The National Institute of Standards and Technology (NIST) recently issued new draft guidelines aimed at improving security of telework and bring-your-own-device practices – both from how teleworkers can secure their devices and from the organizations’ point of view.
Created in 2009, the NIST guidelines are being updated to address the changing workplace, rapid influx of teleworking technologies and the growing need for secure and compliant mobile device management.
The draft “User’s Guide to Telework and Bring Your Own Device (BYOD) Security” addresses ways users can secure information stored on and sent by telework devices and home networks. The guidelines suggested in this publication are comprehensive probably overwhelming for most individuals to understand and implement.
As a frequent contributor to NIST publications, specifically in the areas of cloud computing and security, I see first hand the thought and extensive research all contributors provide to create such a comprehensive publication. It behooves government agencies and organizations to tailor these guidelines to their specific environments in order to provide specific actions that need to be taken by their workers.
As it turns out, teleworking and BYOD is an ideal environment to utilize Software Defined Perimeters (SDPs) based on their ability to secure teleworker access to critical infrastructure, as well as how they could simplify and provide specifics for most of the NIST guidelines. Therefore we are urging and helping government agencies and organizations to adopt SDPs as a comprehensive implementation to ensure their security controls satisfy NIST guidelines.
To learn more about the emergence of the Software Defined Perimeter, check out our new white paper.