October 11, 2012

SC Congress NY: To cut BYOD security costs, get specific

A secure approach to bring-your-own-device (BYOD) in the workplace starts with defining user guidelines, which ultimately determine the bottom line for companies: what technology should be implemented and how much it will cost.

Security experts at this year's SC Congress in New York City believe that a long-term plan is the most efficient defense against BYOD breaches.

“You're never going to have 100 percent security, so what remains is your users' ability to understand your [BYOD] requirements,” said Yonesy Nunez, senior vice president and BISO of IT risk implementation at Citi Group, at the conference Thursday.

Nunez spoke to attendees at SC Congress New York, a conference and expo for security professionals hosted by SC Magazine, about having a game plane for BYOD security.

Keith Wilson, the managing director and CISO of the Teachers Insurance and Annuity Association – College Retirement Equities Fund (TIAA-CREF) said that once policies were in place for personal devices, container-based solutions for storing information, where data is sandboxed according to classification, would keep BYOD security guidelines from being derailed.

“If you are going to do true BYOD, I feel pretty strongly that you need to look at a container-based approach,” Wilson said of protecting sensitive information.

Companies must also address who is going to own mobile devices used for corporate purposes, who will then manage its use, and what model will be used to protect those devices.

Vijay Viswanathan, director and CISO at HD Supply, an Atlanta-based industrial distribution company, said that year-to-year strategies for BYOD security policies are the way to go.

“Based on the type of organization you are in, you need a long-term strategy for BYOD,” he said. Wilson added that, with the right BYOD security model in place, management can reduce support costs and successfully stave off threats.

“The cost reduction is real,” Wilson said. “It just depends on how you roll [the support model] out.”

Related Articles
Related Topics

Sign up to our newsletters

More in News

Scammers exploit interest in NBA finals to spread Facebook spam

Spammers also used pages on Tumblr to carry out a social networking scam.

Microsoft's new bug bounty program offers up to $11k in incentives

The tech giant now joins other major companies offering rewards to successful bug hunters.

Hacker defaces Facebook fan page of children's theme park

After contacting Facebook and claiming he was allowed access to manage the page, a miscreant blocked previous administrators and littered the page with sexual and racist references.