Welcome!

@CloudExpo Authors: William Schmarzo, Cloud Best Practices Network, Pat Romanski, Elizabeth White, Liz McMillan

Related Topics: @CloudExpo

@CloudExpo: Blog Post

Acceptance of “Bring Your Own Device”

Companies Must Get to Grips with Cloud and Application Security

Company policies supporting Bring Your Own Device are being widely embraced as a win-win initiative that improves employees' experience and reduces IT costs, according to results released today of the (ISC)2 2013 Global Information Security Workforce Study, conducted on behalf of the (ISC)2 Foundation by the analyst firm Frost & Sullivan. At the same time, information security managers admit that companies must do more to understand the security of the technologies behind the trend, particularly for cloud-based systems and applications.

A preview of select results of the (ISC)2 ("ISC-squared") study were featured at a press conference hosted by Reed Events in advance of Information Security Europe 2013, April 23 -25. The largest study of its kind examining workforce trends in information security covered BYOD as one of three game-changing technology trends that are having a significant impact on information security practice. The global study's 12,396 respondents, one in four of which work in the EMEA region, clearly establish that BYOD is a prevalent practice - with 53 percent saying their companies actively allow users, either employees, business partners or both, to connect their devices onto their networks. A similar percentage, 54 percent, identified BYOD as a growth area for training and education within the information security profession.

Security professionals, however, are concerned that companies are not prepared for the risks introduced by this trend. Seventy-eight percent consider BYOD to present a somewhat or very significant risk. This reflects increased levels of concern compared to the 2011 study, when mobile devices were identified as a significant risk by 68 percent of respondents.

Further, nearly three-quarters of respondents (74 percent) highlighted that new security skills are going to be required to manage the security risks associated with BYOD. The biggest concerns were over the state of application security (72 percent) and the cloud (70 percent), also a developing area in business systems. Another 66 percent suggested companies needed to get more of a grip on how compliance requirements are being affected with the prevalence of BYOD.

Companies are more open to allowing user-owned smartphones (87 percent) and tablets (79 percent) onto corporate networks than laptops (72 percent), while they are supporting a multitude of platforms, with iOS leading the pack (84 percent), closely followed by Android (75 percent); RIM Blackberry/QNS (62 percent), and Windows Mobile (51 percent).

"Whether approved or not, user-owned tablets and smartphones are connecting into corporate networks and cloud environments," states Michael Suby, Stratecast VP of Research at Frost & Sullivan. "Furthermore, the escalating capabilities of these devices, such as dual-core processors and multi-gigabytes of storage, add to the level of risk these devices pose to corporate assets and sensitive information. The positive news is that information security professionals are using a growing array of security technologies to stem this risk."

The business drivers given for turning to BYOD puts the user at the centre of IT strategy. The desire to improve end-user experience at 60 percent was almost equal to the business requirement of supporting a mobile workforce (64 percent). A significant number of respondents (44 percent) also noted the goal of reducing operating and end-user support costs; while the desire to lower IT inventory costs was noted by a much lower 21 percent.

"From a security perspective, BYOD is gaining attention, but current efforts are focussed on the end -point rather than on protecting business data and assets," says Wim Remes, CISSP, member of the (ISC)2 Board of Directors.

The top technologies identified to mitigate risks include: encryption, the use of virtual private networks, and remote lock and wipe functionality. Less than half (42 percent) are working with applications access control or authentication (40 percent), basic controls that exist on traditional IT infrastructures.

"This can be an opportunity for IT operations to fully seize the role of a business enabler. If approached correctly, with a focus on the data, BYOD can actually improve security and enable the business to compete at a pace that was but a remote dream half a decade ago," concludes Remes, who presented the results at the conference.

The (ISC)2 Foundation will release the full report of the 2013 (ISC)2 Global Information Security Workforce Study in February as a resource to industry. Based on findings of an industry survey conducted in the autumn of 2012, the study is unique in its focus on issues affecting the security profession rather than general market developments, products or security breaches. Participants from 145 countries around the world contributed to offer insights into the changing profile of the profession, training and development needs, salary levels, attitudes and developments toward risk management, and the impact of key trends in business systems on security management.

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 18th International CloudExpo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprise networks are complex. Moreover, they were designed and deployed to meet a specific set of business requirements at a specific point in time. But, the adoption of cloud services, new business applications and intensifying security policies, among other factors, require IT organizations to continuously deploy configuration changes. Therefore, enterprises are looking for better ways to automate the management of their networks while still leveraging existing capabilities, optimizing perf...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
SYS-CON Events announced today Object Management Group® has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that EastBanc Technologies will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. EastBanc Technologies has been working at the frontier of technology since 1999. Today, the firm provides full-lifecycle software development delivering flexible technology solutions that seamlessly integrate with existing systems – whether on premise or cloud. EastBanc Technologies partners with p...
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, will explore the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences betwee...
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...
As machines are increasingly connected to the internet, it’s becoming easier to discover the numerous ways Industrial IoT (IIoT) is helping to shape the business world. This is exactly why we have decided to take a closer look at this pervasive movement and to examine the desire to connect more things! Now if you need a refresher on IIoT and how it is changing the world, take a moment and listen to Greg Gorbach with ARC Advisory Group. Gorbach believes, "IIoT will significantly change the worl...
SYS-CON Events announced today the Docker Meets Kubernetes – Intro into the Kubernetes World, being held June 9, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Register for 'Docker Meets Kubernetes Workshop' Here! This workshop led by Sebastian Scheele, co-founder of Loodse, introduces participants to Kubernetes (container orchestration). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, participants learn ...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
The IoTs will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development proc...
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...
In his session at 18th Cloud Expo, Andrew Cole, Director of Solutions Engineering at Peak 10, will discuss how the newest technology advances are reducing the cost and complexity of traditional business continuity and disaster recovery solutions. Attendees will: Learn why having a full disaster recovery strategy is more important now than ever before Explore the key drivers of a successful disaster recovery solution Achieve measurable operational and business value from a disaster recovery ...