Help

Securing Company Data for BYOD

seanz
New Contributor II

Posted on ‎01-05-2016 10:35 AM

Hello there!

Fresh, new Casper user here. We're looking for a way to secure company data on user's personal Macs. Most of our Macs are BYO, so we're trying to stay away from FileVault. Management wants something similar to FileVault Legacy, though I know that is no longer an option.

I could script hdiutil to create an encrypted disk image, but then the user controls the password. If they leave the company, we would have no way to get to that data without IT also knowing the password.

We have Box, so we could urge users to keep all of their company files via Box Sync. That way if a user leaves, we still have access to those files if needed.

Then there's the home folder, which is probably a no-go since the user has to VPN in order to access it.

How are you all securing your company data on personally owned Macs?

Thanks in advance.

0 Kudos
1 REPLY 1

Taylor_Armstron
Valued Contributor

Posted on ‎01-06-2016 01:45 PM

We're not doing BYOD, but what I've seen at other places, and what we WOULD do if we went that route is fairly simple: If you want to bring your own, then we're encrypting your machine. FileVault as a condition of using your own box.

There's a compromise somewhere - are you allowing BYOD, or requiring it? If allowing, then I'd simply make it part of the agreement: "We will let you use your own, IF you adhere to these requirements 'x,y,z"

0 Kudos