The rising trend of BYOD (bring your own device) was highlighted in ISACA's latest pre-Christmas Shopping on the Job survey, which found that 39% of the 850-plus interviewees had employers that allow them to use work-supplied mobile devices for personal purposes–while on the other side of the coin, 32% encourage the use of personal devices for business purposes.
Coupled with a clear third (34%) of employers allowing the use of work email addresses for personal communications, researchers found that 50% of respondents have concluded that the risk of using personal mobile devices for work activities outweighs the benefits.
And, with just 21% of employers providing guidance on the secure use of geolocation-enabled smartphones and portable devices, it is clear that the security industry has a number of BYOD-related problems that needs discussing—and resolving.
These key issues—and many others—will be debated at the European Computer Audit, Control and Security/Information Security and Risk Management (EuroCACS/ISRM) conference, 10–12 September 2012. The hot topic at the conference in Munich will be the secure use of mobile devices and BYOD in the workplace.
Over the length of the three-day Munich event, Ramsés Gallego, CISM, CGEIT, International Vice President of ISACA, and a security strategist and evangelist with Quest Software, will look at the topic of securing today's mobile computing devices, against the backdrop of the user computing environment having changed considerably over the last few years. In his workshop, Gallego will focus on the need to recognise the importance of policy and the types of provisions that need to be included in a mobile computing security policy. He will also look at BYOA (Bring your own application) and IBMD (I'm bringing my device) which are all evolving trends from BYOD.
Steven Ackx, a director of Ascure, a subsidiary of PwC Advisory Services, will cover mobile security—where we are today and where we will be in the future. His workshop will look at solving BYOD anxieties and the need to handle concerns with personal and business data, and how ISACA's COBIT 5 governance framework can assist in securing mobile devices
According to Gallego, the need to identify the many, disparate types of mobile devices being used, along with their vulnerabilities and risk, is central to developing effective forensics procedures and considerations, when it comes to capturing and preserving evidence obtained from mobile devices. He believes that there is a definite need to better understand the growing market for mobile security and effectively map the available solutions to the existing security problems more.
"To effectively solve BYOD anxieties, enterprises need to address the risk associated with mixing personal and business data on the same device. ISACA's COBIT 5 governance framework goes a long way to assisting professionals in this regard," he added.
EuroCACS/ISRM is a multidimensional event, featuring audit, security, governance and risk content, as well as the audit and security programs, tools and resources needed to be responsive to industry changes. Register at http://www.isaca.org/Education/Conferences/Pages/European-CACS-ISRM-Europe-2012.aspx