Welcome!

@CloudExpo Authors: Dynatrace Blog, Automic Blog, Allwyn Sequeira, Elizabeth White, Liz McMillan

Related Topics: @CloudExpo

@CloudExpo: Blog Post

Acceptance of “Bring Your Own Device”

Companies Must Get to Grips with Cloud and Application Security

Company policies supporting Bring Your Own Device are being widely embraced as a win-win initiative that improves employees' experience and reduces IT costs, according to results released today of the (ISC)2 2013 Global Information Security Workforce Study, conducted on behalf of the (ISC)2 Foundation by the analyst firm Frost & Sullivan. At the same time, information security managers admit that companies must do more to understand the security of the technologies behind the trend, particularly for cloud-based systems and applications.

A preview of select results of the (ISC)2 ("ISC-squared") study were featured at a press conference hosted by Reed Events in advance of Information Security Europe 2013, April 23 -25. The largest study of its kind examining workforce trends in information security covered BYOD as one of three game-changing technology trends that are having a significant impact on information security practice. The global study's 12,396 respondents, one in four of which work in the EMEA region, clearly establish that BYOD is a prevalent practice - with 53 percent saying their companies actively allow users, either employees, business partners or both, to connect their devices onto their networks. A similar percentage, 54 percent, identified BYOD as a growth area for training and education within the information security profession.

Security professionals, however, are concerned that companies are not prepared for the risks introduced by this trend. Seventy-eight percent consider BYOD to present a somewhat or very significant risk. This reflects increased levels of concern compared to the 2011 study, when mobile devices were identified as a significant risk by 68 percent of respondents.

Further, nearly three-quarters of respondents (74 percent) highlighted that new security skills are going to be required to manage the security risks associated with BYOD. The biggest concerns were over the state of application security (72 percent) and the cloud (70 percent), also a developing area in business systems. Another 66 percent suggested companies needed to get more of a grip on how compliance requirements are being affected with the prevalence of BYOD.

Companies are more open to allowing user-owned smartphones (87 percent) and tablets (79 percent) onto corporate networks than laptops (72 percent), while they are supporting a multitude of platforms, with iOS leading the pack (84 percent), closely followed by Android (75 percent); RIM Blackberry/QNS (62 percent), and Windows Mobile (51 percent).

"Whether approved or not, user-owned tablets and smartphones are connecting into corporate networks and cloud environments," states Michael Suby, Stratecast VP of Research at Frost & Sullivan. "Furthermore, the escalating capabilities of these devices, such as dual-core processors and multi-gigabytes of storage, add to the level of risk these devices pose to corporate assets and sensitive information. The positive news is that information security professionals are using a growing array of security technologies to stem this risk."

The business drivers given for turning to BYOD puts the user at the centre of IT strategy. The desire to improve end-user experience at 60 percent was almost equal to the business requirement of supporting a mobile workforce (64 percent). A significant number of respondents (44 percent) also noted the goal of reducing operating and end-user support costs; while the desire to lower IT inventory costs was noted by a much lower 21 percent.

"From a security perspective, BYOD is gaining attention, but current efforts are focussed on the end -point rather than on protecting business data and assets," says Wim Remes, CISSP, member of the (ISC)2 Board of Directors.

The top technologies identified to mitigate risks include: encryption, the use of virtual private networks, and remote lock and wipe functionality. Less than half (42 percent) are working with applications access control or authentication (40 percent), basic controls that exist on traditional IT infrastructures.

"This can be an opportunity for IT operations to fully seize the role of a business enabler. If approached correctly, with a focus on the data, BYOD can actually improve security and enable the business to compete at a pace that was but a remote dream half a decade ago," concludes Remes, who presented the results at the conference.

The (ISC)2 Foundation will release the full report of the 2013 (ISC)2 Global Information Security Workforce Study in February as a resource to industry. Based on findings of an industry survey conducted in the autumn of 2012, the study is unique in its focus on issues affecting the security profession rather than general market developments, products or security breaches. Participants from 145 countries around the world contributed to offer insights into the changing profile of the profession, training and development needs, salary levels, attitudes and developments toward risk management, and the impact of key trends in business systems on security management.

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin, ...
SYS-CON Events announced today that T-Mobile will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on ...
SYS-CON Events announced today that HTBase will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. HTBase (Gartner 2016 Cool Vendor) delivers a Composable IT infrastructure solution architected for agility and increased efficiency. It turns compute, storage, and fabric into fluid pools of resources that are easily composed and re-composed to meet each application’s needs. With HTBase, companies can quickly prov...
SYS-CON Events announced today that Infranics will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Since 2000, Infranics has developed SysMaster Suite, which is required for the stable and efficient management of ICT infrastructure. The ICT management solution developed and provided by Infranics continues to add intelligence to the ICT infrastructure through the IMC (Infra Management Cycle) based on mathemat...
SYS-CON Events announced today that Cloudistics, an on-premises cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloudistics delivers a complete public cloud experience with composable on-premises infrastructures to medium and large enterprises. Its software-defined technology natively converges network, storage, compute, virtualization, and management into a ...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 20th Cloud Expo, which will take place on June 6-8, 2017 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 add...
Building custom add-ons does not need to be limited to the ideas you see on a marketplace. In his session at 20th Cloud Expo, Sukhbir Dhillon, CEO and founder of Addteq, will go over some adventures they faced in developing integrations using Atlassian SDK and other technologies/platforms and how it has enabled development teams to experiment with newer paradigms like Serverless and newer features of Atlassian SDKs. In this presentation, you will be taken on a journey of Add-On and Integration ...
There are 66 million network cameras capturing terabytes of data. How did factories in Japan improve physical security at the facilities and improve employee productivity? Edge Computing reduces possible kilobytes of data collected per second to only a few kilobytes of data transmitted to the public cloud every day. Data is aggregated and analyzed close to sensors so only intelligent results need to be transmitted to the cloud. Non-essential data is recycled to optimize storage.
"I think that everyone recognizes that for IoT to really realize its full potential and value that it is about creating ecosystems and marketplaces and that no single vendor is able to support what is required," explained Esmeralda Swartz, VP, Marketing Enterprise and Cloud at Ericsson, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Interoute has announced the integration of its Global Cloud Infrastructure platform with Rancher Labs’ container management platform, Rancher. This approach enables enterprises to accelerate their digital transformation and infrastructure investments. Matthew Finnie, Interoute CTO commented “Enterprises developing and building apps in the cloud and those on a path to Digital Transformation need Digital ICT Infrastructure that allows them to build, test and deploy faster than ever before. The int...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership abi...
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to transi...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
Niagara Networks exhibited at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
SYS-CON Events announced today that Outlyer, a monitoring service for DevOps and operations teams, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outlyer is a monitoring service for DevOps and Operations teams running Cloud, SaaS, Microservices and IoT deployments. Designed for today's dynamic environments that need beyond cloud-scale monitoring, we make monitoring effortless so you ...
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and micro services. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your contain...