BRING YOUR OWN DEVICE

BYOD AND THE IMPACT ON IT SECURITY

• BYOD and pressure employees put on IT organization to supply or allow consumer mobility devices

• More organizations allowing “non-standard” IT devices on their networks

• Significant amount of business content stored/shared on employee owned devices

• InformationWeek Mobile Security Survey

>86% of respondents permit use of personally owned devices now or are moving that way

>84% identify lost or stolen devices as a key mobile security concern

Who use a personal electronic device for work-related functions say their company

has not implemented a BYOD policy

31%

Who use a personal device for work let someone else use it

66%

46%

81%Use a personal electronic device

for work-related functions

Connect to a company via a free or public wi-fi connection

BYOD BY THE NUMBERS

PEOPLE WILL USE THEIR PERSONAL MOBILE DEVICES ON THE JOB, REGARDLESS OF WHETHER THEIR ORGANIZATION HAS A FORMAL ‘BYOD’ POLICY

BYOD BY THE NUMBERS

Desktop

56%

LaptopSmartPhone

Tablet None

BYOD DOESN’T ALWAYS HAVE TO MEAN SMART PHONES AND TABLETS. DESKTOP PCS WERE THE PERSONAL DEVICES MOST COMMONLY USED FOR WORK

SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News

51% 38% 15% 19%

BYOD BY THE NUMBERS

Desktop Laptop SmartPhone

Tablet

47% 41% 24% 10%

BYOD BY THE NUMBERS

• Desktop PCs were the personal devices most commonly used to store and/or access company information.

• Survey reports that company data was being encrypted on only about a third of BYOD devices.

DEVICES THAT STORE AND/OR ACCESS COMPANY INFORMATION

SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News

BYOD BY THE NUMBERS

65%

Said they don’t have the necessary tools in place to manage non-company issued mobile devices on the network.

44%

Said they’ve seen an increase in help desk requests.

40%

Said they’ve experienced an increase in network traffic.

27%

Said they are not at all confident.

IT PROFESSIONALS RESPOND

SOURCE: ESET, Harris Interactive and the SANS Institute as published in Government Computer News

SURVEY: TOP IT SECURITY INVESTMENTS FOR 2013

• Editors if Information Security Media Group surveyed experts on what they expect organizations to invest in the coming year

— Top of list is Mobile Security

— Other technologies include authentication, encryption and monitoring wares

• Trend of moving away from organizationally owned to personally owned devices

— “Realistically managing workers’ expectations while establishing appropriate safeguards and controls to reduce risks is the challenge facing almost every organization”

• Adoption and use of mobility for both corporate and personal use will make the importance of access management to the enterprise all the more important

— How will the CIO and CISO identify and authenticate devices, users, services and data sources for all transactions?

— What will the corporate policy for ‘wipe’ of lost devices?

“If 2012 is the year of mobility – as remote computing drives organizations to figure out how to let employees gain access to critical systems from anywhere – 2013 is likely to be a repeat.”

Eric Chabrow, Top IT Security Investments for 2013

CAUSE & EFFECT

BEHAVIOR

Despite corporate policies, employees are using their own devices for work related activities

Growth of telework – workers see as their right; businesses want to offer as benefit

• 62% of businesses permit remote work

RESULT

Businesses are losing billions of dollars annually as a result of stolen laptops

• 2011 European Study estimate combined cost to organizations at $1.8 billion

• 2010 US Study estimate combined cost to organizations at $1.2 billion

Teleworker effectiveness tied to user experience

SOURCE: Ponemon Institute, GigaOM

WORKSPACES ARE NO LONGER JUST THE COMPUTER DOWN THE HALL

BYOD CONSIDERATIONS

• Assume the worsto Spare the cost of hiring a penetration tester and deploy defenses by assuming the worst

• Assume that employees will use their personal devices on the corporate network, even if they are told not too Use products to block the ones you are not willing to have around and encrypt and audit the movement of

devices carrying critical data

• Assume employees value convenience more than security o Employees will find a way around cumbersome or inconvenient security policies

• Assume storage devices will be lost and IT not informed > Use encrypted drives or do not use at all

• Assume that an organization’s first and last defense against a security breach is its own employees o Train employees on good security practices

FIVE ASSUMPTIONS IT DEPARTMENTS SHOULD KEEP IN MIND WHEN IT COMES TO BYOD

FULL WINDOWS DESKTOP ON SECURE USB

• Direct boot of Windows 7 or 8 ensures widespread adoption and user satisfaction delivering a normal desktop experience

• Workers can take all their data, applications and systems with them, securely and reliably

• A direct boot of Microsoft Windows ensures widespread adoption and user satisfaction, delivering a normal desktop experience without the performance drag of desktop virtualization

WITH IMATION MOBILE SECURITY YOU CAN ENABLE BYOD AND LET EMPLOYEES WORK ON THEIR OWN LAPTOPS AND DESKTOPS WITH PEACE OF MIND. Solutions for Microsoft

Windows 7 and 8

WHY IMATION MOBILE SECURITY

• Highest security levels available today

• Rugged solutions deployed in the world’s most demanding organizations

• Unmatched deployment flexibility– On premise– Cloud-based

IMATION MOBILE SECURITY…TO SECURING THE MOBILE WORKFORCE.

Yes