TSA Searches Phones and Laptops



Personal electronic devices are subject to searches by the TSA and CBP agents -travelers beware.  U.S. Agents may request full access to smart phones, tablets and laptops.  Special emphasis is placed on search history, text history, and social media (e.g., Facebook).  TSA/ CBP may temporarily confiscate the device, up to thirty days, or copy the contents of the entire disk for further investigation.

News about digital frisking is en vogue because of recent political events.  However, this specific policy has been in effect before 2011 -during both Bush and Obama administrations. (, 2008).  The less told story, however, is that data is at greatest risk when traveling to other countries.


It may come as a surprise to learn that most Western governments do not respect individual privacy rights -digital or otherwise.  For example, authorities at Paris Charles de Gaulle Airport are known to scan laptops (BBC, 1998).  Devices are also subject to search when traveling through Canada, Australia, or the U.K  -no warrants needed. (Hughes, 2014).  

Encryption to the rescue?  Encryption may protect your data but it's not fail-proof.  For starters, there are different types of encryption.  Some types of encryption are considered strong and nearly impossible to break.  However, encryption uses cryptographic algorithms that become obsolete within months or years.  Implementing secure encryption can be a complicated process.   

What's more, encryption may protect your data, but it will not stop a frustrated border patrol agent from taking your device or arresting you. (Hughes, 2014).

Why the Fuss?

There are two sides to every coin.  Governments have legitimate national security issues to contend with.  Digital search and seizure policies are a simple means to identify terrorists, child pornographers, and other criminal activity.

On the other hand, the majority of international travelers are not criminals.  At least in the U.S., and with exceptions, the right to privacy is a constitutional civil right.  There are legitimate reasons to keep trade secrets, health records, or financial information secret.

Data at Risk

Not all inspections are invasive.  Some agents may simply ask you to turn the device on.  Others may causally browse its contents.   However, there are situations that compromise data integrity:

  • If you provide a key code or password.
  • If the device is removed from your line of sight.
  • If the device is physically connected to another machine (e.g., scanned).
  • If the device connects to an agent's network (Ethernet or WiFi).
If a device is compromised it can no longer be trusted:

  • Your data is no longer confidential (e.g., pictures, credit cards, etc.)
  • Your data may have been altered or deleted.
  • The device may contain a viruses or malware.
  • All of your passwords may be compromised.
  • Your network accounts may be vulnerable (e.g., Exchange, VPN, RDP)


In most situations, digital searches by the TSA/ CBP are probably harmless.  However, it's prudent to take extra precautions when traveling outside the United States.


Prevent Rouge Access Points: Wireless IDS/ IPS

Wireless Threat Detection and Countermeasures:  Monitor and Protect Your Wireless Access Points.

Takeaway:  Automated countermeasures discover, attack, and disable rouge Wi-Fi devices! This article explores Wireless Access Controllers, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS).   These instructions explain how to enable countermeasures for Juniper Wireless Controllers (WLCs).  Cisco, Aruba, and other controllers offer similar mitigation.  

Problem:  Corporate networks are vulnerable to rouge wireless technology.  Wireless access points (WAPs), wireless routers, and wireless bridges can extend the corporate network and provide an insecure entry point.  Untrusted wireless technology risks data integrity and confidentiality.

Internal and External Rouge Wireless Threats.

Threats:  Internal threats include unapproved wireless devices that extends or bridges the corporate network.  For example, an employee may install a residential WiFi router to provide network access to their smartphone.  Their intent may not be malicious but it nonetheless exposes the network to compromise.

Hackers or wireless devices in proximity to corporate access points are external threats.  External threats can intercept and harm company data.  Additional threats can entirely disrupt wireless communication (Table 1).  

Enable Countermeasures:  The WLC includes countermeasures that attack rouge devices.  These countermeasures consist of packets that disrupt client communications to rouge devices.   Rouge devices are rendered useless once the WLA initiates an attack.  WLC countermeasures are disabled by default.  Enable countermeasures on all rouge devices:

LocalWLC#set radio-profile default countermeasures rogue
Alternately, enable countermeasures on all rouge and interfering devices:

LocalWLC#set radio-profile default countermeasures all

Enable ad-hoc countermeasures if desired:

LocalWLC#set rfdetect classification ad-hoc rogue 

Configure SSID list to whitelist existing SSIDs:

LocalWLC#set rfdetect ssid-list BIZ_SSID
Enable log messages to display on console:

LocalWLC#set rfdetect log enable
N.B., Interfering devices may include neighboring APs using the same radio channels.  The WLC includes RF Auto-Tuning that changes WLA channels as needed.  Consider rouge-only countermeasures when located near other businesses. 

Rouge Classifications:  The WLC identifies all nearby 802.11 wireless devices.  It uses a classification system to detect rouge devices: 

LocalWLC# sh rfdetect classification
Rule      Rules for RF Classification             Classification
----     ---------------------------              --------------
N      1. If AP in Rogue list ....................... ROGUE
N      2. If AP is part of Mobility Domain .......... MEMBER
N      3. If AP in Neighbor list .................... NEIGHBOR -------------------------------------------------------------------
Y      4. If AP is Masquerading our SSID ............ ROGUE
Y      5. Client or Client DST MAC seen in network .. ROGUE
Y      6. If AP is acting as an Ad-hoc device ....... SKIP-TEST -------------------------------------------------------------------
N      7. If SSID is in SSID list ................... NEIGHBOR -------------------------------------------------------------------
Y      8. Default Classification .................... SUSPECT

Rouge List:  The WLC attacks all devices in the Rouge list.  The WLA does not transmit client traffic while it attacks rouge devices.  WLAs can be provisioned in Sentry mode for dedicated scanning and attacking purposes.

Suspect List:  Devices in the Suspect list are considered potential Rouges.  The WLC does not attack suspect devices unless they become a threat.  In most circumstances, suspect devices are neighbor APs which have not been manually added to the Neighbor list.

Neighbor List:  The Neighbor list acts as a whitelist.  The WLC does not attack its neighbors.  Be a good Samaritan and add your neighbors' APs to the Neighbor list.  The Juniper WLC GUI makes identifying and adding neighbors a cinch.

Juniper WLC GUI:  RF Neighbors

 Countermeasures in Action:  What happens if an employee connects a wireless AP to the corporate network?  For this example, assume the switch access ports are not configured for 802.1X authentication or BPDU Guard.

1.  Employee discretely connects a Linksys wireless router to the network. 
Employee adds unapproved wireless access point to company network.

2.  The Linksys router connects to the company network and advertises its SSID:

3.  The Linksys SSID remains in the Suspect list as long as clients are not connected it.
4.  The employee connects their laptop to the Linksys SSID.  The WLC immediately identifies the Linksys AP as a rouge device:

ROGUE Sep 24 11:11:26.009242 NOTICE ROGUE_AP_ALERT: Client Mac 88:XX:XX:XX:XX:XX(Rogue AP Mac 00:XX:XX:XX:XX:XX) is seen on the wired network by Switch on port X vlan X tag 0. Detected by listener a8:XX:XX:XX:XX:XX(AP 1, radio 1), channel 6 with RSSI -55 SSID "linksys".
5.  The WLC begins its countermeasure attack:

ROGUE Sep 24 11:12:35.065652 NOTICE ROGUE_AP_ALERT: COUNTERMEASURES STARTED for Xmtr Mac 00:XX:XX:XX:XX:XX Performer Mac a8:XX:XX:XX:XX:XX SW-I Paddr AP 1 Radio 1 Channel 6
6.  Confirm countermeasures:

WLC# sh rfdetect countermeasures Total number of entries:1
          Type(Adhoc/Infra) Countermeasures                        Port/Radio
Rogue MAC         /Class    Radio Mac        RSSI MX IPaddr        /Channel ----------------- -------- ----------------- ---- --------------- ------------ 00:XX:XX:XX:XX:XX I/rogue  a8:XX:XX:XX:XX:XX -59       AP 1/1/6

WLC Detected a Rouge SSID
Conclusion:  Tests confirm wireless clients cannot connect to rouge SSIDs when WLC countermeasures are enabled.  Interestingly, the WLC countermeasures are similar to those available on some WiFi hacking tools.  These countermeasures compliment existing mitigation strategies;  Enterprise WPA2, 802.1X authentication;  BYOD Policy, client and server certificate authentication; disabling client auto-connect; Windows IPSec, etc... 

Table 1. Wireless Threats and Mitigation.
Type of Attack

RF Jamming
DoS - Flooding
Overwhelms WLAN with high-power noise.
WLA detects excessive interference on a channel.  WLC Auto-Tuning changes the radio to a different channel.

De-authenticate frames
DoS Precursor to Identity Spoofing
Basis for man-in-the-middle attacks.  Spoofing changes source MAC so frames appear to come from a legitimate AP.

WLA checks packets for the source MAC address. 

Broadcast De-authenticate Frames
DoS Precursor to Identity Spoofing
Spoofs de-authenticate frames to disconnect all clients attached to an AP.
WLA checks for de-authenticate broadcast frames.

Disassociation frames
DoS Precursor to Identity Spoofing
Disassociation frames from an AP instructs clients to end their association to AP.

WLA checks for  disassociation frames

Null probe response
Rogue devices send probe response with null SSID.  NICs can lock up upon null probe responses.

WLA checks for Null probe responses.

Decrypt Errors
 Identity Spoofing
Rogue device pretends to be a legitimate device by spoofing the MAC address.
WLA checks for excessive number of decrypt errors.  This indicates multiple clients are using the same MAC address.

Fake APs
Rouge device sends beacon frames for excessive SSIDs or BSSIDs.  Clients cannot connect to valid Aps.

WLA check for excessive beacon frames.

Fake SSIDs
 Identity Spoofing -MITM
Rouge device pretends to be a legitimate SSID in your network.  Clients associate with rouge SSID.

WLA checks for APs masquerading as company SSID.

Spoofed WAPs
 Identity Spoofing -MITM
Rouge device pretends to be legitimate AP by changing its MAC source address.
WLC detects spoofed AP attacks based on AP fingerprint.  WLA signatures must be enabled to detect AP spoofing.

Netstumbler and Wellenreiter
Hacker applications gather information about APs, location, manufacturer, and encryption.

WLC syslog warnings identify Netstumbler and Wellenreiter.

Wireless Bridge
Identity Spoofing
Extends network to personal or rouge devices.
 WLA identifies internal wireless bridges.

Ad-Hoc Networks
Identity Spoofing
Client Wireless NICs extend network to personal or rouge devices.

 WLA identifies internal Ad-Hoc Networks.

Weak WEP Keys
Brute Force Vulnerability
Network systems vulnerable to attacks.
WLC syslog warnings identify clients using weak WEP. 

 Note:  IDS console messaging and SNMP alerts are additional mitigation features.  WLAs are configured to actively scan for threats (i.e. Active Scan) by default.

Table 2.  Rouge Determination

Wireless AP, bridge, or ad-hoc Network

Does the device have a known MAC address from the wired network?

Does the destination header contain a known MAC from the wire network?

Does the SSID belong to the SSID list?

Is the device use a Juniper transmitter?

Does the client or AP MAC address on the blacklist?

Does the client or AP MAC address belong to the Rouge list?

Does the client or AP MAC address belong to the Neighbor list?

References:  Juniper Mobility System  Software Configuration Guide

Company Travel Policy Outline

Executive Summary:  Companies of all sizes benefit from a well designed International and Domestic Travel (IDT) security policy.  This article helps to outline corporate travel strategy and protect company data from compromise.

Travel threats and vulnerabilities.
Public Charging Station at
Mayfair Mall, Milwaukee, WI
 Working remotely requires special precautions.  Smartphones, tablets, and laptops are at high risk of compromise whenever they connect to untrusted networks.  The likelihood of compromises from malware and hackers is greatest when traveling.  Designing a company travel policy helps mitigate many of these risks.

Target Audience:  Network Administrators and IT Managers responsible for securing network resources. 

  1. Network administrators configure all managed laptops.
  2. Minimum precautions are short-term strategies that can be immediately implemented.
  3. Advanced precautions are long-term recommendations that require additional planning.  For example, multi-factor authentication (MFA) is a development process.
Minimum Precautions:

1.     Personal Devices.  Staff are discouraged from using personal devices to connect to corporate resources when traveling.  Do not store sensitive company data on personal devices.

2.    Managed Laptops.  Specially configured corporate laptops and tablets are available for travel.  These devices are configured according to IDT policy guidelines.  Additionally, store all sensitive data on corporate servers whenever possible.

3.    Encryption.  Encryption protects corporate data when devices are not in close proximity.  Managed resources require self-encrypting drives (SEDs) or Microsoft BitLocker; configured with a minimum AES 256-bit hardware encryption.   Laptops and tablets must use Trusted Platform Modules (TPMs) to secure cryptographic keys.   

4.   Windows Firewall Configuration.  Third party networks are not secure mediums.  Untrusted physical Ethernet or Wi-Fi hotspots risks the integrity and confidentiality of corporate data.

Client firewalls must be configured with two basic rules:  (a) permit outbound secure tunnel to connect with a corporate virtual private network (VPN) or remote desktop (RDP) gateway; and (b) deny all other inbound and outbound traffic.

5.    Internet and Remote Access.  Secure Socket Tunnel Protocol (SSTP) VPN or Secure RDP communication is mandatory for all external communications.   All network traffic, including WWW and Email, forwards through secure TLS tunnels.  This process ensures data integrity and confidentiality.  N.B., Do not ignore certificate warnings!

Additionally, SSTP and RDP uses TLS over TCP port 443 which passes through virtually all firewalls and proxy servers.  In other words, this solution should work at hotels and coffee shops throughout the world.
Advanced Precautions:

1.     Preferred Travel Network:  MiFi.  MiFi is a portable broadband router that extends 4G and 3G mobile broadband Internet to laptops, tablets, and smartphones.  MiFi is the preferred Internet service when traveling because it reduces risk of man-in-the-middle attacks (MITM).

a.    MITM attacks are less likely to occur on MiFi networks because hackers require expensive (e.g.. ten thousand dollars) base transceiver stations (BTS) to impersonate telecom wireless networks.  However, costly BTS equipment does not deter professional criminals nor foreign government espionage.  

b.    MiFi Password.  Change the default MiFi password to a randomly generated complex password.

c.    Mifi WAN Mitigation.  Protect WAN communication so that the MiFi router configuration is set to automatically connect to an external IPSec VPN.  Edit the MiFi firewall to only permit external traffic between itself and the corporate VPN server.

d.    MiFi LAN Mitigation.  Local devices should connect to the MiFi router via Ethernet or USB cables whenever possible.  Physical connections from local devices to the MiFi are secure mediums; whereas the internal MiFi wireless access point (WAP) uses vulnerable wireless encryption protocols (e.g., WEP, WPA, and WPA2).  

 Enterprise WPA2 is considered secure wireless protocol, however it requires RADIUS authentication.  WPA2 (i.e., non-Enterprise) can also be used as long as its password is configured with maximum complexity.  Consider changing the WPA2 password at regular intervals to discourage brute-force attacks.

e.    Domestic and International MiFi: Domestic MiFi service is available throughout the United States from AT&T, Sprint, and Verizon.  Monthly service is between $50 to $100 per month.

 XCOM Global provides international MiFi in over 175 countries.  XCOM service costs $395 per month and provides access from all serviceable countries.  Verizon also offers international phone and data coverage.    Their Global Travel program recommends equipment and provides service plans based on destination.

2.    Travel Firewall:  The travel firewall is for situations when MiFi is unavailable.  It protects smart devices and laptops that connect to untrusted networks.   The travel firewall has three functions:  (a) It connects to an external LAN (e.g., hotel Ethernet wall plate) or wireless LAN; (b) it automatically establishes an IPSEC VPN; and (c) it only permits VPN traffic to local devices (i.e., managed laptops).   Travel routers have similar vulnerabilities as MiFi routers.  Windows firewall and SSTP VPNs, further reinforce device security.

Recommended travel firewall:  

Tiny Hardware Firewall (THF) offers portable firewalls that are ideal for remote workers.  THF offers multiple models, all of which are highly portable (i.e., tiny) and are battery and USB powered.  The connection process is very user friendly because of its "bare-bones" GUI.  These firewalls require a public facing OpenVPN server.

3.    Multi-factor authentication.  Multi-factor authentication (MFA) protects against malware, key-loggers, and MITM attacks.  Local logons and network communications (i.e., RDP and SSTP VPNs) are more secure with MFA because corporate systems require at least two separate types of authentication.  If thieves intercept a user password in transit (e.g., Wi-Fi) the authentication integrity remains secure.   

MFA hardens the authentication process, however compromised systems may be vulnerable to NTLM harvesting attacks.  Essentially, Windows stores a password hash for all its user accounts; this includes MFA tokens.  In certain situations, thieves can collect this password hash and use it to access corporate systems (i.e., pass-the-hash). 

4.    Application whitelisting.   AppLocker uses an application whitelist to prevent the execution of unwanted and unknown applications -including malware.  AppLocker is only available on Microsoft Windows 7 Enterprise, and Windows 8.1 Enterprise editions.   

5.    Certificate Pinning.  Microsoft's Enhanced Mitigation Experience Toolkit (EMET) uses SSL certificate pinning to defend against MITM.  Certificate pinning validates the authenticity of VPN and RDP servers by verifying certificate thumbprints.

6.    Secure DNS.  Harden client DNS resources to prevent DNS poisoning and spoofing.  Remote client traffic can be redirected if public facing DNS servers are compromised or impersonated.  It's essential that client traffic only traverses the corporate VPN.  Securing DNS mitigates risk from DNS related threats.

Use a Name Resolution Policy Table (NRPT) policy or edit client host files to prevent changes for all corporate fully qualified domain names (FQDNs).  Consider implementing DNSSec (i.e., DNS integrity checks) to further protect domain integrity.

7.    Persistent States.  Operating systems that boot from read-only media protects clients from compromise.  Examples of read-only media includes CDs or USB flash drives with hardware write protection.  Persistent state clients are less vulnerable to malware because changes are never saved.  Persistent states also prevent hackers from obtaining domain-based password hashes from the local Security Account Manager (SAM).   N.B., This assumes domain credentials were not used to create the original system state.

ZuessGard is an example of a Linux distributions designed "to eliminate malware-borne corporate account takeover attack vectors".  ZuessGard is sold as a bootable read-only USB flash drive which sells for $25 per device. 

Windows may be more appropriate that Linux for corporate solution.  TechNet explains how to create a bootable Windows 7 steady state from a differencing VHD disk.  This solution can boot from USB and should work with Windows 8.

8.    Windows to Go.  Windows 8.1 Enterprise includes a portable operating system called Windows to Go.  This is a fully managed operating system that can be run from any PC or laptop.  This provides employees with an encrypted,  local workstation using to work from their personal devices, and provides them local access to Corporate resources; and provides a secure environment.

Smart Phone Precautions:

Corporate Travel Policy Template
•    Treat smart phones as a computers.
•    Avoid using public Wi-Fi.
•    Disable Wi-Fi, Bluetooth, and GPS when not in use.
•    Public USB charging stations are not safe –they can install malware.    
•    Be wary of text messages from unknown sources– they can install malware.
•    Do not jailbreak or root smart phones.
•    Enforce VPNs. 
•    Manage and enforce a strategic Smart Device Policy.
•    Use the same precautions per domestic recommendations.
•    Remove the smart phone battery when not in use.  Foreign governments and criminals can track your movements using your smart phone.
•    Smart phones are not as secure as managed computers.  Consider using a non-smart phone for all voice communications.  
•    If smart phones are necessary, consider using a phone that is FIPS 140-2 certified.  The phone should be treated as a computer – use encryption, VPN, etc…
•    Consider secure VOIP and IM app (e.g., Microsoft Lync) that only connects to corporate servers.
•    Verizon’s Global Travel program recommends equipment and provides service plans based on destination. 

All electronic communication can be intercepted.  Wireless devices are especially vulnerable. Hotel business centers and phone networks are regularly monitored.  Do not use public computers to connect to any company resources.  Assume all shared computers have key loggers or other malware that collect account credentials.  In some countries, hotel rooms are regularly searched. Corporate and government officials are most at risk, but don’t assume you’re too insignificant to be targeted.
Foreign security services and criminals are adept at “phishing” – that is, pretending to be someone you trust in order to obtain personal or sensitive information.

Store any hardware tokens, battery and subscriber identity module (SIM) card in a separate location from the mobile device.  If traveling in a high-threat location, you must assume that hotel rooms have been selected to facilitate electronic or visual monitoring.

Related Websites:

Assessment Model of BYOD: Adoption of Personal Devices at the Workplace

Brief History of Mobile Technology; BYOD Methodology

by Steven Jordan, on December 16th 2013.

Chapter II:  Literature Review

     BYOD refers to personal devices that connect to corporate networks.  BYOD may risk concomitant threats to vulnerable corporate systems.  BYOD policy is a network strategy that manages employees’ personal devices.  Companies without BYOD policy may be unprepared as employees overwhelm network resources with smart phones, tablets, and laptops.

          This literature review contributes to the adoption process of BYOD policy.  The adoption process is an initiation phase that consists of “gathering information, outlining and planning” (Bouman, et al., 2005).  Managers and network administrators may use it as reference to support decisions on whether to implement, or reject BYOD policy.

     This literature review explores the state of BYOD technology in three areas:  (a) historical influences of workplace technologies; (b) qualitative risk and benefit analysis for personal technology at the workplace; and (c) exploration on the selection of BYOD methodology.

This literature review explores the origins of BYOD in chronological order, and is defined by four significant events: (a) Moore’s Law, as it relates to workplace technology; (b) Moore’s Law for Power Consumption; (c) Koomey’s Law, as it relates to mobile efficiency; and (d) Grove’s Law, as it relates to bandwidth controls.

     Moore’s Law.  Gordon Moore established the Intel Corporation in 1968 (Intel, 2013).  Moore’s Law is based on his prediction that states, “The number of transistors incorporated in a chip will approximately double every 24 months” (Intel, 2013).  More’s Law is specific to chip complexity, but it is an approximation for all components within a computer system (Koomey, Berard, & Sanchez, 2011, p. 47).  Perpetual innovation of computer systems has changed the way people work.

     Moore’s Law has influenced corporate computing for nearly a half century.  The first punch card tabulator was invented in the late 1880s and was used to automate U.S. census data (Carr, 2008, p. 45).  Punch cards were common by the 1930s (Carr, 2008, p. 47).  In the 1970s employees worked with terminals and datacenter mainframes (Carr, 2008, p. 52).  In the 1980s employees transitioned to desktop PCs (Carr, 2008, p. 55).  Modern workstations have become standard office technology.

      Moore’s law for power consumption.  The popularity of the workstation has created an imbalance between consumption and efficiency.  Workstations use an average 25% of their processing potential; storage capacities average under 50% utilization (Carr, 2008, p. 56).  Electricity is wasted when resources remain idle.  The workstation model is inefficient because it wastes scarce resources.

     Wu-Chen Feng introduced, “Moore’s law for power consumption – that is, the power consumption of computer nodes doubles every 18 months” (Feng, 2003).  Each generation of computer chips consumes more energy and generates more heat (Carr, 2008, p. 57).  Heat reduces computer component reliability as failure rates double with every 18°F increase in temperature (Koomey, Berard, & Sanchez, 2011, p. 49) (Feng, 2003).  Heat is especially harmful to lithium-ion powered gadgets (i.e., smartphones) (Herman, 2011).  Heat causes the average smart phone to lose 35% of its battery capacity per year (Herman, 2011).

     Moore’s law for power consumption presents an obstacle to mobile computing: (a) computers have an insatiable appetite for power consumption; and (b) heat has a negative impact on mobile efficiency.  The amount of energy required to operate PCs does not scale for mobile computing.  As a result, demand for power exceeds the available supply.  Functional scalability for mobile devices requires innovations in efficiency.

     Koomey’s Law.  Consumption and efficiency are important distinctions.  Koomey’s Law states that electrical efficiency of computations “doubled about every 1.5 years (Koomey, Berard, & Sanchez, 2011, p. 52).  Alternatively, the ratio of power per computation decreases 50% every 1.5 years (Koomey, Berard, & Sanchez, 2011, p. 52).  Koomey’s Law outlines two potential outcomes in regard to computational innovation:  (a) computational capability increases with no change in power consumption; or (b) no change in computational capability with decreases of power consumption.

     Simultaneous increases for power consumption and efficiency are ostensibly at odds. Both models scale well because each variance has different implications.  Consumption is insignificant for workstations because electric outlets supply power.  Efficiency gains are never realized while workstations consume power as their resources remain idle.  On the other hand, mobile devices are battery operated.  Efficiency benefits mobile devices because of their limited supply of power.  Efficiency gains are revolutionary for battery powered mobile devices (Koomey, Berard, & Sanchez, 2011, p. 50).  For example, assume a smart phone manufactured in 2013 will operate for 10 hours.  According to Koomey’s Law, a smart phone manufactured in 2016, with a similar CPU, will operate for 20 hours. Smart devices are available because of efficiency innovations.

     Grove’s Law.  Mobile devices require efficient power to operate.  Mobile devices also require sufficient bandwidth to be useful.  Grove’s Law says, “Telecommunications bandwidth doubles only every century” (Carr, 2008, p. 58).  Claude Shannon’s Information Theory developed the concept of bandwidth.  Shannon’s information formula calculates the maximum rate that data can be sent without error (Hardesty, 2010).

     Shannon’s Information Theory was developed in 1948 (Shannon, 1948).  It took nearly a half a century until large volumes of information (i.e., bandwidth) could be transferred over long distances.   Communication infrastructure was built upon copper cables (Carr, 2008, p. 57).  Data travels across copper cables in the form of alternating current.  Sign waves graph the positive and negative oscilations associated with alternting current (Odom, 2006, p.170).  Freaquency is a sign wave measurement that counts the number of contiguous oscilation cycles per second (i.e. alternating currnet) (Odom, 2006, p.22).  For example, 3400 cycles per second, indicates a frequency of 3400 Hetrz (Hz).  Incidentally, analog traffic uses the frequency range of 300 to 3400 Hz (Cisco, 2012).  The 3400 Hz frequency correlates with the 33.6 Kilobits per second (Kbps) analog modem; and demonstrates bandwidth is proportionate to frequency.  Copper cable restricted most commercial data transmission to the 300 to 3400 Hz frequency range until the 1990s (Cisco, 2012).

     Modern telecommunication infrastructure has “repealed Grove’s Law” (Carr, 2008, p. 60).  Internet fueled growth provides an abundance of fiber optic cable throughout the country (Carr, 2008, p. 59).  Fiber optic cable is an alternative to copper cable for data transport.  Copper cables use alternating currents to transport data.  Fiber optic cables use pulses of light to transport binary (i.e., digital) data (Odem, 2006, p. 149).

     Fiber optic cables differ from copper cables because they operate at higher frequencies (i.e.,  higher bandwidth capacity).  Long-haul copper cables have a maximum frequency of 100 MHz per km (Gambling, 2000, p. 1091). The bandwidth of long-haul copper cable is nearly 10 Megabits per second (Mbps).  Until 1992, fiber optic cables had a maximum frequency of 1000 GHz per km (Gambling, 2000, p. 1089).  The bandwidth of long-haul fiber optic cable is nearly 20 Gigabits per second (Gbps).  There is a 10,000 improvement factor from the introduction of fiber optic cable.  The invention of the erbium fiber amplifier (EDFA) in 1987, significantly increased existing fiber optic bandwidth capacity (Gambling, 2000, p. 1089).  Fiber optic cables, when amplified with EDFA, has a frequency of 5000 GHz per km.  Information pulses at 100 Gbps “over 1,000,000 km with zero error” (Gambling, 2000, p. 1089).

     Grove’s Law transcends bandwidth innovation from cables to the airwaves.  Copper and fiber optics transmit data using electrons and light (Odem, 2006, p. 152).  Wireless media uses complex analog radio waves to transmit data (Odem, 2006, p. 153).  Wireless frequencies encompass a wide scope of services: (a) LANs, (b) metropolitan-area networks (MANs), and (c) wide-area networks (WANs) (Froom, Sivaasubramanian, & Frahim, 2010, p. 425).

     Wireless LAN, MAN, and WAN services operate within the 2.4 GHz to 5 GHz range (Froom, et al., 2010, p. 424).  Wireless network technology was first introduced to the public in 2001 (Standage, 2004).  The Institute of Electrical and Electronic Engineers (IEEE) publish standards that outline wireless technologies (Table 1) (IEEE, 2013).  IEEE standards document substantial increases of wireless bandwidth.  The broadband revolution has begun to take shape and current designs favor mobility.

Risk-Benefit Comparison

     The literature review examines two potential effects of BYOD on an organization:  (a) advantages, and (b) disadvantages.

     Advantages.  ICT departments can be viewed as an institutional process that contributes value to organizations (Brynjolfsson, 2003).  The Alcohol and Tobacco Tax and Trade Bureau (TTB) reduced costs and increased security with their remote access thin client solution (Hughes, 2012).  The TTB policy prevents employees from storing sensitive data on personal property (Hughes, 2012).  TBB’s remote terminal solution reduced legal and compliance complexities (Hughes, 2012).

     Quantifying the value of ICT (e.g., BYOD) is difficult, but not impossible (Brynjolfsson, 2003).  Colgate-Palmolive estimates their BYOD policy saved over $1 million per year by eliminating BlackBerry corporate licenses (Hof, 2011, p. 2).  The savings were realized after BYOD policy allowed personal devices access to corporate email (Hof, 2011, p. 1).

     Organizations can also benefit from with returns on productivity and competitiveness (Brynjolfsson, 2003).  For example, Hyundai incorporates smart phones as part of their manufacturing process (BusinessKorea, 2013).  Workers share multimedia message service (MMS) text messages when defects are discovered on the production line (BusinessKorea, 2013).  Hyundai’s smartphone innovation increased overall production output (BusinessKorea, 2013).

     Disadvantages.  Wireless access points with weak encryption can expose organizations to external hacking attempts (Cisco, 2010, p. 180).  Risk is also introduced when an employee unknowingly connects a compromised device to the corporate network.  Smart devices can introduce malware that targets network equipment and servers (Donohue & Stewart, 2010).

     There was a 155% increase in mobile malware across all smartphone platforms from 2010 to 2011 (Juniper, 2012, p. 6).  There was an additional 614% increase in mobile malware from 2012 to 2013 (Juniper, 2013, p. 15).  Similarly, organizations are at risk when employees copy sensitive corporate data to their personal devices (Juniper, 2013, p. 18).  Statistics based on remote management applications indicate that 17% of mobile devices are lost or stolen on an annual basis (Juniper, 2013, p. 18).

     There are circumstances when BYOD policy exposes the privacy of its employees (Barnes, 2013).  Employees may unknowingly provide their employers with administrative control of personal devices (Barnes, 2013).  Employers gain control when employees use their personal devices to check corporate email (Barnes, 2013).  In theory, employers can read private emails (e.g., Gmail) and view personal pictures (Barnes, 2013).  Furthermore, employers have the ability to remotely wipe any smartphone that synchronizes with corporate email services (Juniper, 2013, p. 18).  There are inherent risks for both employers and employees.

Methodology Models

     Methodology provides the processes, assessments, and analysis necessary to determine if technology management facilitates company goals.  The literature review examines three ICT principles of (a) innovation diffusion, (b) general risk management, and (c) organizational design.

     ICT Diffusion. ICT is the science of organizations and technology.  ICT research explores the dissemination of innovations throughout the workplace.  The employee practice of BYOD is innovative because it changes the way people work.  Each step of the diffusion process is identified and documented.  There are four steps to innovation diffusion:

1. The adoption process identifies the need for innovation or change (Bouman, et al., 2005, p. 58).  Adoption includes information gathering and team building.

2. The implementation process puts a plan into action.  The broad approach identifies the whole diffusion process, adoption through effects, as a single implementation process (Bouman, et al., 2005, p. 92).

3. The users process identifies stakeholders.  Users can include individuals, groups, and organizations (Bouman, et al., 2005, p. 94).   For example, individuals use personal devices, and the organization uses BYOD policy.

4. The effects process examines the complete diffusion process.  Analysis provides aggregated results based on process observations.  Results can be expressed as qualitative generalizations or quantitative statistics (Bouman, et al., 2005, p. 117).
General Risk Management.  Network risk management is a loss control process.  Risk management is designed to assist decision makers:

1. Identify company assets (White, 2011, pp. 482).  Assets are company resources that are vulnerable from threats (White, 2011, p. 482).

2. Identify network threats (White, 2011, p. 482).  Threats are anything that causes harm to a company asset (White, 2011, p. 482).  NIST publishes a comprehensive list of threat events (NIST, 2012).

3. Identify system vulnerabilities (White, 2011, p. 482).  Vulnerabilities, are root conditions that exposes assets to harm (White, 2011, p. 482).  NIST publishes a comprehensive list of vulnerabilities (NIST, 2012).

4. Estimate the likelihood of an exploit (White, 2011, p. 482).  Likelihood estimates the probability that a threat will exploit a vulnerability (i.e., compromise the production servers) (White, 2011, p. 483).  Likelihood is determined with a risk assessment matrix.

5. Estimate the impact from a harmful event (White, 2011, p. 483).  Impact estimates the loss experienced from a vulnerability that is exploited by a threat (White, 2011, p. 483).  NIST publishes a comprehensive list of adverse impacts (NIST, 2012).

6. Estimate risk through a qualitative risk management matrix.

     Risk is estimated by multiplying vulnerability, impact, and likelihood:  R = V x I x L (Brock, 1999).  The assessment formula is calculated with the risk assessment matrix (Table 2).  The assessment team determines the risk matrix likelihood values.  Choosing the likelihood values requires majority quorum.  The assessment team assigns one risk value to each vulnerability: (a) high risk, (b) medium risk, (c) or low risk.

Organizational Design.

     The Star Model for Decision Making is an organizational design.  The Star Model outlines the problem in common language, forces designs based on long-term goals, and provides decision makers a series of understandable choices (Kates & Gakbraith, 2007, p. 2).  The approach begins by identifying the strategic goal.  Proceeding steps outline the goal’s structure, processes, incentives, and people.  The Star Model asks five main questions:  (a) What is being done?  (b) Who is doing it?  (c) Why are they doing it? (d) How are they doing it?  And, (d) should it be done? (Figure 1)  (Malone, Laubacher, & Dellarocas, 2010).

Figure 1.  Star Methodology outline.

     This literature review concludes organizations will benefit from a network risk assessment process.  The recommendation is based on (a) the historical developments in technology; (b) examination of potential benefits and risks; and (c) BYOD methodology processes.

     History.  The use of personal technology in the workplace is a modern phenomenon.  Personal devices are possible because of recent innovations of power efficiencies and bandwidth.  BYOD is prevalent as a results from technology influencing use.

Benefits and risks.  Mobile personal devices are common tools.  Analysis indicates that organizations can benefit from financial, efficiency, and productivity gains.  On the other hand, personal devices can introduce threats to vulnerable system resources.

Methodology Processes.  There are various methodology processes that can assist organizations assess the potential benefits and risks introduced from mobile personal devices.

Chapter III:  Methodology

     The infrastructure goal states that production servers must be available to customers. The network has a successful record for continuous operations.  To date, customers have not experienced major disruptions of services.  Previous successes may be attributed to the collective knowledge and experience of the organization's ICT staff.  In any case, conjectural mitigation is not a prudent strategy.  New security controls are required because employees connect their personal devices to the company network.  Consequently, network threats may manifest as smart devices connect to the corporate network.

     The organization employs a sophisticated network but its mitigation resources are mostly undocumented.  Existing network security processes are unproven propositions because they are based on incomplete information.  Unfounded assumptions, “can lead to broken, misconfigured, or bypassed security mechanisms” (Cisco Press, 2010).  An effective network assessment allows companies to make informed decisions.

Methodology Overview

     This study seeks to align the use of employee personal technology with business strategy.  Methodology provides the processes, assessments, and analysis necessary to determine if technology management facilitates company goals.  It proposes a synthesized methodology, the ICT Risk Assessment Model (IRAM) which provides an in-depth understanding of BYOD policy through a process of systematic planning.  The IRAM model is based on three ICT principles of (a) innovation diffusion, (b) general risk management, and (c) organizational design (Figure 2).  Each principle uniquely contributes to the IRAM methodology goal.  Innovation diffusion provides IRAM with a framework through four diffusion phases.  Risk management identifies risk conditions and uses a qualitative assessment for evaluation.  Organizational design introduces a logical and straightforward interpretation.  Decision makers will benefit from a pithy interpretation.  


ICT Diffusion

     Innovation diffusion is the first phase of the IRAM methodology process.    Each step of the innovation diffusion process, (i.e., adoption, implementation, use, and effects) is documented:

1. This study identifies BYOD policy as the candidate for change within the organization.  Team participants will include those most familiar with network operations; system administrators and management.

2. This study uses a narrow interpretation of implementation and emphasizes the design and development.  The focal point for this implementation phase centers on the risk management assessment.

3. This study identifies users as stakeholders.

4. This study takes a narrow interpretation of effects and defers specific analysis to the IRAM organizational design process.  The completed analysis will determine if BYOD policy aligns with company goals.

Risk Management

     Risk management is the second phase of the IRAM methodology process.  Data attributes are identified and applied to the risk assessment.  Likelihood and impact are calculated by proxy of risk assessment:

1. This study identifies the production servers as the primary assets.

2. This study uses a broad interpretation of threats, and identifies four potential events: (a) changing data, (b) deleting data, (c) stealing data, and (d) disruption of services.  Future research may include a narrow scope for threat identification:  For example, viruses, Trojan Horses, worms, and Denial of Service (DoS) attacks.

3. This study uses a broad interpretation of vulnerabilities, and identifies four potential conditions:  (a) infrastructure design, (b) applications, (c) operations, and (d) people.  Future research may include a narrow scope of vulnerabilities:  For example, firewalls, custom macros, policies and procedures, and accidents.

4. Likelihood is expressed in qualitative format during the risk assessment.

5. This study uses a broad interpretation of impact and identifies three potential conditions:  (a) data confidentiality, (b) data integrity, and (c) data availability.  Future research may include a narrow scope of impact:  financial losses, customer losses, etc…

6. The Network assessment team identifies risk using the risk assessment matrix (Table 2).

Organizational Design

     The Star Model for Decision Making encapsulates IRAM methodology within a simple framework.  Star Model questions are framed according to the project scope.  The results formalize the IRAM methodology into two formats: (a) pithy report, and (b) tabular reference (Table 3).

IRAM Methodology

1. What is the goal?  Data integrity, confidently, and reliability are at risk from the combination of vulnerabilities and threats.  The goal is to reduce or prevent the likelihood of production server exploitations.  The IRAM goal aligns with the adoption process of diffusion because an innovation has been identified.

2. Who is at risk?  The organization stakeholders are at risk from vulnerabilities and threats.  The stakeholders are the production processes, data, and systems.  Stakeholders are participants in the usage process of diffusion.

3. Why are the production systems at risk?  Production servers are vulnerable from a wide scope of interactions with infrastructure, applications, operations, and people.  Vulnerabilities are risk conditions that source from the implementation process of diffusion.

4. How are the production servers at risk?  Circumstances and events can harm production servers with threats of data changes, data theft, data disruption, and data destruction.  Threats are closely related to vulnerabilities, and both components align with the implementation phase of the diffusion process.

5. Should the risk be mitigated?  The IRAM risk assessment matrix estimates the effects and likelihood for vulnerabilities.  Network operators will use the assessment to determine whether controls are needed to mitigate the potential impact from risks.  Risk assessments align with the diffusion process of effects.

Data Analysis

Decision makers can use the IRAM methodology process to help determine if BYOD is appropriate for their organization.  System areas that denote high risk require mitigation.  Medium risk deserves substantial consideration.  Mitigation may be optional for low risk areas.

     This study recommends a detailed qualitative mitigation assessment for systems that require mitigation.  Qualitative mitigation assessments assign monetary values for assets (i.e., production servers) and mitigation processes (i.e., firewalls, anti-virus software, etc…). Ultimately, organizations must decide if the benefits of BYOD is worth the potential risks.


Barnes, N. M. (2013, September 26). BYOD: balancing employee privacy concerns against employer security needs. Retrieved from Association of Corporate Counsel:
Bouwman, H., Dijk, J. van, Hooff, B. van den, and Wijngaert, L. van de (2005). Information & Communication Technology in Organizations. London:  SAGE Publications.
Brynjolfsson, E. (2003, July). The IT Productivity Gap. Optimize Magazine (21). Retrieved from
BusinessKorea. (2013, November 22). Reason for Increasing Recalls. Seoul, Korea. Retrieved from
Carr, N. (2008). The Big Switch. New York: W. W. Norton & Company, Inc.
Chen, B. X. (2013, May 1st). Cellphone Thefts Grow, but the Industry Looks the Other Way. New York Times, p. A1. Retrieved from
Cisco. (2010). 6.4.3 Wireless Security Solutions. In Cisco, CCNA Security Course Booklet (p. 180). Indianapolis, IN: Cisco Press.
Cisco. (2012). BYOD and Virtualization Survey Report. Indianapolis: Cisco IBSG. Retrieved from
Cisco. (2012, October 16). Digital Subscriber Lines. Retrieved from Cisco Systems, Inc.:
Craig-Wood, K. (2012, April 26). Energy-efficient cloud computing: Jevons Paradox vs. Moore’s Law. Retrieved from Mesmet Blog:
Donohue, D., & Stewart, B. (2010). Campus Network Security. In CCNP Routing and Switching Quick Reference (p. 191). Indianapolis, IN.: Cisco Press.
Feng, W.-c. (2003, October 1). Making a Case for Efficient Supercomputing. Queue - Power Management, 1(7), p. 54. doi:
File, T. (2013). Computer and Internet Use in the United States. Washington DC: U.S. Census P20-569. Retrieved from
Fortinet. (2013, October). Fortinet Internet Security Census 2013. Retrieved from
Froom, R., Sivaasubramanian, B., & Frahim, E. (2010). Implementing Cisco IP Switched Networks (SWITCH). Indianapolis: Cisco Press.
Gambling, W. A. (2000, Nov-Dec). The Rise and Rise of Optical Fibers. IEEE Journal on Selected Topics in Quantum Electronics, 6(6), 1077-1093. doi: 10.1109/2944.902157
Glanz, J. (2012, September 22). The Cloud Factories: Power, Pollution and the Internet. Retrieved from The New York Times:
Hardesty, L. (2010, January 19). Explained: The Shannon limit. Retrieved from Massachusetts Institute of Technology News:
Herman, J. (2011, September 21). Why is My Phone So Hot? Popular Mechanics. Retrieved from
Hof, R. (2011, August 15). Bring Your Own Device. Retrieved from MIT Technology Review:
Hughes, R. (2012, August 13). Allowing Bring Your Own Device with Minimal Policy or Legal Implications. Retrieved from The White House:
IEEE. (2013, December). IEEE Std 802.11. Retrieved from IEEE Standards Association:
Intel. (2013, October 5). More's Law and Intel Innovation. Retrieved from Intel:
Juniper Networks. (2012, February). 2011 Mobile Threats Report. Retrieved from Juniper Networks:
Juniper Networks. (2013). Juniper Networks Third Annual Mobile Threats Report. Retrieved from Juniper Networks:
Koomey, J. (2011, February 13). A fascinating encounter with advocates of large rebound effects. Retrieved from Jonathan G. Koomey, PHD.:
Koomey, J., Berard, S., & Sanchez, M. (2011, July-September). Implications of Historical Trends in the Electrical Efficiency of Computing. 33(3), pp. 46-53. doi:
Odom, W. (2006). Networking Basics. Indianapolis: Cisco Press.
Owen, D. (2010, December 20). Annals of Environmentalism the Efficiency Dilemma. The New Yorker, 78-79. Retrieved from
Pew Internet. (2013, October 18). Pew Internet and American Life Project. Retrieved from Tablet and E-reader Ownership Update:
Shannon, C. E. (1948, July, October). A Mathematical Theory of Communication. The Bell System Technical Journal, 27, 379-423, 623-656. Retrieved from
Standage, T. (2004, June 12). A brief history of Wi-Fi. The Economist. Retrieved from
Troianovski, A. (2012, April 3). Optical Delusion? Fiber Booms Again, Despite Bust. Retrieved from The Wall Street Journal:
White, G. (2011). Security+ Certification. In G. White, Security+ Certification (pp. 477-4994). Emeryville: McGraw-Hill.