Information Security versus “Shadow IT” (and mobility, cloud computing, BYOD, etc.)
November 4, 2013
Grazed from NetworkWorld. Author: Jon Oltsik.
We’ve all read the marketing hype about “shadow IT” where business managers make their own IT decisions without the CIO’s knowledge or approval. According to ESG research, this risk is actually overstated at most organizations but there is no denying that IT is getting harder to manage as a result of BYOD, cloud computing, IT consumerization, and mobility.
As these trends perpetuate, CISOs find themselves in the proverbial hot seat – it’s difficult to secure applications, assets, network sessions, and transactions that you don’t own or control. So what can be done? I’ve had this very discussion with a multitude of CISOs who’ve come to a similar conclusion: When you can’t control everything, you better have tight control and oversight over what you have. This type of security strategy centers on 5 areas:…
1. Identity. Mention identity and most people think about employees and roles or IAM applications like provisioning, SSO, web access management, etc. These are all important concepts but they are a subset of what’s needed. Any entity connected to the network – PCs, mobile devices, virtual servers, control systems, and the like should all have strong identities (i.e. IT knows exactly what type of asset and who it belongs to). Furthermore, each identity should be judged according to multiple attributes like role, location, time-of-day, configuration and tasks. Think of identity and identity attributes as the foundation of risk-based decisions (aka “contextual security”). In this case, individual attributes such as user, device type, location, and configuration are measured and combined to form a cumulative risk score. With identity becoming an information security anchor, leaders like McAfee, RSA Security, and Symantec are getting deeper into this space while independents like Octa, Nok Nok Labs, and SailPoint continue to grow…
Read more from the source @ http://www.networkworld.com/community/node/84170