REMOTE MOBILE SCREEN (RMS): AN APPROACH FOR SECURE BYOD ENVIRONMENTS

Bring Your Own Device (BYOD) is a policy where employees use their own personal mobile devices to perform work-related tasks. Enterprises reduce their costs since they do not have to purchase and provide support for the mobile devices. BYOD increases job satisfaction and productivity in the employees, as they can choose which device to use and do not need to carry two or more devices. However, BYOD policies create an insecure environment, as the corporate network is extended and it becomes harder to protect it from attacks. In this scenario, the corporate information can be leaked, personal and corporate spaces are not separated, it becomes difficult to enforce security policies on the devices, and employees are worried about their privacy. Consequently, a secure BYOD environment must achieve the following goals: space isolation, corporate data protection, security policy enforcement, true space isolation, non-intrusiveness, and low resource consumption. We found that none of the currently available solutions achieve all of these goals. We developed Remote Mobile Screen (RMS), a framework that meets all the goals for a secure BYOD environment. To achieve this, the enterprise provides the employee with a Virtual Machine (VM) running a mobile operating system, which is located in the enterprise network and to which the employee connects using the mobile device. We provide an implementation of RMS using commonly available software for an x86 architecture. We address RMS challenges related to compatibility, scalability and latency. For the first challenge, we show that at least 90.2% of the productivity applications from Google Play can be installed on an x86 architecture, while at least 80.4% run normally. For the second challenge, we deployed our implementation on a high-performance server and run up to 596 VMs using 256 GB of RAM. Further, we show that the number of VMs is proportional to the available RAM. For the third challenge, we used our implementation on GENI and conclude that an application latency of 150 milliseconds can be achieved. Adviser: Byrav Ramamurth

Remote Mobile Screen (RMS): an approach for secure BYOD environments

The introduction of bring your own device (BYOD) policy in the corporate world creates benefits for companies as well as job satisfaction for the employee. However, it also creates challenges in terms of security as new vulnerabilities arise. In particular, these challenges include space isolation, data confidentiality, and policy compliance as well as handling the resource constraints of mobile devices and the intrusiveness created by installed applications seeking to perform BYOD functions. We present Remote Mobile Screen (RMS), an approach for secure BYOD environments that addresses all these challenges. In order to achieve this, the enterprise provides the employee with a trusted virtual machine running a mobile operating system, which is located in the enterprise network and to which the employee connects using the mobile BYOD device. We describe our proposed solution and discuss our experimental results. Finally, we discuss advantages and disadvantages of RMS and possible future work

Remote mobile screen (RMS): An approach for secure BYOD environments

The introduction of bring your own device (BYOD) policy in the corporate world creates benefits for companies as well as job satisfaction for the employee. However, it also creates challenges in terms of security as new vulnerabilities arise. In particular, these challenges include space isolation, data confidentiality, and policy compliance as well as handling the resource constraints of mobile devices and the intrusiveness created by installed applications seeking to perform BYOD functions. We present Remote Mobile Screen (RMS), an approach for secure BYOD environments that addresses all these challenges. In order to achieve this, the enterprise provides the employee with a trusted virtual machine running a mobile operating system, which is located in the enterprise network and to which the employee connects using the mobile BYOD device. We describe our proposed solution and discuss our experimental results. Finally, we discuss advantages and disadvantages of RMS and possible future work

Improving Security in Bring Your Own Device (BYOD) Environment by Controlling Access

With the rapid increase in smartphones and tablets, Bring Your Own Devices (BYOD) has simplified computing by introducing the use of personally owned devices. These devices can be utilised in accessing business enterprise contents and networks. The effectiveness of BYOD offers several business benefits like employee job satisfaction, increased job efficiency and flexibility. However, allowing employees to bring their own devices could lead to a plethora of security issues; like data theft, unauthorised access and data leakage. This paper investigates the current security approaches and how organisations can leverage on these techniques regarding policies, risks and existing security techniques to mitigate or halt the security challenges. This research aimed to fill up the access control gap in the BYOD environment by developing an Intelligent Filtering Technique (IFT) using Artificial Intelligence (AI) Technique. Based on the behavioural patterns of device packets Inter-Arrival-Time (IAT) features through network traffic flow packet headers (Such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Messaging Protocol (ICMP))

Mitigating security implications of bringing your own device in an enterprise environment

A thesis submitted in partial fulfilment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore UniversityThe rapid growth in the bring your own device (BYOD) phenomenon, has resulted in the introduction of personal mobile devices in the Enterprise environment. The benefit derived from embracing BYOD in organisations is enhanced mobility of employees and the reduced equipment cost to Enterprises. An effective BYOD management is required to protect company data as diverse mobile devices are finding their way into the enterprise. Available mobile device statistics revealed that 52% of these devices are either lost or stolen worldwide, this becomes a major security concern amid risk of exposure of sensitive and important corporate data. The highlighted risks to the enterprises requires a solution to safeguard, reduce and attempt to mitigate security breaches. This research seeks to answer the following how intrusion detection is leading to increase in cybercrime? Rational look at security challenges for BYOD and how secure is BYOD? The rapid application development (RAD) methodology was applied in this research to prototype a scanning and detection technique to prevent or mitigate threats from BYOD to the enterprise environment. The developed application is a scanner and firewall that will be able to scan, monitor and mitigate malicious attacks on BYOD and present results of scanned devices, ports and blocked devices with a 95% accuracy

BYOD-Insure: A Security Assessment Model for Enterprise BYOD

As organizations continue allowing employees to use their personal mobile devices to access the organizations’ networks and the corporate data, a phenomenon called ‘Bring Your Own Device’ or BYOD, proper security controls need to be adopted not only to secure the corporate data but also to protect the organizations against possible litigation problems. Until recently, current literature and research have been focused on specific areas or solutions regarding BYOD. The information associated with BYOD security issues in the areas of Management, IT, Users and Mobile Device Solutions is fragmented. This research is based on a need to provide a holistic approach to securing BYOD environments. This dissertation puts forth design science research methods to develop a comprehensive security assessment model, BYOD-Insure, to assess the security posture of an organization’s BYOD environment. BYOD-Insure aims to identify security vulnerabilities in organizations that allow (or are planning to adopt) BYODs. The main questions this research aims to answer are: 1) In order to protect the enterprise and its corporate data, how can an organization identify and mitigate the security risks associated with BYOD? 2) How can a holistic approach to security strengthen the security posture of BYOD environments? BYOD-Insure is composed of 5 modules that, in tandem, use a holistic approach to assess the security posture of the four domains of BYOD environments: assessment of management (BYOD-Insure-Management), assessment of IT (BYOD-Insure-IT), assessment of users’ behavior/security (BYOD-Insure-User), and assessment of the mobile device security adopted by the organization (BYOD-Insure-Mobile). The combined results of the 4 domains provide the overall security posture of the organization (BYOD-Insure-Global). The evaluation process for this model is based on a design science method for artifact evaluation. For BYOD-Insure, this process involves the use of descriptive scenarios to describe different types of BYOD security postures. This entails a detailed description of scenarios that depict low, moderate and high security postures with respect to BYOD. The results, for a particular organization, show the security controls that need to be strengthened, and the safeguards recommended. The BYOD-Insure assessment model helps answer the research questions raised in this study