Many organizations now support their employees' use of personal mobile devices to remotely perform work-related activities. This increasingly common practice, known as BYOD (Bring Your Own Device), provides employees with increased flexibility to telework and access organizational information resources. Helping ensure that an organization's data is protected when it is accessed from personal devices, while ensuring employee privacy poses unique challenges and threats.
The goal of Draft NIST Special Publication (SP) 1800-22 practice guide, Mobile Device Security: Bring Your Own Device (BYOD), is to provide an example solution that helps organizations use both a standards-based approach and commercially available technologies to help meet their security and privacy needs when permitting personally-owned mobile devices to access enterprise resources.
We look forward to receiving your comments and any feedback on the following questions will be very helpful:
The public comment period is open through May 3, 2021 May 17, 2021. See the publication details for a copy of the draft and instructions for submitting comments.
NOTE: A call for patent claims is included on page v of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
Security and Privacy: privacy engineering, risk assessment, systems security engineering
Technologies: mobile
Applications: enterprise, telework