprises has affected the security levels that the security engineers apply inside the companies because each device that  the staff owns may not be configured based on the security policy of the company. Nowadays, due to the large amount of exchanging information, the modern manager has to use mobile devices for the access and transfer of information. In this case, mobile devices play a crucial role in the exchange of information inside and outside of the enterprise.

Most of the mobile devices use iOS or Android as operating systems. Those two are considered the state of the art products in terms of popularity and functionality. A review comparison between iOS and Android in security level, would  allow the BYOD security evangelists to choose the appropriate solution for the management of the mobile information. The comparison is going to take place by taking into account several common activities of both iOS and Android:

Data protection: The protection of the data that the mobile device stores, it is categorized under the tag CIA (Confidentiality, Integrity and Availability). The non authorized access to the data may break the rule of the CIA and expose the company’s information to hackers that may use it to attack the company.

iOS: The devices equipped with iOS have an access PIN code that may be entered only once and the user does not need to enter it every few minutes  in order to unlock the device. While it is not annoying from the user’s perspective, the security threat is obvious. If a non authorized person gains access to this device, it is easy for him/her to steal the information that is stored in the device.

Android: The android devices have a security mechanism that forces the user to enter the required access code before using the device, otherwise the device is auto locked. While the autolock function prevents the user from risking the exposure of his data, it may end up in getting angry the user.
Openess: The source coding of a system may affect the security level of it. Usually an open source coding system allows users to create new threats, but on the other side, the engineers could also create engineering solutions from the scratch.

iOS: This is a closed coding system , with only a few parts of it as open source elements. In general this is a quite secure framework, but once a problem occurs, then due to the closed oriented coding, it takes a lot to fix the problem.
Android: Android as an open source coding system is more vulnerable to hackers who want to gain access inside the system by creating code that may overcome the attack security borders of the system. On the other hand, the open source coding system helps the security engineers find the problem and fix it.

These are only a few of the security threats in iOS and Android decision making for the appropriate BYOD choice. The company’s security engineers should detect the value of company’s data and then plan according to the risk assessment for the appropriate security policy and operating system for the BYOD concept.

 

 

Author: Vasileios Yfantis