Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security

Published: July 29, 2016


Murugiah P. Souppaya, Karen A. Scarfone


For many organizations, their employees, contractors, business partners, vendors, and/or others use enterprise telework or remote access technologies to perform work from external locations. All components of these technologies, including organization-issued and bring your own device (BYOD) client devices, should be secured against expected threats as identified through threat models. This publication provides information on security considerations for several types of remote access solutions, and it makes recommendations for securing a variety of telework, remote access, and BYOD technologies. It also gives advice on creating related security policies. [Supersedes NIST SP 800-46 Rev. 1 (June 2009):]
Citation: Special Publication (NIST SP) - 800-46 Rev 2
Report Number:
800-46 Rev 2
Pub Type: NIST Pubs



bring your own device (BYOD), host security, information security, network security, remote access, telework
Created July 29, 2016, Updated November 10, 2018