big scary monsters… oh my. - issa...
TRANSCRIPT
BYOD Big scary monsters… oh my.
• Fundamental factors driving BYOD • What devices? • The many hazards… • Benefits and practical control
Bring Your Own Destruction
“The beauty of humanity is its ability to overcome any obstacle.”
• People want their tools. • Network admins are too restrictive. o Cloud computing • Companies want to save money.
BYOD - Driving Factors
• Sales team o Leads generation, processing, information o Communications o Storage / information portability
• Vendors o Access to their corporate tools / information o Extension of infrastructure
BYOT - Bring your own tools
• IT o Convenience o Client support (data recovery, portability, etc) • C-Level o Rule exceptions (because they can)
o Special events, presentations by potential vendors, or impressing the opposite sex
BYOT - continued
• Their culture is centered on “Deny. Make them justify.”
• They are “held responsible”. • Less functionality / capability means less support
time. • They have learned to “play the game”.
Network admins
Restrictive, complicated, slow, and expensive environments fostered a new multi-billion dollar industry.
• Are we more secure? • Are we saving money?
Cloud Computing
• Companies want to save money. o The BYOD proposition “saves money, makes people happier”.
Everyone gets the tools they want, c-level can feel less guilty for doing it anyway, and the company can point to real dollar savings.
Save $$$ - increase joy
There are many more… but let us have some examples…
BYOD Driving Factors
“Bank” - needed a server, used a workstation Conference - needed connectivity “Big Corp” - needed to access Internet resources “not permitted” “xxx” - needed to move important documents and files Other examples… “Locked door becomes door propped open”
Examples
USB Storage Wifi Networking Laptops / tablets
What devices?
• Well Known o Lost devices
o Stolen o Breached or exploited
• Less well known o Scanned at an international border o Geek Patrol o Third party backup services
The Hazards
• Personal devices are less protected than corporate devices. o Anti-virus o Firewall o Intrusion prevention o Log auditing o Breach remediation
The Hazards
• Personal devices are more exposed o Home networks
o Kids / “gamers” on the same network o Foreign networks (e.g. Starbucks) o Friends and family (networks and access)
Realistically, your corporate devices were also exposed to these things. Your employee just feels better about doing it now.
The Hazards
• Your IT department needs to up their game o They can no longer limit the knowledge they need to support their
clients. § Software § Hardware
• Reliance on third parties brings more chaos o What country is our data in? What laws? o Third party bankruptcies / ownership changes. o Growing compliance issues. What countries? o Your data is subject to surveillance.
Hazards continued
• It is a fact that employees, using their own stuff, are happier and more productive. They are free!
• When combined with a teleworker program, your data might actually be safer.
• More innovation is entering your environment.
Benefits and Practical Control