SANS Survey Results on BYOD Security Policies and Practices
- Tuesday, December 10 at 1:00 PM EST
- Joshua Wright, Lisa Lorenzin and Courtney Imbert
Over the past 14 months, SANS has conducted three surveys on mobility and bring your own device (BYOD) security issues and practices. The results have shown a marked increase in awareness and adoption of policies to protect corporate intellectual property, financial and customer assets from an increasingly mobile workforce, wherein workers prefer to use their own devices.
These devices bring out new issues around application protections and controls, access rights and even device inspection. However, we are also witnessing a huge disparity between polices and practices. According to our October 2012 Mobile Policy and Practices Survey (www.sans.org/reading-room/analysts-program/SANS-survey-mobility), 95% of more than 650 respondents said BYOD security is important to their organizations; yet less than 30% felt confident or very confident in their ability to protect against cyberthreats from mobile devices.
Now, in 2103, and as mobile OSs, carriers and providers start to offer security mechanisms and security options of their own, respondents are asked to compare to the security mechanisms they've already deployed to new offerings from mobile providers. They will also tell us whether or not the threats and risks have changed since our October 2012 survey, how they've changed, and the progress organizations have made since our last survey.
Register for this webcast and be among the first to receive the associated survey report developed by Senior SANS Instructor and Analyst, Joshua Wright.
Click here to view the associated whitepaper.
Joshua Wright is a senior technical analyst with Counter Hack, a company devoted to the development of information security challenges for education, evaluation and competition. Through his experiences as a penetration tester, Josh has worked with hundreds of organizations on attacking and defending mobile devices and wireless systems, ethically disclosing significant product and protocol security weaknesses to well-known organizations. As an open source software advocate, Josh has conducted cutting-edge research resulting in several software tools that are commonly used to evaluate the security of widely deployed technology targeting WiFi, Bluetooth, and ZigBee wireless systems, smart grid deployments, and the Android and Apple iOS mobile device platforms. As the technical lead of the innovative CyberCity, Josh also oversees and manages the development of critical training and educational missions for cyberwarriors in the US military, government agencies, and critical infrastructure providers.
Lisa Lorenzin is a Principal Solutions Architect with Juniper Networks, specializing in security solutions, and co-chair of the Trusted Network Connect (TNC), a work group of the Trusted Computing Group (TCG) that defines an open architecture and standards for endpoint integrity and network access control. Lorenzin has worked in a variety of Internet-related roles for the past 18 years, primarily focused on network and information security. Her experience in data center, government and enterprise environments, as well as her active participation in standards bodies and user groups, has brought her a thorough understanding of the challenges network administrators and users face in today's world of expanding regulations and increasing security threats.
Courtney Imbert is a technical director at GIAC, where she develops certification exams aimed at validating that information security professionals have the necessary knowledge and skills to safeguard their organizations' assets. Prior to working for GIAC, she had eight years of experience working in IT and information security for contractors and manufacturing companies. She is currently a candidate for a Master's degree at the SANS Technology Institute.