The rising trend of BYOD (bring your own device) was highlighted in ISACA’s latest pre-Christmas Shopping on the Job survey, which found that 39 per cent of the 850-plus interviewees had employers that allow them to use work-supplied mobile devices for personal purposes–while on the other side of the coin, 32pc encourage the use of personal devices for business purposes.
Coupled with a clear third (34pc) of employers allowing the use of work email addresses for personal communications, researchers found that half of respondents have concluded that the risk of using personal mobile devices for work activities outweighs the benefits.
And, with just 21pc of employers providing guidance on the secure use of geolocation-enabled smartphones and portable devices, it is clear that the security industry has a number of BYOD-related problems that needs discussing—and resolving.
These issues—and others—will be debated at the European Computer Audit, Control and Security/Information Security and Risk Management (EuroCACS/ISRM) conference, from September 10 to 12. A topic at the conference in Munich will be the secure use of mobile devices and BYOD in the workplace.
Over the three-day Munich event, Ramsés Gallego, CISM, CGEIT, International Vice President of ISACA, and a security strategist and evangelist with Quest Software, will look at the topic of securing mobile computing devices, against the backdrop of users’ computing having changed considerably over the last few years. In his workshop, Gallego will focus on the need to recognise the importance of policy and the types of provisions that need to be included in a mobile computing security policy. He will also look at BYOA (Bring your own application) and IBMD (I’m bringing my device) which are all evolving trends from BYOD.
Steven Ackx, a director of Ascure, a subsidiary of PwC Advisory Services, will cover mobile security—where we are today and where we will be. His workshop will look at solving BYOD anxieties and the need to handle concerns with personal and business data, and how ISACA’s COBIT 5 governance framework can assist in securing mobile devices
According to Gallego, the need to identify the many, disparate types of mobile devices being used, along with their vulnerabilities and risk, is central to developing effective forensics procedures and considerations, when it comes to capturing and preserving evidence obtained from mobile devices. He believes that there is a definite need to better understand the growing market for mobile security and effectively map the available solutions to the existing security problems more.
“To effectively solve BYOD anxieties, enterprises need to address the risk associated with mixing personal and business data on the same device. ISACA’s COBIT 5 governance framework goes a long way to assisting professionals in this regard,” he added. Register at http://www.isaca.org/Education/Conferences/Pages/European-CACS-ISRM-Europe-2012.aspx.
