From smart phones to tablets, laptops to USB devices, consumer technologies are ubiquitous in the workplace - and so is the 'bring-your-own-device' (BYOD) practice of allowing employees to conduct work on their own personal electronics.
But how do these consumer technologies change organizations' approaches to securing corporate information assets?
Join this panel of mobile technology experts for a thorough discussion of the risks and rewards of enabling BYOD, with an emphasis on how to manage the mix of consumer devices in the workplace, as well as enforcing key tenets of your mobile policy. Among the discussion points:
How to properly inventory your employees' personal devices;
Technology solutions to protect your corporate systems and data, as well as the end-point devices;
Strategies and tactics for enforcing mobile policies and maintaining compliance in regulated industries;
How to use BYOD as an opportunity to enable further proliferation of data and access security.
From home computers and laptops to cellphones and PDAs, employees have always lobbied to introduce consumer technologies in the workplace.
But with the advent of smart phones, tablets, portable storage and a variety of laptops - powerful computing devices that often rely on unsecured wireless networks - the push today is even greater. Example: Intel, the global computer technologies manufacturer, reports that connected mobile devices grew from 10,000 to 30,000 over the first 10 months of 2011. And by 2014, Intel expects 70% of its employees to use personal devices for some aspect of their job.
So, it's no longer a question of whether to allow employees to use their own devices - no corporate policy can stem the tide of consumerization. The questions now are about:
Inventory - How do you properly account for all of the consumer devices introduced by your employees? Know how to lock down your corporate wireless networks and desktop computers, so you'll also know when employees are trying to access corporate resources via connecting new devices.
Security - How do you protect your systems and data from unauthorized access - and in the event of lost or stolen devices? From identification to proper authentication, appropriate access control, data storage and detecting un-authorized activities - all controls implemented by an organization on 'corporate-owned' resources over the last decade can potentially be rendered useless on an employee-owned device. Learn the importance of each control and the implementation challenges in a large-scale environment.
Privacy - The controls you place on an employee-owned device could potentially compromise the individual's privacy (knowing which sites they visit, or whom they e-mail in their off-hours, for instance). How do you achieve the right balance to protect the enterprise's security and the employee's privacy?
Compliance - Certain international regulations and standards spell out standards for how data is collected and stored, as well as how it must be made available for legal requests. Are you prepared to address these and other top-level compliance issues when it comes to employees storing enterprise data on their own devices? Learn how to weigh the risks and benefits.
Policy - Beyond making employees aware of your policy, how do you enforce it? Awareness is key - make sure employees understand your policies around device usage, access, software licensing and other critical issues. But you also need to articulate specific areas of non-compliance and then monitor appropriately for violations subject to disciplinary action, including termination.
Opportunity - Beyond securing devices, BYOD is an opportunity to improve data and access security in the enterprise, web, mobile, and SaaS applications. The opportunity is for organizations to still have strong security and authentication, but in a way that is "outsourced" to the device owner for all of their applications. This outsourcing can save the company IT budget, as well as reduce help desk support.
In this session, mobile security experts will discuss these topics and more, sharing insights on how today's leading-edge organizations are embracing BYOD as a means of improving employee productivity and creating new business value.
Ahmed Datoo's experience in the technology industry spans strategic planning, brand marketing, software engineering and product management. Prior to Zenprise, Mr. Datoo was with EDS, where he was a global Director of Product Development. While with EDS, he built and launched several workflow automation and monitoring automation modules that generated multi-million dollar savings globally.
Mr. Datoo began his career as a strategy consultant at Accenture where he created high tech product development strategies for telecos, media conglomerates and hardware manufacturers. Mr. Datoo holds an MBA, M.A., and B.A. from Stanford University.
Chief Security Officer, Fixmo
Dan has been an information security professional for more than 15 years, and has worked for notable organizations such as XM Radio, Secure Computing, McAfee, Nominum, and Accuvant. He has extensive experience running security programs within the government segment; his most notable role was as Director of Network Security at the Transportation and Security Administration, which was the largest managed service contract within the federal government. Dan joined Fixmo in 2012 to drive security and technology innovation within Fixmo's suite of Mobile Risk Management solutions. In his role at Fixmo, he is directly responsible for global security and information assurance initiatives - researching trends, discovering security vulnerabilities and exploits, building strategic partnerships; and attaining industry certifications - as well as product innovation.
Dan holds an M.S. in Information Assurance/Computer Forensics from Capitol College and a D.Sc in Information Assurance from Capitol College with a dissertation focus on enterprise smartphone security.
Global CISO, Cylance
Harkins is responsible for all aspects of information risk and security at Cylance as well as public policy and customer outreach to help improve understanding of cyber risks. He spent 23 years with Intel, most recently as its first Chief Security and Privacy Officer. In this role, he was responsible for managing the risk, controls, privacy, security and other related compliance activities for all of Intel's information assets, products and services. Before becoming Intel's first CSPO, he was the chief information security officer (CISO), reporting to the chief information officer. Harkins also held roles in finance, procurement and various business operations.
Vice President of Sales and Business Operations, NA, VASCO Data Security
Wyrick is responsible for managing VASCO Data Security's business operations in North America. He joined the company in 2005 and has been a key contributor to the overall growth of the VASCO strong authentication business in North America.
Wyrick and his team have successfully managed strong authentication security projects with some of the largest financial institutions, enterprises, and online applications around the world.
Wyrick is a frequent presenter at many banking and financial industry conferences and web seminars throughout North America on preventing cyber fraud, account and transaction security for online and mobile applications. Among his speaking engagements are NACHA national and regional conferences, Association for Financial Professionals Annual Conference, Bankinfosecurity.com web seminars and many others.
Prior to joining VASCO, Wyrick was working at Digital Insight where he helped drive the online banking application adoption among regional banks and credit unions.