Download - Embracing the IT Consumerization Imperative NG Security

Transcript
Page 1: Embracing the IT Consumerization Imperative NG Security

Barry CaplinCISO

MN Dept. of Human ServicesNG Security Summit

[email protected]@bjb.org, @bcaplin, +barry caplinsecurityandcoffee.blogspot.com

Page 2: Embracing the IT Consumerization Imperative NG Security

http://about.me/barrycaplin

Page 3: Embracing the IT Consumerization Imperative NG Security
Page 4: Embracing the IT Consumerization Imperative NG Security

Apr. 3, 2010

300K ipads1M apps250K ebooks… day 1!

Page 5: Embracing the IT Consumerization Imperative NG Security

2011 – tablet/smartphone sales exceeded PCs

Page 6: Embracing the IT Consumerization Imperative NG Security
Page 7: Embracing the IT Consumerization Imperative NG Security

Why are we talking about this?

But really, all connected!

Page 8: Embracing the IT Consumerization Imperative NG Security

Business Driver?

Page 9: Embracing the IT Consumerization Imperative NG Security

What about…

Page 10: Embracing the IT Consumerization Imperative NG Security

Ineffective Controls

Page 11: Embracing the IT Consumerization Imperative NG Security

1 Day

Page 12: Embracing the IT Consumerization Imperative NG Security

5 Stages of Tablet Grief

• Surprise• Fear• Concern• Understanding• Evangelism

Page 13: Embracing the IT Consumerization Imperative NG Security

Security ChallengesDevices:Exposure of dataLeakage of data – sold, donated, tossed, repaired drivesMalware

But don’t we have all this now???

Page 14: Embracing the IT Consumerization Imperative NG Security

Consumer App Security“non-standard” software a challenge

Vetting, updates/patches, malwareNo real 3rd party agreementsPrivacy policies, data ownershipSOPA/PIPA/CISPA

Page 15: Embracing the IT Consumerization Imperative NG Security

Legal (IANAL)

Privacy – exposing company dataLitigation hold – on 3rd party services

Separation – what’s on Dropbox?Copyright, trademark, IP?How do you?:

Get data from a 3rd party service?

Page 16: Embracing the IT Consumerization Imperative NG Security

BYOD Security Solutions• Sync/MDM – Network or OTA

• VDI – Citrix or similar

• Containerization – Sandbox, MAM

• Direct Connection – Don’t!

Page 17: Embracing the IT Consumerization Imperative NG Security

DHS view - POE• Policy• Supervisor

approval• Citrix only• No Gov't records

on POE (unencrypted)

• 3G/4G or wired

• Guest wireless• FAQs for

users/sups• Metrics• $ - not yet

Page 18: Embracing the IT Consumerization Imperative NG Security

Software Security SolutionsPolicy – Examine existing – augment

Process – Vetting, updates, malware

3rd party agreements – where possible

Data classification/labelingPIE – pre-Internet encryption

Page 19: Embracing the IT Consumerization Imperative NG Security

CoIT NirvanaAny, Any, Any – work, device, where

Be nimbleData stays “home”++Situational awareness

Page 20: Embracing the IT Consumerization Imperative NG Security

Key PointsBusiness Need – Partner internallyBYOD, Consumer apps, or both?Policy, Technical, Financial aspectsWatch the dataMake easy for usersEducation/Awareness

Page 21: Embracing the IT Consumerization Imperative NG Security
Page 22: Embracing the IT Consumerization Imperative NG Security

Discussion…

Slides at http://slideshare.net/[email protected]

[email protected], @bcaplin, +barry caplinsecurityandcoffee.blogspot.com

Page 23: Embracing the IT Consumerization Imperative NG Security

TopicsPolicyCompliance/ConsequencesRegulatory – IRS, HIPAA, MARS-EData LeakageRemote wipe issuesDLP/DRMReimbursementThe “Non-Standard” Software issue

Page 24: Embracing the IT Consumerization Imperative NG Security

Non-Standard Software

New Request


Top Related

Embracing digital technology, a new strategic imperative 2013

Embracing digital technology, a new strategic imperative 2013

Embracing Digital Technology a New Strategic Imperative

Embracing Digital Technology a New Strategic Imperative

Enable consumerization-of-it

Enable consumerization-of-it

busInesses - Welcome - Singapore Business Federation ... Handbook on Inclusive... · “Embracing racial harmony is integral to Singapore’s progress. It is imperative that businesses

busInesses - Welcome - Singapore Business Federation ... Handbook on Inclusive... · “Embracing racial harmony is integral to Singapore’s progress. It is imperative that businesses

Consumerization Of Energy 14 Sep2011

Consumerization Of Energy 14 Sep2011

Embracing The Consumerization of Information Technology

Embracing The Consumerization of Information Technology

The Consumerization of B2B Marketing

The Consumerization of B2B Marketing

Consumerization and the digital enterprise

Consumerization and the digital enterprise

Languages
Pages
Legal

Copyright © 2022 FDOCUMENTS