AdvisoryFinancial ServicesClient Story

Evaluating the Security of a Bring Your Own Device (BYOD) Program for a Financial Services Company

A financial services Client was seeking validation of policies and controls they had developed for a new Bring Your Own Device (BYOD) program prior to implementation company-wide.
Read our other Financial Services Client Stories.

Evaluating BYOD for software development best practices
Financial Services

Practice Areas
  • Configuration Review

Our Client’s Challenge:

  • As a company that embraces new technologies and seeking ways to maintain competitiveness, our Client wanted to securely implement a Bring Your Own Device (BYOD) program.
  • This BYOD program introduced several new physical devices (laptops, mobile devices) that also included integration with cloud services. Adopting these technologies could open up new attack vectors and introduce new risks.
  • Our Client desired to assess and evaluate the risks of the BYOD implementation. The security assessment would be focused on verifying the proposed policies and to ensure that controls were sufficient to protect the Client from potential data breach, yet flexible enough to enable employees to work more effectively.

Our Approach:

  • Security Compass worked with our Client to understand the current BYOD policy and organizational best practices. A focus was then put on security testing and verifying the policies and controls of the BYOD program. This included testing of Windows 10 portable devices and associated applications, including tablets, laptops and numerous cloud services.

The Result:

  • Working together with our Client to measure the effectiveness of the current BYOD policy, Security Compass was able to identify and verify security gaps in the existing policy and provisioning of devices that could put our Client at increased risk. We found success in helping balance the security risks while supporting our Client’s operational goals, that enabled employees to use the tools they wanted to work effectively.
Our Client was able to implement their Bring Your Own Device program company-wide with confidence, knowing that the program’s policies and controls had been validated with Security Compass.

Back to Client Stories

Our Advisory services team has more than a decade of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.