5. emergence of The Borderless enTerprise
Many business-side leaders don’t fully appreciate all of the holes and points of weakness that exist in their network today. They figure that after green lighting the CIO to spend buckets of money on firewalls and other network defenses, the organization should be pretty well fortified against assault. The problem is that since that money has been spent, the enterprise has changed and the CIO has been forced to change the technology that supports the business. In this age of super-connectivity, they’ve been asked to provide more ways to give employees and partners access to information.
In this age of super-connectivity, CIOs have been asked to provide more ways to give employees and partners access to information.
In the process, insecure systems that were never meant to be connected to the Internet are now online. Information portals are poking holes in the network infrastructure all over the place, data is leaving the network on portable storage devices, and mobile devices are enabling people to move outside the network with sensitive data while coming back onto the network with infected systems.
Plus, as I just mentioned, you have got lots of potential “bad apple” employees who are automatically allowed access inside network boundaries. It has gotten to the point where there isn’t an impenetrable border around the enterprise anymore.
Nearly 75 percent had off-line devices lost or stolen in the last two years and of those 42 percent involved the loss of sensitive information.
Unfortunately, most businesses have been unable to adjust their security programs to account for this borderless enterprise. In a study of 735 CIOs conducted by the Ponemon Institute in 2007, more than 60 percent of them said their organizations still place more importance on network security issues than any other. Approximately 62 percent said their off-network controls are not “rigorously managed.” And yet, 62 percent said that they have a lot of unprotected confidential information on off- network systems. This assumption of risk has lead to a much higher rate of incidents involving those off-line devices—nearly 75 percent of the managers surveyed had one of these devices lost or stolen in the last two years, and of those, 42 percent involved the loss of sensitive information.
mObIlE dEvICES — THE NEw mObIlE THrEAT
Lumension Security’s Vice President of Security Technologies, Chris Andrew, sits down to discuss how security has moved beyond the endpoint with the convergence of business and personal tools.