It’s been quite some time since I received my undergraduate degree in Computer Science, Software Engineering. Guess what was on the mind of every professor at the time. Securing IT from internal and external exploits and breaches. Over the following decade, one theme continued to be unresolved in a meaningful fashion: security failures resulting from “git ‘er done” mentality untempered by second thoughts as to the risk profile being accepted as the cost of doing business. Am I the only one surprised but encouraged due to the sudden focus at the governance level?
The spectre of process innovations looms large over cybersecurity in IT. What’s to be done about BYOD? I see it’s inherent risks being resolved with a combination of policy, training, and sensible governance via one or more mobile management strategies (e.g. MDM, MAM, MSM). An effective system will size the solution according to the size and goals of the organization. Also, the acceptable risk profile of the organization will drive the sophistication of the governance solution.