1300 130 447
make a knowledge base
available to end users
Source - HDI Report
About the Knowledge Base
Search all the Knowledge Base
Testimonial: I have found that the new HDAA Knowledge Base reduces the time it takes me to research industry stats & reliable information for the ITSM sector. It’s easy to use search functionality encompassing KCS principles, helps to filter & tailor my searches more accurately & there are numerous new services now available through the website. Every time I return to the site there is new information published. Very impressive.
Chris Powderly, Support & Services Manager, Allens
Governance & Risk Management
Cloud , Consumerisation of IT , Virtualisation , Challenges for IT , Protecting Data , Confidentiality , Integrity , BYOD
Why you can't ignore ITSM , Weaving a Secure Web: Security Collaboration in Practice , Use Your Personal Smartphone for Work Email? Your Company Might Take It , Tech Trends: Security and Access Management , Tech Trends: Disk Imaging
In fact, when we discuss data security concerns with IT managers, there are three other factors getting as much of or even more of their attention:
IT managers face a tough fight on all three of these fronts, as they manage tighter budgets with the critical requirement of providing security for the data flowing into and out of their enterprise organizations every day.
Regardless of which of the three areas takes priority in your IT organization, a successful data security strategy is not merely about protecting the confidentiality and integrity of your data, but also about ensuring its availability to all authorized users.
The BYOD onslaught became real in 2012 and will only get more pronounced in 2013. In October 2012, Forrester reported that two–thirds of employees regularly use two or more devices at work, with 12 percent using tablets. A Juniper Research report from June 2012 predicts that the number of employee-owned smartphones and tablets used in the enterprise will grow from 150 million devices in 2012 to 350 million in 2013.
All of this doesn’t even begin to take into account the threats posed by lapses in physical security. Mobile phones are frequently lost or left behind; think about how much confidential corporate data can become exposed by someone circumventing a password or lock – a relatively easy task for any seasoned hacker. Stolen devices can compromise even the most protected encrypted data, as well as lead to unauthorized access to corporate services, such as email and the VPN.
This consumerization of IT presents serious data security challenges for IT departments, as the number of entryways opened through smartphones, tablets, netbooks and other managed or barely managed devices multiplies quickly.
The drive toward a BYOD environment is being driven by the end user. Everyone from a C-level executive to the clerk in the mailroom wants to apply the ease of use they get from their personal devices to their corporate responsibilities. But as that happens, the number of access points into the enterprise from outside the firewall continues to grow exponentially. And then the likelihood of a serious security breach skyrockets without the proper measures in place.
Today, too many IT generals are still fighting the last data war with security measures built for a time when IT controlled every device accessing the network. That’s just not the case anymore. They need to look anew at the systems in place and their capacities to plug all of the new security holes created by the consumerization of IT.
For instance, one of the biggest challenges in the BYOD environment is the greater risk posed by mobile malware. This malware can come in many forms, from stealing and possibly corrupting data, applications and communications on the devices themselves, to becoming launching points for advanced network attacks, such as advanced persistent threats and denial-of-service attacks. Cybercriminals use APTs to steal critical data and even revenue over a long period of time, and they can also be used in state-sponsored attacks on other countries. So-called “hacktivists” also use APTs to disrupt service or deface a website.
Any attack launched from a compromised mobile device poses additional difficulties for those trying to understand the who, where and why of the attack. Since the attack doesn’t often originate from a known server or fixed IP address, it is difficult to trace and even harder to combat or defend against. This is complicated even more by the fact that the mobile devices being used to generate these attacks roam from one wireless hotspot to another. Even worse, these attacks can often occur without the knowledge of the device owner.
Both Google’s Android OS and Apple’s iOS platform are ripe for the malware picking. Malware for Android rose 400 percent between 2010 and 2011, according to a Juniper Networks study. And iPhones and iPads are losing much of their security capabilities because of “jailbreaking,” which removes limitations imposed by Apple and allows users to gain root access to the operating system so they can download additional apps, extensions and themes not available through the iTunes App Store.
In both cases, compromising the internal security doesn’t just threaten the security of the device – it can compromise the confidentiality, integrity and availability of data inside of enterprise IT networks. IT organizations have to understand the full scope of these threats and then create new measures to address those issues.
The push toward virtualization is changing how and where data is being stored and accessed. It’s also causing a lot of security concerns. Previously, if one server went down or was compromised, it could be relatively easy to trace; in a virtualized environment that becomes more complicated. more >>
Search all Articles here.
Return to the Knowledge Base.
For further information, please contact HDAA on T: 1300 130 447.
No Result Found
- Contact Us
- IT Membership
- Support Centre Association
- Comparison Guide
- Price Guide
- Membership Conditions
Training & Workshops
- Training Courses
- Recent Workshops
- Cancellation & Transfer Policy
- ITIL Training
- ITIL Foundations
- Support Centre Consulting
- Service Desk Consulting
- Help Desk Consulting
- Media Kit
- Update your details
- New account
© Copyright HDAA. All rights reserved.
HDAA - Energising the Service & Support Profession
Help Desk Association Australasia Pty Ltd trading as HDAA
T: 1300 130 447 T: +61 (0) 2 9986 1988 F: +61 (0) 2 9986 1330
E: firstname.lastname@example.org W: www.hdaa.com.au A: PO Box 303, Turramurra NSW 2074 Australia
ABN: 20 088 292 755
Our Services: ITIL | ITIL Training | ITIL Foundations | IT Membership | Service Desk Association | Support Centre Association | Support Centre Training | Service Desk Training | Help Desk Training | Support Centre Consulting | Service Desk Consulting | Help Desk Consulting
ITIL® and PRINCE2® are registered trade marks of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
RESILIA™ is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
The Swirl logo™ is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
DevOps Foundation®, is a registered mark of the DevOps Institute.
HDI® is a Registered Trade Mark. HDAA is the Australasian Gold Partner of HDI®.
KCS℠ is a Service Mark of the Consortium for Service Innovation™.