Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
By: Tim Rains, Director, Trustworthy Computing
The consumerization of IT, referred to by many people as “Bring Your Own Device” (BYOD), is a very hot topic these days as organizations grapple with the challenge of managing the risks in allowing their data to be placed on personal mobile devices, like smart phones. The challenge here is that some of the devices that employees decide to bring to work might not have the basic security or management capabilities. This challenge is compounded by the risks associated with these same devices connecting to ubiquitous social networks and the diverse ways organizations and people are choosing to connect and share data today – such as the utilization of cloud services.
The list of smart personal devices capable of connecting to private and public networks is rapidly and constantly expanding. For CISOs and CSOs, managing an ever growing list of devices isn’t a sustainable model. Some of the security professionals I have talked to are shifting their focus to managing the data instead of devices. They have concluded that device security is only a proxy for data security; if they can’t effectively manage the security of the devices that employees are bringing to work, they will focus their efforts on managing the security of the data itself. I think the industry recognizes the importance in securing personal devices and I expect to see them with much better management controls in the future.
So what does this mean in the cloud computing context?
I had a conversation with Jim Reavis, executive director of the Cloud Security Alliance (CSA) on this topic, when we got in front of the video camera at the RSA Conference in San Francisco just a few weeks ago. You can watch this conversation in the latest installment of the Trustworthy Computing Cloud Fundamentals Video Series below.
If you haven’t seen the other videos in this series, you can check them out below: