Today, NIST is publishing a new NIST Cybersecurity Practice Guide--Special Publication (SP) 1800-21, Mobile Device Security: Corporate-Owned Personally-Enabled (COPE).
Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. There are several options for deploying mobile devices. One deployment model is Corporate-Owned Personally-Enabled (COPE). COPE devices are owned by the enterprise and issued to the employee. COPE architectures provide the flexibility of allowing both enterprises and employees to install applications onto the enterprise-owned mobile device.
Securing mobile devices is essential to continuity of business operations. While mobile devices can increase efficiency and productivity, they can also leave sensitive data vulnerable. Mobile device security tools can address such vulnerabilities by helping secure access to networks and resources.
The National Cybersecurity Center of Excellence (NCCoE) at NIST built a laboratory environment to explore the challenges of securing mobile devices while managing risks and how various technologies could be integrated to help organizations secure their COPE devices.
This NIST Cybersecurity Practice Guide demonstrates how organizations can use standards-based, commercially available products to help meet their COPE mobile device security and privacy needs.