Mobile Device Security Guidance from NIST

The National Institute of Standards and Technology has released Special Publication 1800-5, Mobile Device Security Cloud and Hybrid Builds, a guide for how organizations can secure mobile devices used for work. As observed by the guidance, while mobile devices like smartphones and tablets have enabled employees to do their jobs more effectively and efficiently, the security controls that go along with them have not kept pace with the risks they can introduce. This is particularly true in bring your own device (BYOD) scenarios but also in corporately owned and personally enabled (COPE) mobile device deployments, where mobile devices are adopted on an ad hoc basis. Despite these challenges, the guidance purports to demonstrate how commercially available technologies can meet an organization’s needs for secure use of mobile devices. According to NIST, its findings and recommendations were developed and tested in a lab that replicated a real-world environment using mobile devices.