Does the "Wild Wild West" or "Three Ring Circus" describe the approach to BYOD in your organization? Have you tried to mitigate risk by focusing on solutions that are ultimately no more effective account of using a Band-Aid to repair a leak in the Hoover Dam? How did you ever wind up in this position? Was it a result of the following executive mandates requiring you to address compliance by checking the box on the rudimentary checklists, but not more? They can not say it in so many words but how often have you sought funding for a full program should be turned down year after year?
Even when the reality is not so tragic, we've all been in this situation-after much time and effort to create policies and implementation of configurations, we are asked to create exceptions for top brass or officials perceived money that bought the latest gadget on the market. These situations always chipping away at the effectiveness of our sound architectures and security initiatives, leaving the organization vulnerable to the violation and compliance violations. In situations where we are actually allowed to say "no", we find ourselves simply alienate more people we are supposed to serve, many times the cost of productivity and innovation.
By treating them with respect, many organizations choose a silo approach. Are you one of these organizations? Each compliance obligation, the institution selects and deploys several tools and processes for each environment. Following the management of information and resources through policies and disparate tools, the organization faces costs and increasing risks. Duplication of licenses, duplication equipment, sound familiar? This approach silo also led to the abuse of data protection strategies, while archiving of information, creation of development environments or when data volumes increase dramatically.
With the increasing proliferation of mobile devices, more than 6 billion subscriptions worldwide in Q1 2013, users continue to pressure employers for greater flexibility to work on devices their choice. At the same time, organizations must face mounting regulatory compliance mandates, which provide controls that are not natively available on our mobile devices. Although leading best management practices would never allow the key store on encrypted host, that's exactly what we all iPhone and Android devices. No wonder that after each update of the operating system, hours later, we find someone has cracked the code. In 2012, it was reported that 92% of data breaches could have been avoided through encryption and / or authentication controls. Mobile devices fail to provide native robust capabilities in both universes. Users regularly store password lists, social security numbers, credit card numbers, medical information, or other sensitive data on an iOS or Android device without special protective measures in place. Still think it's a good idea
What is the answer
Sorry - There is still no miracle solution. The good news, there are steps we can take to improve security and ease compliance concerns without buying disparate solutions. To fill technology gaps facing the mobile computing risks and meet compliance obligations, consider Citrix mobility solutions. Whether the mobile device is supplied by your organization or company allows staff to bring their own, Citrix offers give us a way to deal with complex and unique business requirements. Does your organization have access to the complex application requirements? Do employees need to access applications and data on-prem and in the cloud securely? For access to online data, the key lies in Citrix Receiver. When accessing virtualized applications via Citrix Receiver, you keep the data in the data center while enabling employees to work seamlessly from anywhere on any device. This results in a win, win for everyone. Citrix XenMobile MDM also enables your IT organization by allowing the company to secure mobility, creating better working conditions and increase employee satisfaction, while meeting compliance obligations.
Learn how to adopt safe practices in your BYOD environment Citrix mobility solutions. Join our session SYN217 Citrix Synergy: Protecting sensitive data in the era of compliance and BYOD to learn! What works and what does work for you we say now.
Connie Barrera
As the director of security and compliance to the University of Miami, Connie Barrera leads initiatives policy, governance, risk and compliance. Connie's efforts are focused on establishing basic compliance standards to streamline Universities efforts with a plethora of regulatory mandates, including: HIPAA, FERPA, GLBA, FISMA, Red Flag, FDA Part 11 and PCI . In addition, Connie co-chairs the Strategic Planning Committee for Innovation, come with advanced solutions to current and future business needs. She recently accepted the position of Vice President of Event Services for Local ISC2.
Kurt Roemer
As strategist head of security for Citrix Systems, Kurt Roemer leads the security, compliance , risk and privacy policies for Citrix products. As a member of the Citrix CTO Office, Kurt leads ideation, innovation and technology management products and solutions that improve business productivity while ensuring information governance. A veteran information services with over 20 years of experience, Kurt's credentials include Professional (CISSP) Certified Information Systems Security, he served as a Commissioner on the initiative of the US public sector CLOUD2 and has led efforts to develop safety standards PCI Council Virtualization guidance information Supplement payment card industry while serving on the advisory board. He regularly contributes his expertise on security-related topics in the global online environment, print and broadcast media.
0 Komentar