In March, 2019 the Center for Internet Security (CIS) released the Mobile Companion Guide to help organizations map the CIS controls and their implementation in mobile environments. In the companion guide, the focus is on a consistent approach to applying the security recommendations in both Google Android and Apple iOS environments. Factors such as “Who owns the data?” and “Who owns the device?” affect how the device should be secured. The Mobile Companion Guide explores bring your own device (BYOD), corporate-owned, personally-enabled (COPE), fully managed and unmanaged devices.
Unmanaged – A popular model for small companies and startups, this is the most dangerous scenario to the enterprise and should be avoided, if possible.
BYOD – (Bring Your Own Device) – Devices are owned by the end-user but occasionally are used for work purposes. Access from BYOD devices to organizational resources should be strictly controlled and limited.
COPE – (Corporate Owned, Personally Enabled) – COPE devices work in a fashion similar to BYOD. Restrictions will be applied to the device but generally, don’t prevent most of what the user intends to do with the device.
Fully managed – Devices within this deployment scenario are typically locked down and only permitted to perform business functions. This means that employees have a second device for personal use.
The Guide also looks at systems that administer and monitor devices, such as Enterprise Mobility Management (EMM), Mobile Device Management (MDM), Mobile Application Vetting (MAV), and Mobile Threat Defense (MTD). The CIS Mobile Companion Guide includes this check list to track implementation of the 20 controls on your mobile devices. (insert the graphic included below).
We all have mobile devices. We need to adopt a security mindset and harden our devices to protect ourselves against the unique challenges of on-the-go environments. The CIS Mobility Guide provides an excellent overview of how to get started with this challenge. The complete guide can be downloaded at this URL. https://www.cisecurity.org/blog/new-release-cis-controls-mobile-companion-guide/