U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)

Published

Author(s)

Gema E. Howell, Kaitlin R. Boeckl, Naomi B. Lefkovitz, Ellen M. Nadeau, Joshua M. Franklin, Behnam Shariati, Jason Ajmo, Christopher J. Brown, Spike E. Dog, Frank Javar, Michael Peck, Kenneth F. Sandlin

Abstract

Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. Securing these devices is essential to the continuity of business operations. While mobile devices can increase efficiency and productivity, they can also leave sensitive data vulnerable. Mobile device management tools can address such vulnerabilities by helping secure access to networks and resources. These tools are different from those required to secure the typical computer workstation. This practice guide focuses on security enhancements that can be made to corporate-owned personally-enabled (COPE) mobile devices. COPE devices are owned by an enterprise and issued to an employee. Both the enterprise and the employee can install applications onto the device. To address the challenge of securing COPE mobile devices while managing risks, the NCCoE at NIST built a reference architecture to show how various mobile security technologies can be integrated within an enterprise’s network. This NIST Cybersecurity Practice Guide demonstrates how organizations can use standards-based, commercially available products to help meet their mobile device security and privacy needs.
Citation
Special Publication (NIST SP) - 1800-21
Report Number
1800-21
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

DOI Link

Keywords

mobile, Corporate-owned personally-enabled, COPE, mobile device management, mobile device security, on-premise, bring your own device, BYOD
Risk management, Privacy, Mobile and Cybersecurity

Citation

Howell, G. , Boeckl, K. , Lefkovitz, N. , Nadeau, E. , Franklin, J. , Shariati, B. , Ajmo, J. , Brown, C. , Dog, S. , Javar, F. , Peck, M. and Sandlin, K. (2020), Mobile Device Security: Corporate-Owned Personally-Enabled (COPE), Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1800-21 (Accessed April 25, 2024)

Created September 14, 2020, Updated May 4, 2021