SANS Survey Results on BYOD Security Policies and Practices
- Tuesday, December 10th, 2013 at 1:00 PM EST (18:00:00 UTC)
- Joshua Wright, Lisa Lorenzin and Courtney Imbert
You can now attend the webcast using your mobile device!
Over the past 14 months, SANS has conducted three surveys on mobility and bring your own device (BYOD) security issues and practices. The results have shown a marked increase in awareness and adoption of policies to protect corporate intellectual property, financial and customer assets from an increasingly mobile workforce, wherein workers prefer to use their own devices.
These devices bring out new issues around application protections and controls, access rights and even device inspection. However, we are also witnessing a huge disparity between polices and practices. According to our October 2012 Mobile Policy and Practices Survey (www.sans.org/reading-room/analysts-program/SANS-survey-mobility), 95% of more than 650 respondents said BYOD security is important to their organizations; yet less than 30% felt confident or very confident in their ability to protect against cyberthreats from mobile devices.
Now, in 2103, and as mobile OSs, carriers and providers start to offer security mechanisms and security options of their own, respondents are asked to compare to the security mechanisms they've already deployed to new offerings from mobile providers. They will also tell us whether or not the threats and risks have changed since our October 2012 survey, how they've changed, and the progress organizations have made since our last survey.
Register for this webcast and be among the first to receive the associated survey report developed by Senior SANS Instructor and Analyst, Joshua Wright.
Click here to view the associated whitepaper.
Joshua Wright is a senior technical analyst with Counter Hack, a company devoted to the development of information security challenges for education, evaluation and competition. Through his experiences as a penetration tester, Josh has worked with hundreds of organizations on attacking and defending mobile devices and wireless systems, ethically disclosing significant product and protocol security weaknesses to well-known organizations. As an open source software advocate, Josh has conducted cutting-edge research resulting in several software tools that are commonly used to evaluate the security of widely deployed technology targeting WiFi, Bluetooth, and ZigBee wireless systems, smart grid deployments, and the Android and Apple iOS mobile device platforms. As the technical lead of the innovative CyberCity, Josh also oversees and manages the development of critical training and educational missions for cyberwarriors in the US military, government agencies, and critical infrastructure providers.
Lisa Lorenzin is a Principal Solutions Architect with Pulse Secure, specializing in secure access and mobility solutions, and co-chair of Trusted Network Communications, a work group of the Trusted Computing Group that defines an open architecture and standards for endpoint compliance and network security. She has worked in a variety of Internet-related roles since 1994, with almost twenty years of focus on network and information security, and is currently concentrating on enterprise security including end-to-end context-based access, network segmentation, security automation, and mobile security.
Courtney Imbert is a technical director at GIAC, where she develops certification exams aimed at validating that information security professionals have the necessary knowledge and skills to safeguard their organizations' assets. Prior to working for GIAC, she had eight years of experience working in IT and information security for contractors and manufacturing companies. She is currently a candidate for a Master's degree at the SANS Technology Institute.