Legal, Security, and IT Tackle BYOD
|
|
- Dwayne Watts
- 8 years ago
- Views:
Transcription
1 WHITE PAPER: LEGAL, SECURITY, AND IT TACKLE BYOD Legal, Security, and IT Tackle BYOD Who should read this paper CIO, CISO, VP IT operations, mobile architect, mobile program manager, and legal counsel. This paper briefly reviews how the uninhibited and unchecked use of mobile devices for enterprise functions can lead to serious litigation risks. Enterprise mobile management solutions can provide the controls necessary to establish a strong information governance policy that supports BYOD.
2
3 Content Bring your own device BYOD BYOD challenges, risks, and impact Lost devices IP theft data breaches Information governance of mobile devices ediscovery and investigations Corporate discovery of mobile devices Managing BYOD takeaways for corporate stakeholders edj Group
4 Bring your own device BYOD More and more organizations around the globe are permitting employees to bring their own mobile computing devices to work so that employees can access company data from any location at any time with any device. The bring-your-own-device (BYOD) trend started gaining traction around 2007 when executives and board members brought the first personal smartphones, tablets, and ultrabooks into the corporate workspace. The BYOD trend has become a corporate reality, with up to 95 percent of organizations allowing the use of employee-owned devices in some way, shape, or form according to a Cisco survey. 1 With BYOD, IT departments have recognized an average of $300 $1,300 in annual hardware and support savings as employees realized increased productivity, collaboration, and connectivity from personal devices and mobile apps. Although BYOD started by executive fiat, fast forward a few years and many of today's younger corporate employees believe that using their own devices for work and personal use is a right. For example, more than 33 percent of employees age said that they would break any company anti-byod rules to use their personal devices. 2 Unfortunately, this BYOD trend highlights the fact that the rapid pace of evolution in technology often outpaces the development of good internal policies and procedures that can minimize the risks and costs of deploying them. The problem is common because the deployment of technology solutions is typically perceived as a function of the IT department and the business units they support. Little thought is given to the consequences of accessing and managing sensitive corporate data from personal devices when IT's prime mandate is maximizing operational efficiency and profitability. This corporate culture leads to technology being deployed without adequate input from corporate legal departments and other stakeholders. The result is that policies accompanying technology rollouts are commonly nonexistent or sorely inadequate in meeting foreseeable downstream problems related to data security, employee privacy, retention management, and ediscovery requests. The good news is that proactive policies and controls have the potential to mitigate or eliminate the possible risk and costs of these BYOD challenges. The bad news is that 47 percent of survey respondents reported that their IT departments have not discussed mobile/cyber security awareness, 3 and 44 percent reported that their company did not have a mobile device usage policy. This last statistic can be misleading, as other surveys of IT managers have indicated that a majority of companies now have some kind of mobile device usage policy, even if their users are not aware of it. BYOD challenges, risks, and impact Lost t devices Mobile devices are easily lost or stolen most in social settings or while people are traveling. Simple four-digit passcodes can be cracked in less than an hour. Unsecured apps, easy to obtain access credentials, and local files stored directly on devices combine to pose significant data loss and security breach threats. Device upgrades can result in unwiped devices being sold overseas. The loss of personally identifiable information (PII) carries high remediation costs 4 and the risk of enforcement actions from state and federal agencies like the Federal Trade Commission (FTC). 5 High-profile losses of laptops and devices by health provider executives and employees highlight the risks and consequences of lost mobile devices Cisco press release, Cisco Study: Saying Yes To BYOD, May 16, 2012, 2- Ellen Messmer, Young employees say BYOD a right not privilege, Network World, June 12, 2012, 3- Weber, Mike, and Chris Lietz, 2013, BYOD 2013: Employees and Companies Remain Lax with BYOD Security, A Coalfire Perspective, BYOD-2013-Companies-Remain-Lax. 4- Ponemon Institute (benchmark research sponsored by Symantec), 2013 Cost of Data Breach Study: Global Analysis, May 2013, 5- Inside Counsel (sponsored by Symantec), The Federal Trade Commission on Fraud, Deception, & Data Privacy Enforcement Actions, December 12, 2013, 6- ihealthbeat, Health Data Breaches Reported by Providers, Agencies in Three States, December 11, 2013, 1
5 IP theft data t data breaches The mobile workforce requires 24x7 access to critical enterprise systems and confidential data on 2 4 devices at a time. That access from outside the security of the corporate firewall makes mobile devices a prime target for corporate espionage, hackers, and other cyber criminals. The comingling of personal , Web browsing, apps, and third-party connections creates vulnerabilities outside of corporate control without the benefit of mobile device and app management technologies. Every device needs active protection against malware, viruses, and other malicious Web threats. Information governance of mobile devices Policy BYOD and usage policies should be designed to minimize the creation of unique mobile electronically stored information (ESI) without impacting user productivity. As surveys show, too many users are not aware of existing mobile device policies or usage guidelines. All major stakeholders (legal, compliance, security, HR, IT, and users) should participate in policy creation. Policies without the necessary education, acceptance, and enforcement are often worse than having no policies at all. Such practices demonstrate that the company understood acceptable practices and then proceeded to ignore them. Management technology Mobile device management (MDM) systems control basic security access and device settings such as passwords, encryption, remote wipe capabilities, and more. MDM security systems can be considered a foundational protection strategy, but they do not address privacy, retention, or discovery requirements. Another early strategy pioneered by government agencies isolates sensitive , contacts, and other data in an encrypted sandbox container within the device that requires authenticated credential keys to access that information. The relatively rigid sandbox strategy has evolved into more flexible application wrapping methodology that enables organizations to secure approved corporate apps and their content with a mobile application management (MAM) system. Restricting work on employee devices to secured corporate apps automatically identifies and segregates work from personal data where possible. High-publicity lawsuits such as City of Ontario v. Quon 7 demonstrate the need to protect private personal communications in an era where work and personal life is often blurred, thereby creating privacy issues. These MAM systems can restrict corporate data to known devices and apps, and can prevent critical information from being copied or forwarded outside of the company apps, closing a big security gap. Process and people The creation of effective policies and controls requires the establishment of a stakeholder team that has executive backing. The 2013 edj Group survey shows that most respondents have no effective mobile ESI retention policy. The 7- Wikipedia entry, Ontario v. Quon, last modified February 9, 2014, 2
6 stakeholder team s goal should be to balance user enablement and productivity with controls and documented protocols that can achieve effective information governance and compliance. Critical corporate data should not reside solely on user-owned devices. This data should be synchronized with corporate record systems such as enterprise archives to minimize the amount of unique data created and stored on user devices. If all unique records or potential legal evidence lives on enterprise systems, then mobile devices can be excluded from retention and discovery requirements in most cases. ediscovery and investigations Over 60 percent of legal respondents to the edj survey have been required to discover data from mobile devices as part of a legal proceeding. However, only 14.5 percent said that mobile devices were commonly requested, and 46 percent said that mobile devices were requested only in special matters. Moreover, it is difficult or impossible for users to preserve texts, call logs, and other ESI on these devices over the typical 1- to 2-year legal hold period. Another concern for global corporations is meeting the compliance requirements of increasingly stringent European Union (EU) data privacy laws when corporate ESI is comingled with personal , texts, chats, and other private ESI. BYOD blurs the line between work and personal life with serious consequences for the intentional or possibly even inadvertent collection and disclosure of personal data to third parties in legal proceedings. Corporate discovery of mobile devices Preservation and collection Creating an effective, defensible legal hold strategy for mobile devices is especially challenging due to their dynamic storage management. Unlike laptops and network shares, mobile devices delete texts, call logs, and other volatile data automatically. Users under legal hold can refrain from manually deleting app files, but it is almost impossible for a user to preserve volatile, dynamic mobile data when a device is in use. This forces corporations to employ collection or backup technologies to comply with legal holds when that data is potentially relevant. Mobile device collection is still accomplished through a local cable connection and can take hours when performed on 8 GB to 32 GB devices. The mobile data is stored in a specialized container file for later filtering and extraction. Civil 8 9 and criminal 10 sanctions for failure to preserve mobile content 8- Santa Clara Law Digital Commons, Christou v. BeaPort, January 23, 2013, 9- PRWeb, Pradaxa Lawsuit News: Federal Court Imposes Sanctions Against Manufacturer of Pradaxa, notes Schlichter, Bogard & Denton, LLP, December 11, 2013, prweb htm. 10- Kunzelman, Michael, Ex-BP engineer convicted on 1 obstruction charge, AP, December 18, 2013, 3
7 provide a clear mandate for corporate IT and legal departments to minimize unique mobile data and have a preservation plan for legal holds. Processing and the European Compliance Academy (ECA) Once content is collected from mobile devices, it must be made accessible so that a legal review can be performed to determine if the content is responsive, privileged, or nonresponsive to the matter at issue. Most collection software creates one or more forensic container files that must be processed to extract tables and file objects such as photos, s, and more. A very few mainstream ediscovery platforms have built-in connectors that can directly ingest these packages for search and review. The majority of users manually extract selective data from individual mobile devices container files based on data type, date, or other filter criteria such as phone numbers, names, or search terms. If corporate data is not segregated in secured apps, the personal data may need to be filtered out or even held for custodial release in certain countries. Most legal review systems are not optimized for mobile data, and the discovery team should consider all review, filter, and review strategies to prevent escalating costs and having a negative impact on deadlines. Remember that voic , videos, and other audio content cannot be searched by most systems. Mobile Discovery Process Elements Standardized declarations & interrogatory responses Mobile data relevance checklist Custodial questionnaire Preservation process & custodian hold instructions Collection technology & process Processing & review workflow with selected technology or partners Change management process to keep stakeholders updated on rapidly evolving usage & data 4
8 Managing BYOD takeaways for corporate stakeholders BYOD management elements for organizations Mobile device usage policy (see BYOD policy considerations ) End-user guidelines, training, and policy acceptance documentation Mobile device content retention schedule, enforcement tools, and process MDM to control access, settings, and administrative rights MAM, secured apps, or some other protection system for corporate data Procedures for terminated employees and device replacement to protect corporate data Standardized declarations and interrogatory responses Mobile data relevance checklist Custodial questionnaire Preservation process and custodian hold instructions Processing and review workflow with selected technology or partners Change management process to keep stakeholders updated on rapidly evolving usage and data Mobile collection tool(s) local device collections in 2 4 hours to minimize the impact on users Search, process, and ECA tools for mobile collection container files for early relevance and scope management Mobile data extraction and processing capabilities done in house or using preferred provider partners BYOD policy considerations Does the policy address device ownership and privacy interests? Does the policy specify who has the right to access and control information on the device? Can devices be used for personal and business purposes and can that information be partitioned? Does policy specify acceptable devices, apps, and cloud services? Can the device be wiped if it is lost or stolen? What happens when an employee leaves an organization? Does the policy cover device access and discovery rights? For better or worse, BYOD has penetrated most enterprise environments despite the lack of a mature mobile information governance infrastructure to support stakeholder requirements. These critical downstream security, compliance, and discovery requirements can be leveraged to obtain the executive mandate and budget needed to acquire and implement a mature mobile management lifecycle. This report has explored the challenges, risks, and proactive solution strategy elements needed to manage the increasing number of remote workers as they conduct business on their personal devices. The benefits in user productivity, collaboration, and accessibility can be lost without a balanced solution that addresses both employee privacy and data security. Reactive discovery of mobile devices exponentially increases the cost as well as the risk of inadvertently losing relevant data that is under legal hold. Bring your key stakeholders together and bring mobile devices into your information governance lifecycle with the right policies and technologies. 5
9 edj Group About the edj Group Inc. The edj Group Inc. offers expert perspective, unbiased information, and pragmatic advice on ediscovery and information governance products, companies, technologies, and best practices. edj Group consultants have over 20 years of professional experience in forensics, litigation, corporate governance, software design, and many more related fields. About the Author Greg Buckles is an independent ediscovery consultant specializing in enterprise technology and workflow solutions, who has over 25 years of experience in discovery and consulting. His career spans law enforcement, legal service provider, corporate legal, law firm, and legal software development. This deep and diverse background, combined with his exposure to the discovery challenges of Fortune 500 clients, provide a unique industry perspective. Disclaimer: EDJ Group is not a law firm. All expressed opinions and content are provided for general educational purposes only and are not specific legal advice, even if the author is a practicing attorney. Neither edj Group Inc. nor the information contained herein should be used as a substitute for competent legal advice from a licensed professional attorney in your state. EDJ Group believes reasonable efforts have been made to ensure the accuracy of all edj Group Inc. original content. Content may include inaccuracies or typographical errors and may be changed or updated without notice. All edj Group original content is provided AS IS and while we endeavor to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the fitness for a particular purpose, completeness, accuracy, reliability, suitability, or availability with respect to the information, products, services, or related graphics for any specific purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will EDJ Group or any of its contributors be liable for any direct, indirect, punitive, incidental, special, or consequential damages or damages for loss of profits, revenue, data, down time, or use, arising out of or in any way connected with the use of the document or performance of any services, whether based on contract, tort, negligence, strict liability or otherwise. 2014, EDJ Group, Inc. All rights reserved. Customers that bought this report may make one attributed copy or slide of each figure contained herein. Licensed for reproduction by Symantec, additional reproduction is strictly prohibited. Information is based on best available resources. Opinions herein reflect judgment at the time of testing and are subject to change. Report illegal copies of this report to info@edjgroupinc.com to receive a free copy plus another research report of your choice. 6
10
11 About Symantec Symantec protects the world s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our worldrenowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at or by connecting with Symantec at go.symantec.com/socialmedia. For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA USA +1 (650) (800) Copyright 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 2/
Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It
WHITE PAPER: DON T LOSE THE DATA: SIX WAYS YOU MAY BE LOSING........ MOBILE....... DATA......................... Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It Who should
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationSOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite
SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationLeveraging a Maturity Model to Achieve Proactive Compliance
Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................
More informationSecurity, privacy, and incident response issues are often
ISSA DEVELOPING AND CONNECTING CYBERSECURITY LEADERS GLOBALLY The Legal Implications of BYOD: Preparing Personal Device Use Policies By David Navetta, Esq. ISSA member, Denver, USA Chapter This article
More informationMobile Medical Devices and BYOD: Latest Legal Threat for Providers
Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and
More informationDon't Wait Until It's Too Late: Choose Next-Generation Backup to Protect Your Business from Disaster
WHITE PAPER: DON'T WAIT UNTIL IT'S TOO LATE: CHOOSE NEXT-GENERATION................. BACKUP........ TO... PROTECT............ Don't Wait Until It's Too Late: Choose Next-Generation Backup to Protect Your
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationSymantec Enterprise Vault.cloud Overview
Fact Sheet: Archiving and ediscovery Introduction The data explosion that has burdened corporations and governments across the globe for the past decade has become increasingly expensive and difficult
More informationSymantec Enterprise Vault Discovery.cloud
Fact Sheet: Archiving and ediscovery Symantec Enterprise Vault.cloud is a cloud-based archiving service that helps organizations store, manage, and discover business-critical information. The service is
More informationBEST PRACTICES IN BYOD
1 BEST PRACTICES IN BYOD Addressing BYOD Challenges in the Enterprise Whitepaper 2 Best Practices in BYOD Bring Your Own Device (BYOD) offers many potential advantages: enhanced productivity, increased
More informationSymantec Mobile Security
Advanced threat protection for mobile devices Data Sheet: Endpoint Management and Mobility Overview The combination of uncurated app stores, platform openness, and sizeable marketshare, make the Android
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationGuide to Information Governance: A Holistic Approach
E-PAPER DECEMBER 2014 Guide to Information Governance: A Holistic Approach A comprehensive strategy allows agencies to create more reliable processes for ediscovery, increase stakeholder collaboration,
More informationManaging Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense
SAP White Paper SAP Partner Organization Mobile Device Management Managing Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense Table of Content 4 Mobile Device
More informationTop 5 Reasons to Choose User-Friendly Strong Authentication
SOLUTION BRIEF: USER-FRIENDLY STRONG AUTHENTICATION........................................ Top 5 Reasons to Choose User-Friendly Strong Authentication Who should read this paper This executive brief asserts
More informationSuccessful ediscovery in a Bring Your Own Device Environment
IT@Intel White Paper Intel IT IT Best Practices IT Governance and IT Consumerization June 2012 Successful ediscovery in a Bring Your Own Device Environment Executive Overview Close collaboration between
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationWeb Protection for Your Business, Customers and Data
WHITE PAPER: WEB PROTECTION FOR YOUR BUSINESS, CUSTOMERS............ AND.... DATA........................ Web Protection for Your Business, Customers and Data Who should read this paper For security decision
More informationSolving the Security Puzzle
Solving the Security Puzzle How Government Agencies Can Mitigate Today s Threats Abstract The federal government is in the midst of a massive IT revolution. The rapid adoption of mobile, cloud and Big
More informationSymantec Enterprise Vault and Symantec Enterprise Vault.cloud
Symantec Enterprise Vault and Symantec Enterprise Vault.cloud Better store, manage, and discover business-critical information Solution Overview: Archiving Introduction The data explosion that has burdened
More informationHow To Protect Your Data From Being Hacked
Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationCreating a Bulletproof BYOD (Bring Your Own Device) Policy for Personal Devices At Work
Creating a Bulletproof BYOD (Bring Your Own Device) Policy for Personal Devices At Work FEATURED FACULTY: Amy F. Melican, Associate, Proskauer 212.969.3641 AMelican@proskauer.com Traci Clements, Attorney,
More informationSecurity and Privacy Considerations for BYOD
Security and Privacy Considerations for BYOD Carol Woodbury, President SkyView Partners, Inc 1 Introduction The world of BYOD (Bring Your Own Device) is rapidly expanding. You may not think it s happening
More informationA White Paper from AccessData Group. The Future of Mobile E-Discovery
A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+
More informationUnderstanding ediscovery and Electronically Stored Information (ESI)
Copyright The information transmitted in this document is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination
More informationA White Paper from AccessData Group. The Future of Mobile E-Discovery
A White Paper from AccessData Group The Future of Mobile E-Discovery Contents 1. The changing landscape of e-discovery 2. New expectations in the courtroom 3. Mobile discovery within corporations 4. MPE+
More informationWhy Digital Certificates Are Essential for Managing Mobile Devices
WHITE PAPER: WHY CERTIFICATES ARE ESSENTIAL FOR MANAGING........... MOBILE....... DEVICES...................... Why Digital Certificates Are Essential for Managing Mobile Devices Who should read this paper
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationBES10 Self-Service. Version: 10.2. User Guide
BES10 Self-Service Version: 10.2 User Guide Published: 2014-09-10 SWD-20140908171306471 Contents 1 BES10 Self-Service overview... 4 2 Log in to BES10 Self-Service... 5 3 Activating your device...6 Create
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationThe Oracle Mobile Security Suite: Secure Adoption of BYOD
An Oracle White Paper April 2014 The Oracle Mobile Security Suite: Secure Adoption of BYOD Executive Overview BYOD (Bring Your Own Device) is the new mobile security imperative and every organization will
More informationBest Practices for Running Symantec Endpoint Protection 12.1 on Point-of- Sale Devices
TECHNICAL BRIEF: BEST PRACTICES GUIDE FOR PROTECTING RETAIL....... POS.... SYSTEMS............................. Best Practices for Running Symantec Endpoint Protection 12.1 on Point-of- Sale Devices Who
More informationTERMS and CONDITIONS OF USE - NextSTEPS TM
TERMS and CONDITIONS OF USE - NextSTEPS TM DATED MARCH 24, 2014. These terms and conditions of use (the Terms and Conditions ) govern your use of the website known as NextSTEPS TM, https://www.stepsonline.ca/
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:
More informationSymantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management
Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data
More information5 Must-Haves for an Enterprise Mobility Management (EMM) Solution
SOLUTION BRIEF: 5 MUST-HAVES FOR AN ENTERPRISE MOBILITY......... MANAGEMENT.............. (EMM)...... SOLUTION........... 5 Must-Haves for an Enterprise Mobility Management (EMM) Solution Who should read
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationSeven Things To Consider When Evaluating Privileged Account Security Solutions
Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?
More informationNavigating the NIST Cybersecurity Framework
Navigating the NIST Cybersecurity Framework Explore the NIST Cybersecurity Framework and tools and processes needed for successful implementation. Abstract For federal agencies, addressing cybersecurity
More informationAragon Research RESEARCH NOTE. Workplace Service. Mobile Security in a BYOD World
Aragon Research Author: Mike Anderson Mobile Security in a BYOD World Summary: Employee-owned devices at work put significant strain on security and manageability. Government agencies need policy and mobile
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the
More informationSymantec Enterprise Vault for Microsoft Exchange
Symantec Enterprise Vault for Microsoft Exchange Store, manage, and discover critical business information Data Sheet: Archiving Trusted and proven email archiving Symantec Enterprise Vault, the industry
More informationNorth Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP
Mobile Device Management Risky Business in Healthcare North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP Agenda HIPAA/HITECH & Mobile Devices Breaches Federal
More informationBYOD At Your Own Risk Working in the BYOD Era. Shane Swilley swilley@cosgravelaw.com (503)276-6074
BYOD At Your Own Risk Working in the BYOD Era Shane Swilley swilley@cosgravelaw.com (503)276-6074 Remember when mobile technology was more Hollywood fantasy than reality The original Smart Phone By the
More informationwww.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14
www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the
More informationThe Challenge of Securing and Managing Data While Meeting Compliance
ESG Brief Commvault: Integrating Enterprise File Sync and Share Capabilities with Data Protection and Backup Date: September 2015 Author: Terri McClure, Senior Analyst, and Leah Matuson, Research Analyst
More informationMobile Enterprise Management: Improving Healthcare While Protecting Patient Information
WHITE PAPER: MOBILE ENTERPRISE MANAGEMENT........................................ Mobile Enterprise Management: Improving Healthcare While Protecting Patient Information Who should read this paper Healthcare
More informationStay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationThe BYOD Opportunity. Say Yes to Device Diversity and Enable New Ways to Drive Productivity WHITE PAPER
The BYOD Opportunity Say Yes to Device Diversity and Enable New Ways to Drive Productivity WHITE PAPER Table of Contents Abstract.... 3 Introduction.... 3 A New Approach to BYOD... 3 Positive Results....
More informationData Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review
Accelerate e-discovery and simplify review Overview provides IT/Legal liaisons, investigators, lawyers, paralegals and HR professionals the ability to search, preserve and review information across the
More informationBring Your Own Device Security and Privacy Legal Risks
Bring Your Own Device Security and Privacy Legal Risks Introduction Information Law Group, LLP National boutique firm with focus on information law Experienced, nationally-recognized privacy, technology,
More informationBYOD Policies: A Litigation Perspective
General Counsel Panel Reveals the Real Deal BYOD Policies: A Litigation Perspective By Andrew Hinkes Reprinted with Permission BYOD Policies: A Litigation Perspective By Andrew Hinkes Bring-your-own-device
More informationIs online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution
PARTNER BRIEF: IS ONLINE BACKUP RIGHT FOR YOUR BUSINESS?........................................ Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid Who
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationMobility: Strengthening the Weakest Link in ediscovery
White Paper Mobility: Strengthening the Weakest Link in ediscovery A guide for IT and legal professionals looking for how to leverage technology to address ediscovery issues Executive Summary The rise
More informationYes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD
STRATEGY ANALYTICS INSIGHT October 2012 Yes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD By Mark Levitt, Analyst/Director at Strategy Analytics BYOD
More informationHow to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications
SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this
More informationSELECTING AN ENTERPRISE-READY CLOUD SERVICE
21 Point Checklist for SELECTING AN ENTERPRISE-READY CLOUD SERVICE Brought to you by Introduction The journey to the cloud is well underway, and it s easy to see why when 84% of CIOs report cutting application
More informationSouthwest Airlines 2013 Terms of Use Portable Devices Feb 2013
1 TERMS OF USE As of February 3, 2013 The following terms and conditions of use ( Terms of Use ) form a legally binding agreement between you (an entity or person) and Southwest Airlines Co. ( Southwest
More informationPanel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices
Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers
More informationHow To Use The Blog Safely And Responsibly
BLOG PROTOCOL DRI maintains this site (the "Site") for your personal entertainment, information, education, and communication. Please feel free to browse the Site. You may not download material displayed
More informationReduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY
2016 CLM Annual Conference April 6-8, 2016 Orlando, FL Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY Understanding e-discovery definitions and concepts is critical to working with vendors,
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationPredictive Coding Defensibility and the Transparent Predictive Coding Workflow
WHITE PAPER: PREDICTIVE CODING DEFENSIBILITY........................................ Predictive Coding Defensibility and the Transparent Predictive Coding Workflow Who should read this paper Predictive
More informationWhite Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise
WHITE PAPER: BUSINESS CONTINUITY AND BREACH PROTECTION White Paper Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise Business Continuity and Breach
More informationHow To Support Bring Your Own Device (Byod)
WHITE PAPER: EXPLOITING THE BUSINESS POTENTIAL OF BYOD........................................ Exploiting the business potential of BYOD (bring your own device) Who should read this paper This paper addresses
More informationtrends and audit considerations
Bring your own device (BYOD) trends and audit considerations SIFMA IT audit session 4 October 2012 Disclaimer Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited,
More informationCountering Insider Threats Jeremy Ho
Countering Insider Threats Jeremy Ho Strategic Sales Group (ASEAN) 1 CONFIDENTIAL Key Challenges Impacting Organization Today REGULATORY COMPLIANCE Rising Data Volumes Changing Requirements Prioritization
More informationBlackBerry Business Cloud Services. Version: 6.1.7. Release Notes
BlackBerry Business Cloud Services Version: 6.1.7 Release Notes Published: 2015-04-02 SWD-20150402141754388 Contents 1 Related resources...4 2 What's new in BlackBerry Business Cloud Services 6.1.7...
More informationSecuring Enterprise Mobility for Greater Competitive Advantage
SAP Brief SAP Technology SAP Afaria Objectives Securing Enterprise Mobility for Greater Competitive Advantage Build a strong foundation for mobile success Build a strong foundation for mobile success Enterprise
More informationThe NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide
SOLUTION BRIEF NIST FRAMEWORK FOR IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY The NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide SOLUTION BRIEF CA DATABASE
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationEnterprise Data Protection
PGP White Paper June 2007 Enterprise Data Protection Version 1.0 PGP White Paper Enterprise Data Protection 2 Table of Contents EXECUTIVE SUMMARY...3 PROTECTING DATA EVERYWHERE IT GOES...4 THE EVOLUTION
More informationDeath to PST Files. The Hidden Costs of Email
WHITE PAPER: EMAIL MANAGEMENT........................................ Death to PST Files Who should read this paper IT professionals looking for an easy storage, search and retrieval system for email that
More informationCisco Mobile Collaboration Management Service
Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are
More informationSymantec Endpoint Security Management Solutions Presentation and Demo for:
Symantec Endpoint Security Management Solutions Presentation and Demo for: University System of Georgia Board of Regents Information Technology Services Executive Summary Business Requirements To migrate
More informationCyber Liability Insurance Who Pays When Your Data Goes Missing?
Cyber Liability Insurance Who Pays When Your Data Goes Missing? JAKE KOUNS Markel Corporation Session ID: GRC-201 Insert presenter logo here on slide master. See hidden slide 4 for directions Session Classification:
More information43% Figure 1: Targeted Attack Campaign Diagram
TrendLabs Data exfiltration is the final stage of a targeted attack campaign where threat actors steal valuable corporate information while remaining undetected. 1 43% of most serious threats to the company
More informationDIGITAL LIFE E-GUIDE. Keeping Your Cloud Data in Check
A DIGITAL LIFE E-GUIDE Keeping Your Cloud Data in Check Creating passwords, installing security software, practicing safe surfing habits these typical security measures are not enough to protect your
More informationSymantec Client Management Suite 7.5 powered by Altiris
Symantec Client Management Suite 7.5 powered by Altiris IT flexibility. User freedom. Data Sheet: Endpoint Management Overview technology enables IT to make better decisions, be more flexible, improve
More informationIBM ediscovery Identification and Collection
IBM ediscovery Identification and Collection Turning unstructured data into relevant data for intelligent ediscovery Highlights Analyze data in-place with detailed data explorers to gain insight into data
More informationEXECUTIVE BRIEF SPON. File Synchronization and Sharing Market Forecast, 2012-2017. Published May 2013. An Osterman Research Executive Brief
EXECUTIVE BRIEF N Sharing Market Forecast, sponsored by An Osterman Research Executive Brief Published May 2013 SPON sponsored by Osterman Research, Inc. P.O. Box 1058 Black Diamond, Washington 98010-1058
More informationDirector, Value Engineering
Director, Value Engineering April 25 th, 2012 Copyright OpenText Corporation. All rights reserved. This publication represents proprietary, confidential information pertaining to OpenText product, software
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationHow To Secure Your Mobile Devices
SAP White Paper Enterprise Mobility Protect Your Enterprise by Securing All Entry and Exit Points How Enterprise Mobility Management Addresses Modern-Day Security Challenges Table of Contents 4 Points
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationINFORMATION PROTECTION
INFORMATION PROTECTION Johan Celis Principal Security Consultant Symantec Benelux SYMANTEC ENTERPRISE SECURITY STRATEGY Users Data Cyber Security Services Monitoring, Incident Response, Simulation, Adversary
More informationCybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
More informationNew Security Features
New Security Features BlackBerry 10 OS Version 10.3.2 Published: 2015-06-08 SWD-20150608104314635 Contents About this guide... 4 What's new... 4 NFC smart card support... 5 OCSP stapling support in the
More informationTERMS OF USE / LEGAL NOTICE FOR PENNSYLVANIA AMBULATORY SURGERY ASSOCIATION SITE
TERMS OF USE / LEGAL NOTICE FOR PENNSYLVANIA AMBULATORY SURGERY ASSOCIATION SITE The Pennsylvania Ambulatory Surgery Association ( Owner or us or we or our ) owns and operates the www.pasapa.org site (
More informationEULA - Page 2 of 5 any service, account, computer systems or networks associated with the Internet-based services provided by ESI-TECNALIA.
EULA - Page 1 of 5 END-USER LICENSE AGREEMENT FOR ESI-TECNALIA SOFTWARE IMPORTANT READ CAREFULLY: This End-User License Agreement ("EULA") is a legal agreement between you (either an individual or a single
More information