Wednesday, September 05, 2007
Tragedy strikes Royal Park again
Boggles trotting
Cost of living: Glass half empty or full?
JVP to oppose new levies
Govt. probes mounting CEB losses
Too many Sri Lankans living in poverty – Survey
Editorial
NO CONFIDENCE
DO IT FOR PROFITS
Damning COPA report on the way, said to be more damning than COPE
EPDP says no to eastern elections
Jihad story cooked up by Karuna?
Govt. confident of crushing no confidence motion
Sri Lanka has a road map to end conflict – Bogollagama assures EU
Take action on COPE report on Public Property Act – Nihal Sri Ameresekere
Poser to Ranil on his silence on Tax Amnesty Bill Vs hara kiri on $ 500 m Bond
Colombo businesses link up with regional counterparts
Lanka to make debut at Global SMEs 2007 in Malaysia
Seminar on “How to Conduct Business in Today’s Environment”
CEA chief urges biz community to focus on sustainable development
More volunteer experts from Germany
USAID, JE Austin do their part for Sri Lanka
CTC Farmers to plant Maize with Tobacco
Commodity prices will spike higher over next two years
Three Hayleys firms win Presidential Export Awards
Top tea convention begins tomorrow
China way ahead of India in agriculture sector
Kenilworth estate equals an all time record price
Eight junior shuttlers for inaugural Asian c’ships
Wanniarachchi axed for international dual contest
Tec Committee confirms Dilruwan as replacement
Lanka in biggest ever push to woo MICE tourism
Lanka Israel partner to boost tourism
Airbus super jumbo jets through Hong Kong
Brandix opens new-concept Centre of Inspiration for Casualwear
 
 

Anarchy is knocking at the gates of IT security

The challenge of managing employee-owned PCs and solutions
The client computing world is increasingly in conflict, as individuals empowered by technology in their personal lives are increasingly pitted against beleaguered IT departments concerned about security and compliance, according to Gartner. As the boundary between personal and enterprise computing becomes blurred, organisations should treat all network access as potentially hostile and apply appropriate security technologies and policies.


Robin Simpson, Gartner research director and co-chair of the Gartner IT Security Summit in Sydney, said new rules are needed to allow enterprise IT assets and functions to coexist with employees’ personal digital assets.


“The traditional response from the IT department was to say ‘no’, but that’s no longer an option,” said Mr Simpson. “You can’t hold back the changes being driven by your user population by force, or they will simply conspire against you. But you can’t just relax control. You need to find a way to delineate between the business and personal computing worlds so they can work side-by-side and the boundary can be secured.”


In his presentation ‘Your Systems, Someone Else’s Device’, Mr Simpson highlighted five key reasons that employees don’t want to use corporate owned PCs:


Executives and key knowledge workers often prefer their own PCs to the corporate standard User requirements are not “one size fits all”


Outsourcing and use of contract and temporary workers continues to grow Travelling workers need personal data and connectivity while on the move. Nobody carries two notebooks Full- and part-time teleworking is increasing Gartner predicts that by 2008, 10 percent of companies will require employee-purchased notebooks.


“Just as company-owned cars ceased to be an integral element of the employee’s package, so company-owned computing devices, especially notebook computers and mobile phones, need no longer form part of the overall benefits package. Our research confirms that companies around the world are increasingly considering employee-owned devices to be formal business tools.


A 2006 Gartner survey of medium-sized business in six countries found that 42 percent of organisations had policies or schemes allowing personally owned PCs to connect to the corporate network, and this figure was higher in the U.S. (51 percent) and UK (49 percent).


According to Gartner, businesses should prepare for employee-owned notebooks with a thorough review of security, compliance and application delivery architecture.


“By taking security precautions and investing in foundational security technologies now, enterprises can prepare themselves for increasing use of consumer devices, services and networks with their organisation, and manage these risks,” said Mr Simpson.


“The key is to assume all access to your corporate network is potentially hostile,” said Mr Simpson. “The only real solution is to increase core system and information security while relaxing user constraints and shifting responsibility to them. Although they may lack maturity and come at a high price, the tools do exist to manage the risks of non-company equipment in the enterprise.”


Many of these security tools, such as network access control (NAC), stronger authentication technologies, PC virtualisation and digital rights management (DRM), are being adopted by enterprises to manage other threats and can be configured for consumerisation threats. While in some cases it may be too early or costly to invest in these tools, Gartner advises that enterprises can start with policies and procedures, and use these to help guide future technology deployments.


More than two years ago, Gartner said that consumerisation would be the most significant trend affecting IT during the next 10 years, as employees expect to use more of their personal equipment and services at work, and enterprises adopt more consumer technologies in business operations. However, consumerisation also represents one the most significant threats to enterprise security, and security managers must prepare for, and manage, the security risks.