One of the main concerns that companies face when it comes to Cloud computing involves putting data on the personal devices of their employees.
There is a series of risks that companies need to manage in this scenario, and the discussion involves the hot topic of consumerization of IT, which is referred to as “Bring Your Own Device” (BYOD).
Some of the issues here include the fact that not all devices that employees decide to bring to work pack the security features that companies are looking for, or the management capabilities required for use in enterprise environments.
Moreover, the same devices are often being used for connecting to ubiquitous social networks, which involve additional risks. The manner in which people and organizations connect and share data today also needs to be taken into consideration.
“The list of smart personal devices capable of connecting to private and public networks is rapidly and constantly expanding. For CISOs and CSOs, managing an ever growing list of devices isn’t a sustainable model, Tim Rains, director, Trustworthy Computing, explains.
Apparently, many security professionals are currently more interested in the way in which data can be managed, instead of focusing on how devices can be controlled.
“They have concluded that device security is only a proxy for data security; if they can’t effectively manage the security of the devices that employees are bringing to work, they will focus their efforts on managing the security of the data itself,” Rains states.
Companies are aware of the importance of securing personal devices, and are focused on adopting better management controls in the future, Rains also says.
In the latest installment of the Trustworthy Computing Cloud Fundamentals Video Series, he discusses some of these aspects with Jim Reavis, executive director of the Cloud Security Alliance (CSA). The video, embedded below, was shot at the RSA Conference in San Francisco several weeks ago.