BRING YOUR OWN DEVICE. BYOD AND THE IMPACT ON IT SECURITY BYOD and pressure employees put on IT...
-
Upload
bethanie-hensley -
Category
Documents
-
view
219 -
download
2
Transcript of BRING YOUR OWN DEVICE. BYOD AND THE IMPACT ON IT SECURITY BYOD and pressure employees put on IT...
BRING YOUR OWN DEVICE
BYOD AND THE IMPACT ON IT SECURITY
• BYOD and pressure employees put on IT organization to supply or allow consumer mobility devices
• More organizations allowing “non-standard” IT devices on their networks
• Significant amount of business content stored/shared on employee owned devices
• InformationWeek Mobile Security Survey
>86% of respondents permit use of personally owned devices now or are moving that way
>84% identify lost or stolen devices as a key mobile security concern
Who use a personal electronic device for work-related functions say their company
has not implemented a BYOD policy
31%
Who use a personal device for work let someone else use it
66%
46%
81%Use a personal electronic device
for work-related functions
Connect to a company via a free or public wi-fi connection
BYOD BY THE NUMBERS
PEOPLE WILL USE THEIR PERSONAL MOBILE DEVICES ON THE JOB, REGARDLESS OF WHETHER THEIR ORGANIZATION HAS A FORMAL ‘BYOD’ POLICY
BYOD BY THE NUMBERS
Desktop
56%
LaptopSmartPhone
Tablet None
BYOD DOESN’T ALWAYS HAVE TO MEAN SMART PHONES AND TABLETS. DESKTOP PCS WERE THE PERSONAL DEVICES MOST COMMONLY USED FOR WORK
SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News
51% 38% 15% 19%
BYOD BY THE NUMBERS
Desktop Laptop SmartPhone
Tablet
47% 41% 24% 10%
BYOD BY THE NUMBERS
• Desktop PCs were the personal devices most commonly used to store and/or access company information.
• Survey reports that company data was being encrypted on only about a third of BYOD devices.
DEVICES THAT STORE AND/OR ACCESS COMPANY INFORMATION
SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News
BYOD BY THE NUMBERS
65%
Said they don’t have the necessary tools in place to manage non-company issued mobile devices on the network.
44%
Said they’ve seen an increase in help desk requests.
40%
Said they’ve experienced an increase in network traffic.
27%
Said they are not at all confident.
IT PROFESSIONALS RESPOND
SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News
SURVEY: TOP IT SECURITY INVESTMENTS FOR 2013
• Editors if Information Security Media Group surveyed experts on what they expect organizations to invest in the coming year
— Top of list is Mobile Security
— Other technologies include authentication, encryption and monitoring wares
• Trend of moving away from organizationally owned to personally owned devices
— “Realistically managing workers’ expectations while establishing appropriate safeguards and controls to reduce risks is the challenge facing almost every organization”
• Adoption and use of mobility for both corporate and personal use will make the importance of access management to the enterprise all the more important
— How will the CIO and CISO identify and authenticate devices, users, services and data sources for all transactions?
— What will the corporate policy for ‘wipe’ of lost devices?
“If 2012 is the year of mobility – as remote computing drives organizations to figure out how to let employees gain access to critical systems from anywhere – 2013 is likely to be a repeat.”
Eric Chabrow, Top IT Security Investments for 2013
CAUSE & EFFECT
BEHAVIOR
Despite corporate policies, employees are using their own devices for work related activities
Growth of telework – workers see as their right; businesses want to offer as benefit
• 62% of businesses permit remote work
RESULT
Businesses are losing billions of dollars annually as a result of stolen laptops
• 2011 European Study estimate combined cost to organizations at $1.8 billion
• 2010 US Study estimate combined cost to organizations at $1.2 billion
Teleworker effectiveness tied to user experience
SOURCE: Ponemon Institute, GigaOM
WORKSPACES ARE NO LONGER JUST THE COMPUTER DOWN THE HALL
BYOD CONSIDERATIONS
• Assume the worsto Spare the cost of hiring a penetration tester and deploy defenses by assuming the worst
• Assume that employees will use their personal devices on the corporate network, even if they are told not too Use products to block the ones you are not willing to have around and encrypt and audit the movement of
devices carrying critical data
• Assume employees value convenience more than security o Employees will find a way around cumbersome or inconvenient security policies
• Assume storage devices will be lost and IT not informed > Use encrypted drives or do not use at all
• Assume that an organization’s first and last defense against a security breach is its own employees o Train employees on good security practices
FIVE ASSUMPTIONS IT DEPARTMENTS SHOULD KEEP IN MIND WHEN IT COMES TO BYOD
FULL WINDOWS DESKTOP ON SECURE USB
• Direct boot of Windows 7 or 8 ensures widespread adoption and user satisfaction delivering a normal desktop experience
• Workers can take all their data, applications and systems with them, securely and reliably
• A direct boot of Microsoft Windows ensures widespread adoption and user satisfaction, delivering a normal desktop experience without the performance drag of desktop virtualization
WITH IMATION MOBILE SECURITY YOU CAN ENABLE BYOD AND LET EMPLOYEES WORK ON THEIR OWN LAPTOPS AND DESKTOPS WITH PEACE OF MIND. Solutions for Microsoft
Windows 7 and 8
WHY IMATION MOBILE SECURITY
• Highest security levels available today
• Rugged solutions deployed in the world’s most demanding organizations
• Unmatched deployment flexibility– On premise– Cloud-based
IMATION MOBILE SECURITY…TO SECURING THE MOBILE WORKFORCE.
Yes