It’s everyday practice at universities but makes IT security and data protection experts shudder: using one’s own devices for work purposes. The “bring your own device” (BYOD) method of using mobile devices poses a host of risks for the security of work-related data (e.g. passwords for IT services, personal certificates, address books, research data, calendars and email accounts). The same is true for work devices that are free for personal use (“company-owned personally-enabled”, COPE).
The following pages explain, and provide possible solutions for, the IT risks posed by using devices, especially Android ones, for work and personal purposes:
Version history
Authors: Christoph Becker (cb)| Version | Date | Author | Comment |
|---|---|---|---|
| 1.0 | 2019-01-31 | cb | |
| 1.1 | 2019-02-15 | cb | Recommendation for ad blockers based on host filter lists added |
Further information
- National Cyber Security Centre: "EUD Security Guidance: Android 8", Link
- Kurt Marko: "3 Ways To Virtualize Mobile Devices ", Link
- A. Kohne, S. Ringleb, C. Yücel: "Bring your own Device", Link
- ZENDAS: “Datenschutz unter Android”, Link
- BSI: "Überblickspapier Smartphones", Link
- Mike Kuketz: "Antivirus-Apps für Android – Sinnvoll oder nutzlos?", Link
- Mark Zimmermann: "Android for Work – ein Risiko für Unternehmen", Link
- Mike Kuketz: "Android: Ist Rooten ein Sicherheitsrisiko bzw. gefährlich?", Link
- BSI: "Sicherheitsempfehlungen zur Konfiguration von Samsung Knox", Link
- BSI: "Video-Serie zum Thema Smartphone-Sicherheit: Cyber-Sicherheit"
- BSI: "Smartphone und Tablet effektiv schützen"