A Cautionary Call To Action - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments A Cautionary Call To Action
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
3/30/2015 | 3:22:25 PM
do you want control or ease of use?
If you want strict regulatory control over email, then you simply can't have a BYOD policy other than no BYOD. If employees are forced to use their work email over their work phone then there is very little room for confusion. Then if something like this happens it's much more likely it was intentional and not 'just an accident'.
User Rank: Moderator
3/26/2015 | 2:17:15 PM
Re: Device or Service?
If you want better security then any usage must be fully governed and BYOD doesn't allow for that, and even after that, what is stopping a person using another device, say a hotel "share" system & commit the same acts.

This becomes the cost of doing business.
User Rank: Ninja
3/24/2015 | 3:02:36 PM
Re: A Catuonary Call To Action
I very much agree with your overall takeaway here, Joe; communications-based security concerns (be they e-mail or otherwise) are a persistent, legitimate issue, and they aren't going away any time soon. If nothing else, the fact that the Secretary of State was, at some level, infracting on this is evidence that this goes up to the highest level possible - and that there's no doubt it affects everyone in-between. I do think the ramifications of this specific story are being inflated a bit by other, click-hungry publications (Gawker called it a 'secret' e-mail adress, haha) - it's worth noting that Mrs. Clinton already turned over all the e-mails from this account to public officials for review, and (according to herself) wants the public to see them. There's a lesson in there about tact and incident response (an important component) for CXOs, too. Nevertheless, we are talking about one of the highest offices in the world.

There's no shortage of issues here on the technical side (the need for a good MDM solution comes to mind), but I agree with your position that the non-technical is often just as or more relevant. Many security pros advocate mitigation and DR over prevention, and that seems relevant here. Whether willfully or accidentally, users are inevitably going to violate your policies. When you mentioned monitoring private e-mail, I couldn't help but think 'even if you did that, they would just give you a phony e-mail to monitor, and then use another one'. Expecting outside partners to adhere strictly to your policies also seems like a bridge too far outside of extremely sensitive industries (IE financial, gov't contractors) - after all, it's not like you'd want to adhere to theirs. I think it's more about finding a good fit and figuring out what's absolutely essential to you and what's an acceptable risk.
User Rank: Ninja
3/24/2015 | 10:58:53 AM
Device or Service?
Yes, BYOD does contribute to the issues you outline

But what also makes it possible is all the free email services, free  or low cost texting, free chat services.

One can have half a dozen free email accounts from different places. As long as these free services are around, the problem may never be solved

State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
Register for InformationWeek Newsletters
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll