janet: bring your own device
DESCRIPTION
Andrew McCormack outlines how bring your own device might create an incentive to get security right.TRANSCRIPT
Andrew Cormack Chief Regulatory Adviser, Janet #Janet_LegReg
BYOD: Security Together
A Cautionary Tale
• Is this about BYOD? – User owned device – Uncertain configuration – Unsafe results for data
• Just less shiny!
A Cautionary Tale
• Is this about BYOD? – User owned device – Uncertain configuration – Unsafe results for data
• Just less shiny! • And (we’re on audio): could it happen to you?
A Cautionary Tale
• Same risks to both of us – Personal risk may even be greater than professional!
Opportunity: Your Device, Our Data
• Same risks to both of us – Personal risk may even be greater than professional!
• Same behaviour required to reduce those risks – Work out together what that is
Opportunity: Your Device, Our Data
• Same risks to both of us – Personal risk may even be greater than professional!
• Same behaviour required to reduce those risks – Work out together what that is
• What that means – Policy compliance => Self interest – Safe at work/risky at home => Safer everywhere
Opportunity: Your Device, Our Data
• Information separation • Remote wiping • Device location • Device security • Information backup
Let’s discuss how to do...
Information Separation
Information Separation
Storage Policies
Technology Behaviour
Information Separation
Separate Storage Policies
Technology Behaviour
Remote Wiping
Separate Storage Policies
Technology Behaviour
When? Who? How? What?
Remote Wiping
Wipe When? Who? How? What?
Separate Storage Policies
Technology Behaviour
Device Location
Wipe When? Who? How? What?
Who? When? How?
Separate Storage Policies
Technology Behaviour
Device Location
Locate Who? When? How?
Separate Storage Policies
Technology Behaviour
Wipe When? Who? How? What?
Device Security
Protect Monitor
Download Configure
Inspect
Locate Who? When? How?
Separate Storage Policies
Technology Behaviour
Wipe When? Who? How? What?
Device Security
Secure Protect Monitor
Download Configure
Inspect
Separate Storage Policies
Technology Behaviour
Wipe When? Who? How? What?
Locate Who? When? How?
Information Backup
Secure Protect Monitor
Download Configure
Inspect
How? Where?
Separate Storage Policies
Technology Behaviour
Wipe When? Who? How? What?
Locate Who? When? How?
BYOD Policy?
Backup How?
Where?
Separate Storage Policies
Technology Behaviour
Wipe When? Who? How? What?
Locate Who? When? How?
Secure Protect Monitor
Download Configure
Inspect
Who Sets Policy?
Separate Storage Policies
Technology Behaviour
Secure Protect Monitor
Download Configure
Inspect
Backup How?
Where?
Locate Who? When? How?
Wipe When? Who? How? What?
Discuss/Agree Balance Policy and Access
Who Sets Policy?
Separate Storage Policies
Technology Behaviour
Secure Protect Monitor
Download Configure
Inspect
Backup How?
Where?
Locate Who? When? How?
Wipe When? Who? How? What?
Discuss/Agree Balance Policy and Access
Who Sets Policy?
Organisation
Separate Storage Policies
Technology Behaviour
Secure Protect Monitor
Download Configure
Inspect
Backup How?
Where?
Locate Who? When? How?
Wipe When? Who? How? What?
Discuss/Agree Balance Policy and Access
Who Sets Policy? Device Owner
Organisation
Separate Storage Policies
Technology Behaviour
Secure Protect Monitor
Download Configure
Inspect
Backup How?
Where?
Locate Who? When? How?
Wipe When? Who? How? What?
Discuss/Agree Balance Policy and Access
Who Sets Policy? Device Owner
Organisation
Separate Storage Policies
Technology Behaviour
Secure Protect Monitor
Download Configure
Inspect
Backup How?
Where?
Locate Who? When? How?
Wipe When? Who? How? What?
Janet, Lumen House Library Avenue, Harwell Oxford Didcot, Oxfordshire t: +44 (0) 1235 822200 f: +44 (0) 1235 822399 e: [email protected] b: https://community.ja.net/blogs/regulatory-developments
Questions?