The Mobile Execution Environment: A Secure and Non-Intrusive Approach to Implement a Bring You Own Device Policy for Laptops
Document Type
Conference Proceeding
Faculty
Faculty of Health, Engineering and Science
School
School of Computer and Security Science
RAS ID
15736
Abstract
Bring Your Own Device (BYOD) has become an established business practice, however the practice can increase an organisation’s information security risks. The implementation of a BYOD policy for laptops must consider how the information security risks can be mitigated or managed. The selection of an appropriate secure laptop software configuration is an important part of the information security risk mitigation/management strategy. This paper considers how a secure laptop software configuration, the Mobile Execution Environment (MEE) can be used to minimise risks when a BYOD policy for laptops is implemented. In this paper the security and business risks associated with the implementation of such a policy are identified and discussed before giving an overview of a range of laptop software configuration options suitable for the implementation of a secure BYOD policy. The design objectives and security requirements of the MEE are enumerated and its key features described. For each identified risk, the MEE features that mitigate/manage the risk are presented. The paper concludes by considering the type of work for which the MEE is most suited and also how the security features of the MEE can be enhanced when the MEE forms part of a secure portable execution and storage environment
DOI
10.4225/75/57b55a80cd8db
Access Rights
free_to_read
Comments
James, P. & Griffiths, D (2012), The Mobile Execution Environment: A Secure and Non-Intrusive Approach to Implement a Bring Your Own Device Policy for Laptops. Paper presented at the Proceedings of the 10th Australian Information Security Management Conference, Novotel Langley Hotel, Perth, Western Australia, 3rd-5th December, 2012. Available here.