Roundtable: Securing Information in a Mobile World (Toronto)
On May 16, 2014 The IT Media Group brought together 15 Toronto area CIOs and information security executives from a variety of private and public-sector organizations to discuss “Securing Information in a Mobile World”. This CIO Master Series roundtable was sponsored by Symantec Canada, with Anuja Sharma, Director, Technical Sales, taking a seat at the table and providing her thoughts and insights.
Key topics included device security methodology, serving the needs of business users who want to use personal devices, security in the Cloud, the proliferation and management of personal devices, and data breaches & response procedures.
While mobile security was a top-of-mind concern for all participants, there was a considerable amount of diversity in the key pain points felt by various roundtable members. One participant, for example, was particularly concerned about the data footprint left on the device, while another was concerned by the sheer proliferation of devices and the inability to control user behaviour. A hot button for one CIO was malware coming in through SSL. A prime consideration for another was controlling data on the device, while yet another’s focus was securing the application layer.
Some organizations are taking a rigorous, disciplined approach to BYOD security – the financial sector being an obvious example – however many others appear to be feeling their way with security approaches and policies. Solutions are piecemeal and ad hoc in many cases and there are various security issues that are not being satisfactorily addressed.
Cloud has become an indispensable tool for many users but it presents its own security issues. While some are struggling with users accessing Cloud storage services, others are implementing secure corporate boxes in the Cloud. Some organizations simply deny users access to the Cloud.
Issues such as the need to serve the business, personal privacy, and the use of personal devices as cameras and recording devices all contribute to the complex mix of considerations around enabling mobile workers. Many of these considerations extend beyond IT, and require the involvement of corporate communications, legal, HR and the C-suite.
It is early days yet for BYOD. Security challenges are varying and complex and the roundtable discussion made it clear that organizations have their own unique hot buttons, and are taking a variety of paths to resolving their BYOD security issues.
Session Highlights Videos
Access to Cloud
Cloud storage solutions are an effective and popular means to share files, but are a concern for enterprise security. Some organizations have found a more comfortable option.
Device security
The intrusion of consumer device into the enterprise information environment raises issues of shared assets and shared risk.
Supporting users
Is it realistic to enable anywhere access from any device?
Securing the application
Shifting the security focus from the device to the applications.
Post session interviews
Stephen Frank - Director, IT at The National Hockey League Platers Association
Anuja Sharma - Director, Technical Sales at Symantec Canada
About CIO Master Series roundtables
Roundtables produced by The IT Media Group provide the ideal format for frank and open discussion among IT executive peers, allowing them to explore issues in depth, with a judicious amount of expert facilitation. These sessions are designed specifically for small groups of IT leaders, enabling them to take away practicable new approaches, validate their own thoughts, brainstorm ideas, and share their successes and their pain.
IT executives interested receiving notification of upcoming CIO Master Series roundtables, please complete the VIP membership form, including business email address.