Randy Lahti, Co-founder & Security PartnerThe significant challenges that hinder the successful adoption of BYOD are mainly linked with the imperfect boundaries between company and personal components on the same system. Controlling company information on a personal device and vice versa is a difficult proposition to execute. For many situations involving higher assurance applications, physically separate devices may provide the simplest and the best answer. However, maintaining two systems is burdensome and expensive. Information Security Services (ISS), a Texas-based company adopts a different approach toward BYOD. The firm recognizes the problems associated with making a single personal computer exist as both a personal and a company device. ISS addresses this split responsibility challenge by providing a hardened, compact companion device that enables a user to run the company’s workstation configuration securely on their personal computer, bringing to the table, a cost-effective, secure, and reliant solution for the BYOD ecosystem.
Two computers contain many redundant system parts and accessories such as power supplies, displays, and docking ports. However, the essence of the computer and its configuration and data resides on the hard drive. Information Security Service’s USB boot device is a unique, durable, and secure USB 3.0 hard drive that runs the company’s standard workstation configuration. Users can boot this device from their personal computer, and securely bypass the PC’s hard drive, enabling a non-company computer to become an independent company machine with just a reboot.
The ISS USB boot drive has been a solution to security and budget concerns with BYOD and traveling staff. As a FIPS 140-2 level 3 compliant storage device and a controlled, company-managed endpoint with a built-in smart card for multi-factor authentication, the company obtains a high assurance, secure computing solution. “The user gets to carry the essence of a company computer in a secure, durable pocket sized device” says Randy Lahti, Co-founder of ISS.
In spite of its heavy-weight security and military grade durability, the device is about the size of a pack of gum and fulfills a wide range of needs.
The user gets to carry the essence of a company computer in a secure, durable, pocket sized device
The organizational expense for the USB device ranges from one-third to one-fifth of a full portable computer. Even the repair and management costs are significantly less compared to a full computer.
In order to safeguard the user who needs to do personal computing at work, the company can maintain a set of devices configured as secure, generic workstations with no access to core enterprise systems. By utilizing the device’s read only mode, users can boot from the device on their work computer, carry out their personal business, and when they unplug the device, all the temporary data collected is erased. This keeps personal data safe and averts the risk of unauthorized software that may have been installed during the session.
ISS compliments its BYOD devices with economical PKI solutions to help organizations of all sizes, especially the SMBs, establish a company controlled root of trust and leverage it to ensure strong security in solutions like the BYOD devices, multi-factor authentication, and privileged access workstations. By optimizing the benefits of the USB device, a PKI, and an authentication store like active directory, ISS can lock down all privileged accounts to a FIPS certified device.
Every ISS Boot Device solutions like BYOD, Remote Access, and Privileged Access Workstations (PAWs) can be managed remotely with the help of a SaaS solution called SEMS. This further empowers the device with features such as PIN management, IP Tracking, remote device disable and remote device wipe—if the devices are misplaced or lost. “These features, in combination, produce a strong security offering for BYOD and introduce good food for thought for privileged access management,” concludes Lahti.