The Mobile Execution Environment: A Secure and Non-Intrusive Approach to Implement a Bring You Own Device Policy for Laptops

Document Type

Conference Proceeding

Faculty

Faculty of Health, Engineering and Science

School

School of Computer and Security Science

RAS ID

15736

Comments

James, P. & Griffiths, D (2012), The Mobile Execution Environment: A Secure and Non-Intrusive Approach to Implement a Bring Your Own Device Policy for Laptops. Paper presented at the Proceedings of the 10th Australian Information Security Management Conference, Novotel Langley Hotel, Perth, Western Australia, 3rd-5th December, 2012. Available here.

Abstract

Bring Your Own Device (BYOD) has become an established business practice, however the practice can increase an organisation’s information security risks. The implementation of a BYOD policy for laptops must consider how the information security risks can be mitigated or managed. The selection of an appropriate secure laptop software configuration is an important part of the information security risk mitigation/management strategy. This paper considers how a secure laptop software configuration, the Mobile Execution Environment (MEE) can be used to minimise risks when a BYOD policy for laptops is implemented. In this paper the security and business risks associated with the implementation of such a policy are identified and discussed before giving an overview of a range of laptop software configuration options suitable for the implementation of a secure BYOD policy. The design objectives and security requirements of the MEE are enumerated and its key features described. For each identified risk, the MEE features that mitigate/manage the risk are presented. The paper concludes by considering the type of work for which the MEE is most suited and also how the security features of the MEE can be enhanced when the MEE forms part of a secure portable execution and storage environment

DOI

10.4225/75/57b55a80cd8db

Access Rights

free_to_read

Share

 
COinS