BYOD (Bring Your Own Device) and Security Awareness
BYOD and Security
RISK AWARENESS OVERVIEW:
It is a widely held belief that the greatest risk to the security of an organization is presented by its people. While security technology is designed and deployed to stop hackers, spies, phishers and frauds, these defenses may be rendered ineffective or may be compromised by human weaknesses: inattention, ignorance, incompetence and complacency. Technical security vulnerabilities can be patched but humans, without proper awareness and education, are always vulnerable. As new technologies enter the marketplace, especially next generation communications, it is critical to make sure that employees understand how to safely use these technologies.
One of the sometimes overlooked issues associated with introduction of new technologies is that the line between personal and professional lives is often blurred. The technologies that power our work, power our personal lives, as well. We therefore recommend that awareness training include secure practices that protect not only the information at work, but the worker’s information at home. Practicing safe information handling works best when employees are encouraged to think about security within the context of home and family.
Training and awareness is critical, in part due to the many changes that are taking place in the field of information management, from regulatory requirements to the nature of threat and risk composition and distribution, and the rapid proliferation of technological change. Such technological change-and the accompanying risk and potential risk impact-is exemplified in the adoption of mobile computing platforms and social networking. Mobility and social media represent two critical risk areas in that, increasingly, both are involved in breaches, Many such breaches are not associated with malicious behavior (although some are), but are the result of a lack of awareness, among members of the workforce. Creating awareness of the risks associated with such use is invaluable in containing regulatory, legal, financial, and reputation risk.
Read the "happy ending story" about a Stolen iPad