Welcome!

Cloud Expo Authors: Liz McMillan, Vincent Brasseur, Pat Romanski, Elizabeth White, Roger Strukhoff

Related Topics: Cloud Expo

Cloud Expo: Blog Post

Acceptance of “Bring Your Own Device”

Companies Must Get to Grips with Cloud and Application Security

Company policies supporting Bring Your Own Device are being widely embraced as a win-win initiative that improves employees' experience and reduces IT costs, according to results released today of the (ISC)2 2013 Global Information Security Workforce Study, conducted on behalf of the (ISC)2 Foundation by the analyst firm Frost & Sullivan. At the same time, information security managers admit that companies must do more to understand the security of the technologies behind the trend, particularly for cloud-based systems and applications.

A preview of select results of the (ISC)2 ("ISC-squared") study were featured at a press conference hosted by Reed Events in advance of Information Security Europe 2013, April 23 -25. The largest study of its kind examining workforce trends in information security covered BYOD as one of three game-changing technology trends that are having a significant impact on information security practice. The global study's 12,396 respondents, one in four of which work in the EMEA region, clearly establish that BYOD is a prevalent practice - with 53 percent saying their companies actively allow users, either employees, business partners or both, to connect their devices onto their networks. A similar percentage, 54 percent, identified BYOD as a growth area for training and education within the information security profession.

Security professionals, however, are concerned that companies are not prepared for the risks introduced by this trend. Seventy-eight percent consider BYOD to present a somewhat or very significant risk. This reflects increased levels of concern compared to the 2011 study, when mobile devices were identified as a significant risk by 68 percent of respondents.

Further, nearly three-quarters of respondents (74 percent) highlighted that new security skills are going to be required to manage the security risks associated with BYOD. The biggest concerns were over the state of application security (72 percent) and the cloud (70 percent), also a developing area in business systems. Another 66 percent suggested companies needed to get more of a grip on how compliance requirements are being affected with the prevalence of BYOD.

Companies are more open to allowing user-owned smartphones (87 percent) and tablets (79 percent) onto corporate networks than laptops (72 percent), while they are supporting a multitude of platforms, with iOS leading the pack (84 percent), closely followed by Android (75 percent); RIM Blackberry/QNS (62 percent), and Windows Mobile (51 percent).

"Whether approved or not, user-owned tablets and smartphones are connecting into corporate networks and cloud environments," states Michael Suby, Stratecast VP of Research at Frost & Sullivan. "Furthermore, the escalating capabilities of these devices, such as dual-core processors and multi-gigabytes of storage, add to the level of risk these devices pose to corporate assets and sensitive information. The positive news is that information security professionals are using a growing array of security technologies to stem this risk."

The business drivers given for turning to BYOD puts the user at the centre of IT strategy. The desire to improve end-user experience at 60 percent was almost equal to the business requirement of supporting a mobile workforce (64 percent). A significant number of respondents (44 percent) also noted the goal of reducing operating and end-user support costs; while the desire to lower IT inventory costs was noted by a much lower 21 percent.

"From a security perspective, BYOD is gaining attention, but current efforts are focussed on the end -point rather than on protecting business data and assets," says Wim Remes, CISSP, member of the (ISC)2 Board of Directors.

The top technologies identified to mitigate risks include: encryption, the use of virtual private networks, and remote lock and wipe functionality. Less than half (42 percent) are working with applications access control or authentication (40 percent), basic controls that exist on traditional IT infrastructures.

"This can be an opportunity for IT operations to fully seize the role of a business enabler. If approached correctly, with a focus on the data, BYOD can actually improve security and enable the business to compete at a pace that was but a remote dream half a decade ago," concludes Remes, who presented the results at the conference.

The (ISC)2 Foundation will release the full report of the 2013 (ISC)2 Global Information Security Workforce Study in February as a resource to industry. Based on findings of an industry survey conducted in the autumn of 2012, the study is unique in its focus on issues affecting the security profession rather than general market developments, products or security breaches. Participants from 145 countries around the world contributed to offer insights into the changing profile of the profession, training and development needs, salary levels, attitudes and developments toward risk management, and the impact of key trends in business systems on security management.

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...
"Verizon offers public cloud, virtual private cloud as well as private cloud on-premises - many different alternatives. Verizon's deep knowledge in applications and the fact that we are responsible for applications that make call outs to other systems. Those systems and those resources may not be in Verizon Cloud, we understand at the end of the day it's going to be federated," explained Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, in this SYS-CON.tv interview at...
"For the past 4 years we have been working mainly to export. For the last 3 or 4 years the main market was Russia. In the past year we have been working to expand our footprint in Europe and the United States," explained Andris Gailitis, CEO of DEAC, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. Acco...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
"Cloud consumption is something we envision at Solgenia. That is trying to let the cloud spread to the user as a consumption, as utility computing. We want to allow the people to just pay for what they use, not a subscription model," explained Ermanno Bonifazi, CEO & Founder of Solgenia, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With "smart" appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user's habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps,...
SYS-CON Media announced that Centrify, a provider of unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT, has launched an ad campaign on Cloud Computing Journal. The ads focus on security: how an organization can successfully control privilege for all of the organization’s identities to mitigate identity-related risk without slowing down the business, and how Centrify provides ...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"We help companies that are using a lot of Software as a Service. We help companies manage and gain visibility into what people are using inside the company and decide to secure them or use standards to lock down or to embrace the adoption of SaaS inside the company," explained Scott Kriz, Co-founder and CEO of Bitium, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...