 |
|
Yours,
Mine and Ours Organizations must be prepared for the challenge of securing and managing employee-owned PCs. The client computing world is increasingly in conflict, as individuals empowered by technology in their personal lives are increasingly pitted against beleaguered IT departments concerned about security and compliance, according to Gartner. As the boundary between personal and enterprise computing becomes blurred, organizations should treat all network access as potentially hostile and apply appropriate security technologies and policies. Robin Simpson, Gartner research director and co-chair of the recent Gartner IT Security Summit, said new rules are needed to allow enterprise IT assets and functions to coexist with employees’ personal digital assets. “The traditional response from the IT department was to say ‘no’, but that’s no longer an option,” said Simpson. “You can’t hold back the changes being driven by your user population by force, or they will simply conspire against you. But you can’t just relax control. You need to find a way to delineate between the business and personal computing worlds so they can work side-by-side and the boundary can be secured.” BYOPC? A 2006 Gartner survey of midsize businesses in six countries found that 42 percent of organizations had policies or schemes allowing personally owned PCs to connect to the corporate network. This figure was higher in the U.S. (51 percent) and U.K. (49 percent). In his presentation, “Your Systems, Someone Else’s Device,” Simpson highlighted five key reasons that employees don’t want to use corporate-owned PCs:
Gartner predicts that by 2008, 10 percent of companies will require employee-purchased notebooks. “Just as company-owned cars ceased to be an integral element of the employee's package, so company-owned computing devices, especially notebook computers and mobile phones, need no longer form part of the overall benefits package. Our research confirms that companies around the world are increasingly considering employee-owned devices to be formal business tools,” Simpson said. The Consumerization Threat According to Gartner, businesses should prepare for employee-owned notebooks with a thorough review of security, compliance and application delivery architecture. “By taking security precautions and investing in foundational security technologies now, enterprises can prepare themselves for increasing use of consumer devices, services and networks with their organization, and manage these risks,” said Simpson. “The key is to assume all access to your corporate network is potentially hostile. The only real solution is to increase core system and information security while relaxing user constraints and shifting responsibility to them. Although they may lack maturity and come at a high price, the tools do exist to manage the risks of non-company equipment in the enterprise.” Many of these security tools, such as network access control (NAC), stronger authentication technologies, PC virtualization and digital rights management (DRM), are being adopted by enterprises to manage other threats and can be configured for consumerization threats. While in some cases it may be too early or costly to invest in these tools, Gartner advises that enterprises can start with policies and procedures, and use these to help guide future technology deployments. More than two years ago, Gartner said that consumerization would
be the most significant trend affecting IT during the next 10 years,
as employees expect to use more of their personal equipment and
services at work, and enterprises adopt more consumer technologies
in business operations. However, consumerization also represents
one of the most significant threats to enterprise security, and
security managers must prepare for, and manage, the security risks. |
|||||||||
 |
|||||||||
| 888-ABBATECH |
|
||||||||
