My day job
#16
Drifting
Join Date: Sep 2006
Location: Toronto, C eh! N eh! D eh!
Posts: 2,281
Likes: 0
Received 0 Likes
on
0 Posts
Interesting thread... I travel in certain circles that promote Cloud usage, as well as BYOD strategies.
Jim, I totally agree with your statements... when things are implemented poorly, without proper governance, and without a long term roadmap to maintain the security of the architecture. However, I am also a firm believer that when a corporation properly implements CLOUD and BYOD strategies it creates an environment that is even more secure then the typical on premise environments of today. Also, most large organizations operate with a 3rd party co-location/private cloud arrangement today.
Some very large revenue streams are being threatened by Cloud and BYOD strategies, so hype and exaggeration is bound to exist.
Personally, I am very comfortable with BYOD and Cloud usage... but then again, I have no money to steal!!
Jim, I totally agree with your statements... when things are implemented poorly, without proper governance, and without a long term roadmap to maintain the security of the architecture. However, I am also a firm believer that when a corporation properly implements CLOUD and BYOD strategies it creates an environment that is even more secure then the typical on premise environments of today. Also, most large organizations operate with a 3rd party co-location/private cloud arrangement today.
Some very large revenue streams are being threatened by Cloud and BYOD strategies, so hype and exaggeration is bound to exist.
Personally, I am very comfortable with BYOD and Cloud usage... but then again, I have no money to steal!!
#17
Team Owner
As a business, the "guest access" should be outside of the company firewall, it should never be within the company internal access for the very reason of being hacked into company's internal network.
Isn't that kind of extreme, Jim? And how do you expect any response from him when his head is rolling on the ground after you've axed him?
Isn't that kind of extreme, Jim? And how do you expect any response from him when his head is rolling on the ground after you've axed him?
ba dum dum ..
#18
While I don't disagree that this is possible and happening, it's a bit of fear mongering. If it was really that easy, many, many more people would be victims. Personally, I know the risks and accept them. If I lived in constant fear what kind of life would I have. I would not even be able to be on this site!!
#19
Rennlist Member
Thread Starter
Risk management requires attention to detail and assumes the worst. Threat analysis looks forward and recommends mitigation behaviour. If one lives in tornado alley a strong shelter is recommended because although the chance of a direct hit is slim the consequences can be catastrophic. In this instance the threat is evolving and can be considered cyber warfare. There are a couple of threat levels, first being 'the Cloud' which of course is a remote offsite server farm. That can be a Google 10 ha secure facility in Alaska or a not-so-much garage with a dozen racks in Bangladesh. Thats a problem.
The second matter is that of BYOD. It is very convenient but until somebody comes up with a way of scrubbing the device that connects to a network then management has to accept the possibility that the system can be corrupted at significant cost. It's a problem.
The second matter is that of BYOD. It is very convenient but until somebody comes up with a way of scrubbing the device that connects to a network then management has to accept the possibility that the system can be corrupted at significant cost. It's a problem.
#20
Rennlist Member
Thread Starter
A timely bit of news today. My inbox had this invitation to a webinar tomorrow at 2:00. It deals with the Advance Persistent Threat and will be interesting to those involved with IT management. I signed up and have done a couple of webinars with them so it's a safe link, at least my computer hasn't self destructed yet.
https://engage.vevent.com/index.jsp?...code=SophosEB2
https://engage.vevent.com/index.jsp?...code=SophosEB2