Feeds

Want to bring your own PC?

No need to get personal

  • alert
  • submit to reddit

3 Big data security analytics techniques

Workshop There’s a problem brewing in the workplace - employees want to bring to work aspects of technology that they use in their personal life, be it their mobile phones, laptops or even just specific applications.

If businesses haven’t come up against this consumerisation already, the chances are that they will, sooner rather than later - and that in all probability it is happening already behind their backs.

Recent research around desktop equipment shows just how this is starting to pan out. While there is nothing that IT would prefer more than a locked down world that is easier to manage, personally owned technology is either being brought in to the business by employees already, or there is an expectation that it will be in the future, for large and small companies alike (see chart below).


To be fair, the consumerisation of IT is a problem that has been around for a while. But every time something newer and shinier comes along – the iPad or the Galaxy Tab, for example – the debate is resurrected yet again, and usually more vigorously than the last time. So how should businesses approach this thorny area?

From a user’s perspective, making use of advanced technology in the form of smartphones, PCs, slate devices, and so on, is an integral part of everyday life. Of more importance is that the relationship between users, their devices and services can be incredibly close. It is perhaps unsurprising, that they want to use this kit in the workplace, as it is often more valued in design terms and performance compared to standard office issue equipment, users are familiar with it, and arguably, because of this, it allows them to be much more efficient. And if they are willing to spend their own money in the process, the capex budget might be cut some slack, providing any company kit already purchased for them is properly redeployed in the business.

But that’s only one side of the story. From a business perspective, allowing carte blanche on what equipment is brought into the business is a bit like leaving the front door to the office wide open, and not even bothering with the burglar alarm when no-one is there. Without adequate preparation and precautions being put in place, it just isn’t a very clever thing to do, and for a number of very good reasons.

Support and repair of such devices can become a major area of concern – in particular defining what can and cannot be supported, and where the boundaries of responsibility lie when things go wrong. Liability is another thread – who is liable when a corporate application causes problems with the user’s own software, or more worryingly, when user acquired software is used illegally in a work situation?

Then there is the issue of security, with users connecting into company resources with who-knows-what security in place. The likelihood of malware getting in rises considerably when inadequately protected systems are employed. Giving users free rein implies that they are all sufficiently competent to manage IT risks and security. However, our research shows this is far from the case.

Attempting to stop the influx of any devices and access to ‘community’ applications will, in all probability, fail miserably. So, like it or not, compromise is needed. But how should businesses go about deciding what’s in and what’s out?

The list of equipment, applications and services will depend on the needs of the business, but also has to take into account what makes users tick from a technology standpoint. What this boils down to is understanding rather than assuming what users need and want, and looking at if and how these needs and wants should be incorporated into the business.

So, if a handful of users want to use an iPhone for work purposes, what are the risks, benefits, cost of support and so on. If the argument doesn’t stack up in favour, are there close alternatives that might be offered. Or if there are more than a few users in the iPhone camp, does it make sense to add it to the company list and support it accordingly. Similarly, with social media and collaborative applications such as Facebook – what is the relative importance to the company, and what business-focussed alternatives can be offered?

This is a move away from how things have been done traditionally, but it isn’t about giving users the freedom to dictate what IT should be in place. Rather, it is about making sure that they aren’t ‘putting their own IT in place’ without company sanction.

Many businesses are already being more proactive in their acknowledgement of users’ needs and wants, either through routes such as user committees and management/IT lobbying, or more indirectly, through general feedback and satisfaction monitoring, as our recent research into desktop computing mentioned earlier (see chart below).


Elements of this will probably be a pretty big irritant to IT, particularly those who believe that if you let users have control over things they will break them – always have and always will. Possibly, but then that’s not so different from what happens now? And if it is their own ‘thing’ then maybe they will be a bit more careful.

SANS - Survey on application security programs

More from The Register

next story
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
True optical zoom coming to HTC smartphone cameras
Time to ditch that heavy DSLR? Maybe in a year, year and a half
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Leaked photos may indicate slimmer next-generation iPad
Will iPad Air evolve into iPad Helium?
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.