Article Options
Enterprise Security Trends Blog | HP Blogs
Keep up with the latest cyber, cosumerisation, collaboration and cloud enterprise security trends from the team of HP information security professionals.

Securely managing the consumerization of IT

SimonA| June 22, 2012
1 Comments
0

By Simon Arnell, Security Analytics Service Director

 

In many conversations we’re having with clients the topic of consumerization is discussed, to illustrate how quickly this area has evolved, let’s look back a few years. It wasn’t that long ago that the concept of the consumerization of IT was a theoretical topic, first being discussed by the Leading Edge Forum in 2004. Even then, the authors of that paper recognized the potential business benefits rather than the risks. The paper concluded:

 

“The ‘consumerization’ of information technology is a powerful trend that promises many significant long-term business consequences, including radically lower costs, greatly improved functionality and successive generations of users who are ever more technology-savvy.”

 

mobility.png

 

The consumerization of IT has come a long way since that first discussion, emerging as one of the most significant trends to affect IT in the past 10 years. It’s no longer a question of if enterprises will choose consumerization, it’s a question of how CIOs will manage and secure IT consumerization and Bring Your Own Device (BYOD) as part of their overall business strategy.

 

Some early lessons-learned about the consumerization of IT include:

  1. The impact of consumerization is unpredictable and varies across types of enterprise and sector.
  2. BYOD doesn’t always guarantee cost savings in terms of hardware purchases; employees may be reluctant to replace a broken device if they have to pay for it again.
  3. Public sector organizations may resist consumerization for fear of accusations of misuse of public funds and high sensitivity to security issues.
  4. No one can be sure that data on a ‘controlled’ consumer device is ever 100% safe.
  5. Consumerization is about more than hardware devices as personal cloud computing and social media dominate consumer behavior.
  6. As far as the enterprise is concerned, we are all consumers now.

A recent paper from HP titled “A Secure Approach to Consumerization discusses taking a risk-based approach to IT consumerization, including 6 points to consider when assessing the ACTUAL risk of employees using consumer devices:

  1. Underlying email and data services -- can they be securely managed in a device-agnostic infrastructure?
  2. Can Web and cloud services support a device-agnostic approach?
  3. Can ownership of consumer devices serve as a corporate asset?
  4. Are users prepared to accept responsibility for ownership of personal device?
  5. Will users accept the installation of agents on the device that protects corporate data and email?
  6. How do you manage ‘rogue’ devices?

Another HP whitepaper titled “Protecting Data and enabling the mobile enterprise provides a summary of current mobility drivers, trends, risks and concerns for large enterprises including a 5-step CIO guide to a creating mobile security plan.

 

What steps are you taking to realize the benefits of consumerization while maintaining a secure enterprise environment? I’d love to hear your approach, as well as what’s working for your enterprise and what’s not?

 

To learn more about the HP’s risk-based approach to the consumerization of IT, check out these resources:

 

 

Tags: BYOD| cloud security| Consumerization| enterprise security| Enterprise Security Discovery Workshop| View All (7)
Labels: BYOD| Cloud security| consumerization of IT| Enterprise security| Enterprise Security Discovery Workshop| Enterprise Security Solutions| information security
Labels:
Comments
TSchreider | ‎09-28-2012 03:45 PM
Options

I have found within my customer set that consumerization is more a buzzword than an actuality.  BYOD is fine as long as its the device IT has pre-authorized, true BOYD is likely never to happen for the vast majority of clients.  BYOD has however, raised the national debate about making IT more open and useable for its constituency.  And, its working!

0
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
 
Search
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About the Author
  • A business first, senior executive, with over 20 years of hands on experience in defending banks, governments and corporations against cyberwarfare. My career in security started when I was employed to crack a secure system, which had locked down the boot process, whitelisting of applications and encrypted disks. I linked TeamOffice (an ICL email and collaboration system) with Microsoft Word to send an email which allowed me to do anything the person reading the email could do and send the results back to me, all without there knowledge. Having proved this vulnerability, I worked with Peter Simpson to create Defuse, a tool that blocked inappropriate actions. This successfully blocked Winword Concept, the first known malicous code in the wild. From these begginings I have investigated all aspects of security to provide an holistic approach to security as a business enabler and currently advising organisations on the suitability of the cloud to their needs.
Follow Us