UK Govt approves Windows Phone for BYOD use

UK government approves windows phone for BYOD

The UK government has published security approval for public sector organisations to offer bring your own device (BYOD) schemes for employees to access data and applications using Windows Phone and tablets.

The new End User Devices Security and Configuration Guidance policy was issued by CESG, the information security arm of GCHQ. It follows requests by public bodies such as local authorities wanting to introduce BYOD schemes to their staff.

The policy, which is in draft form, details the security rules that must be followed for any mobile devices, but for the first time allows the use of employee-owned computers.

“Whilst enterprise ownership of a device makes many information security aspects much simpler, it is not a prerequisite of this guidance,” said the CESG documentation.

But the policy places a number of restrictions on how staff-owned devices must be used – and implicitly acknowledges that CESG would prefer public bodies not to offer BYOD if possible.

“What is necessary is that the device is placed under the management authority of the enterprise for the complete duration it is permitted to access official information. Hence, a BYOD model is possible – although not recommended for a variety of technical and non-technical reasons,” it says.

The guidance demands that any mobile device must be returned to factory settings before it can be used to access government data, and that the device must be able to be fully managed by the employing organisation throughout the life of its use for mobile working.

“To ensure information security when using devices not owned by the enterprise, the enterprise must take control of device management at the point of provisioning, ensuring that the device is placed into a ‘known good’ state prior to allowing it to access official information,” says the policy.

“The device must be returned to an understood state such as via a firmware reinstall or wipe to factory state and any existing configuration on it replaced. It is only by taking over the enterprise management of the device that an organisation is able to ensure that information security policies are being applied.”

Share this post

One thought on “UK Govt approves Windows Phone for BYOD use

  1. Adam

    BYOD will continue growing as mobile devices continue to play a greater role in our lives.

    Does BYOD come with headaches? Of course it does. However, security issues and IT management headaches (how do I support all those devices?) can be addressed by using new HTML5 technologies that enable users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.

    Since AccessNow doesn’t require any software installation on the end user device – just an HTML5 browser, network connection, URL address and login details – IT staff end up with less support hassles. The volunteer or temporary employee that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.

    Visit http://www.ericom.com/BYOD_Workplace.asp?URL_ID=708 for more info.

    Please note that I work for Ericom

    Reply

Leave a Reply