One of the great challenges we will all face moving forward is the concept of ‘consumerization' and IT; the bring your favorite device to work day has got an injection of steroids and claims to be here to stay.
Now there are some technologies out there that claim to aid with the security of maintaining the data, but lets face facts its just not that simple.
You begin to let people have whatever data they want on personal devices and hope to control the risk with technology you are going to have problems; can you say Compliance?
I knew you could. How do you begin to audit these devices? Just wait until the privacy people get a hold of this one…I see problems on the track up a head but the train keeps going. Now you can’t stop the train, I get that, and screaming fire in the movie theatre doesn’t work either, but let’s get back to basics at least: policy, data classification, and user awareness just got critical. If you’re going to allow all data on these devices….
Well you have trouble. But if you can classify data, train users to understand what it looks like, and set good policy you might have a decent chance. The argument hasn’t changed, just the imperative.
About the Author
Dave Tyson– MBA, CPP, CISSP
As President and CSO of Apollo, Dave Tyson leads CISO Insights, the cybersecurity advisory and professional services business unit of Apollo Information Systems. Dave partners with Apollo’s clients to provide …Read More