Date Published: March 2016
Comments Due:
Email Questions to:
Author(s)
Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)
Announcement
NIST requests public comments on two draft Special Publications (SPs) on telework and BYOD security: Draft SP 800-114 Revision 1, User's Guide to Telework and Bring Your Own Device (BYOD) Security, and Draft SP 800-46 Revision 2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security . Organizations are increasingly threatened, attacked, and breached through compromised telework devices used by their employees, contractors, business partners, and vendors. These publications make recommendations for organizations (in SP 800-46 Revision 2) and users (in SP 800-114 Revision 1) to improve their telework and BYOD security practices.
Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. Each telework device is controlled by the organization, a third party (such as the organization’s contractors, business partners, and vendors,) or the teleworker; the latter is known as bring your own device (BYOD). This publication provides recommendations for securing BYOD devices used for telework and remote access, as well as those directly attached to the enterprise’s own networks.
Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. Each telework device is controlled by the organization, a third party (such as...
See full abstract
Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. Each telework device is controlled by the organization, a third party (such as the organization’s contractors, business partners, and vendors,) or the teleworker; the latter is known as bring your own device (BYOD). This publication provides recommendations for securing BYOD devices used for telework and remote access, as well as those directly attached to the enterprise’s own networks.
Hide full abstract
Keywords
host security; information security; network security; remote access; bring your own device (BYOD); telework
Control Families
Access Control; Configuration Management; System and Communications Protection
