Has Mobile Computing Had a Positive Impact on Cybersecurity?

I’ve heard the same story from a multitude of CISOs: “As soon as we agreed to support BYOD and mobile devices, all hell broke loose!” How? All of a sudden there were hundreds or thousands of new devices accessing the corporate network. Many of these devices were employee-owned, unmanaged, and full of questionable applications. What’s more, users were now working on multiple devices and moving sensitive data between Windows PCs, iPads, Android phones, and a slew of online file sharing sites like Box, Dropbox, and iCloud. Holy threat and vulnerability, Batman!

Most enterprise organizations are now way past this early period of mobile security chaos. Yes, there are still plenty of challenges associated with mobile computing security, but did preliminary mobile computing anarchy have any positive impact on information security in the long run? In other words, did the initial mobile computing fire drills actually help CISOs recognize risks and address systemic weaknesses?

Topics: IBM MDM Cisco Information and Risk Management Juniper HP mobile Security and Privacy Security endpoint security Bradford Networks Mobile computing Box Dropbox Aruba Vormetric ForeScout Veracode Great Bay Software NAC

It's Time for an Enterprise Encryption Strategy

A few years ago, I began writing and talking about data encryption management problems on the horizon. I was right about the issues, but a bit aggressive on the timing. Based on what I'm seeing lately, however, the encryption management sky may finally be falling (or at least starting to fall).

Topics: Information and Risk Management Security and Privacy Vormetric Symantec CISO Intel NIST encryption