BYOD Threats Mitigation Approach Using Elliptic Curve Cryptography

In the last decade, most of organizations have made it their priority to embrace digital technologies in running their services. Cyberspace has hugely dominated how organizations use electronics and the electromagnetic spectrum to store, manipulate, and exchange data via networked systems. Due to cyber space’s great dependence on informatics and telecommunications for almost every activity and service, it’s extremely catastrophic to ignore the growing phenomenon of cybercrimes and the increasing number of threats to citizens’ daily activities and also organizations’ systems. Organizations are faced by various modes of attacks but it is widely believed that the threat to enterprises from insider activities is increasing, getting worse and that significant losses are being incurred. Many people from executives to ICT administrators to partners, have access to sensitive data that if publicly exposed, could have significant ramifications to an organization’s business�or even its existence. Even the existence of some personnel can be at stake if the data is leaked. While many organizations focus their security efforts on their network border via excellently configured firewall and systems and Demilitarized Zones, it is with no doubt that it is insider who perhaps poses the most risk to cyber-security. To mitigate the above massive risks from insiders, organizations have as well abundantly embarked on the fence approach other than monitoring of the PDA’s that are already in use within the organization premises as a result of BYOD emerging policies. Organizations have also used normal encryption techniques, common sense approach not forgetting normal network monitoring which have proven to be futile. In this paper, we have proposed ECC based encryption and decryption algorithm and framework which are aimed at providing a near real time mitigation (Detection, Prevention and Response) solution. In our case, we target to protect that data on use such that if any insider purports to save data in his foreign device it will automatically be encrypted until he gets back to the authorized gadget. As well, we have a solution for the data that is in storage such that if any malicious insider decides to penetrate the storage locations or due to a configuration error the data will be inaccessible. Even though this approach proved to be effective, we realized that it is not possible to cure stupidity for there are those malicious users who will try all they can within their jurisdiction to compromise on security.