Current BYOD Security Evaluation System: Future Direction

Abstract

There are growing vulnerabilities in Bringing Your Own Device (BYOD) implementation which may not have been fully identified by organisations. It is very difficult to identify, monitor and evaluate the fast growing number of threats and vulnerabilities in a BYOD system, leading to delayed time in preparing and loading a patch which is a periodic process (Static) in most organisation, resulting in risk as the process is not continuous (dynamic) Computer security managers have the task to identify and evaluate these vulnerabilities according to their risk and threat to the network. One database which is known to contain identified vulnerabilities is the Common Vulnerabilities and Exposures (CVE), Common Vulnerabilities Scoring System (CVSS) on the other hand provides numeric scores to each vulnerabilities in the CVE database based on their characteristics and security impact. This assessment is on relevant work to check the various data collected on vulnerability and threat related to BYOD and conduct a vulnerability scoring exercise to report on possible scoring framework.