Archive

Posts Tagged ‘september 2012’

Microsoft Security Newsletter – September 2012

September 21, 2012 Leave a comment

Ok, didn’t have the time to search where online the newsletter is located so I just copied some of it into this post. I think that there where some interesting posts/articles around “BYO”, Cloud etc. So browse and enjoy! πŸ˜‰

Welcome to September’s Security Newsletter!
This month’s newsletter focuses on personal devices in the workplace, often times referred to as “Bring Your Own Device,” or BYOD. BYOD is a very hot topic these days as organizations grapple with the challenge of managing the risks involved in allowing corporate data to be placed on personal devices such as smart phones. At face value, BYOD has the potential to be a win-win proposition. However, depending on how BYOD is implemented and managed, it could be a Pandora’s box.The primary challenge is that some of the devices employees decide to bring to work may not have basic security or management capabilities. This challenge is compounded by the risks associated with connecting to social networks and by the diverse ways organizations and people are choosing to connect and share data today – such as the utilization of cloud services. We recently conducted a study to find out more about how personal devices are being used in the business environment. Our study found that:

  • 67% of people are using personal devices in the workplace whether it’s officially sanctioned by the organization or not.
  • 53% of organizations officially condone BYOD in some way, but only 22% of organizations support them through their IT department.
  • Cost savings resulting from employees using their own PCs and mobile devices is often a driving factor to BYOD. Less than half of organizations provide any financial subsidy for users who supply their own equipment.
  • A majority of companies are somewhat or very concerned about the risk of data breaches or intellectual property leaks.

BYOD does have distinct advantages. From the standpoint of the IT department, BYOD is generally seen as a cost-cutting measure because the burden of supplying the equipment is shifted to the employees. Some organizations subsidize BYOD policies with a per diem to offset the costs for users, but it still results in lower costs for the organization by relieving IT of its traditional role of maintenance and support.

Another advantage of BYOD is that individuals tend to upgrade and embrace new platforms and technologies much faster than businesses. The organization benefits from being able to take advantage of cutting edge tools and features without the pain of deploying new hardware to the entire company.

From the user’s perspective, BYOD means using devices and applications that are more familiar. Empowering users with the ability to choose which hardware and platforms they use creates more satisfied and productive workers. It also allows them to carry a single mobile device instead of one for work and another for personal use.

The list of smart personal devices capable of connecting to private and public networks is rapidly and constantly expanding. For chief information security officers (CISOs) and chief security officers (CSOs), managing an ever growing list of devices and applications isn’t a sustainable model. Some of the security professionals I have talked to are shifting their focus to managing the data instead of the devices. They have concluded that device security is only a proxy for data security; if they can’t effectively manage the security of the devices that employees bring to work, they will focus on managing the security of the data itself. I think the industry recognizes the importance of securing personal devices and are making steps toward better management controls in the future.

If you are interested in learning more about BYOD, I encourage you to read these blog posts recently published on the topic:

Read more…

Categories: All, BYOD, Microsoft, Security Tags: , , , ,