SlideShare a Scribd company logo

Embracing the IT Consumerization Imperitive

Download as PPT, PDF
Barry Caplin
Barry Caplin
Technology
1 of 23
Embracing the IT Consumerization Imperative Barry Caplin CISO MN Dept. of Human Services barry.caplin@state.mn.us bc@bjb.org, @bcaplin, +barry caplin
http://about.me/barrycaplin
More About Me • Native New Yorker! • 30 years in IT/ 20 years in InfoSec
Apr. 3, 2010 300K ipads 1M apps 250K ebooks … day 1!
2011 – tablet/smartphone sales exceeded PCs
The real reason we need tablets
Why are we talking about this? But really, all connected!
Business Driver?
What about…
Ineffective Controls
1 Day
5 Stages of Tablet Grief • Surprise • Fear • Concern • Understanding • Evangelism
Security Challenges Devices: •Exposure of data •Leakage of data – sold, donated, tossed, repaired drives •Malware But don’t we have all this now???
Consumer App Security • “non-standard” software a challenge • Vetting, updates/patches, malware • No real 3rd party agreements • Privacy policies, data ownership • SOPA/PIPA/CISPA
Legal (IANAL) • Privacy – exposing company data • Litigation hold – on 3rd party services • Separation – what’s on Dropbox? • Copyright, trademark, IP? • How do you?: – Get data from a 3rd party service?
BYOD Security Solutions • Sync – Network or OTA • VDI – Citrix or similar • Containerization – Sandbox, MAM • Direct Connection – Don’t!
DHS view - POE • Policy • Guest wireless • Supervisor • FAQs for approval users/sups • Citrix only • Metrics • No Gov't records • $ - not yet on POE (unencrypted) • 3G/4G or wired
Software Security Solutions • Policy – Examine existing – augment • Process – Vetting, updates, malware • 3rd party agreements – where possible • Data classification/labeling • PIE – pre-Internet encryption
CoIT Nirvana • Any, Any, Any – work, device, where • Be nimble • Data stays “home”++ • Situational awareness
Key Points • Business Need – Partner internally • BYOD, Consumer apps, or both? • Policy, Technical, Financial aspects • Watch the data • Make easy for users • Education/Awareness
Embracing the IT Consumerization Imperitive

Recommended

How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart ParentBarry Caplin
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
Social Media Security 2011
Social Media Security 2011Social Media Security 2011
Social Media Security 2011Donald E. Hester
 
Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012curlistl
 
Technology ( The Advantage and Disadvantage)
Technology ( The Advantage and Disadvantage)Technology ( The Advantage and Disadvantage)
Technology ( The Advantage and Disadvantage)Alyanna Marie
 
Online Safety Tips for Parents
Online Safety Tips for ParentsOnline Safety Tips for Parents
Online Safety Tips for ParentsKristi Richburg
 

Recommended

How to be a Tech-Smart Parent
How to be a Tech-Smart ParentHow to be a Tech-Smart Parent
How to be a Tech-Smart ParentBarry Caplin
 
Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Tech smart preschool parent 2 13
Tech smart preschool parent 2 13Barry Caplin
 
Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Wearing Your Heart On Your Sleeve - Literally!
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
 
CISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusCISOs are from Mars, CIOs are from Venus
CISOs are from Mars, CIOs are from VenusBarry Caplin
 
Social Media Security 2011
Social Media Security 2011Social Media Security 2011
Social Media Security 2011Donald E. Hester
 
Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012curlistl
 
Technology ( The Advantage and Disadvantage)
Technology ( The Advantage and Disadvantage)Technology ( The Advantage and Disadvantage)
Technology ( The Advantage and Disadvantage)Alyanna Marie
 
Online Safety Tips for Parents
Online Safety Tips for ParentsOnline Safety Tips for Parents
Online Safety Tips for ParentsKristi Richburg
 
Online Safety for Seniors
Online Safety for SeniorsOnline Safety for Seniors
Online Safety for SeniorsConnectSafely
 
8th grade presentation for slideshare
8th grade presentation for slideshare8th grade presentation for slideshare
8th grade presentation for slideshareMarian Merritt
 
Parent workshop - Social Networks
Parent workshop - Social NetworksParent workshop - Social Networks
Parent workshop - Social NetworksClint Hamada
 
Cybersafety overview
Cybersafety overviewCybersafety overview
Cybersafety overviewJohn Woodring
 
Online Identity- Part 1
Online Identity- Part 1Online Identity- Part 1
Online Identity- Part 1KR_Barker
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Donald E. Hester
 
3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk Management3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk ManagementConnectSafely
 
Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)Pod Legal
 
Data and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs OneData and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs OneTim Rich
 
Oscpa sept 2013
Oscpa sept 2013Oscpa sept 2013
Oscpa sept 2013jerryjustice
 
Social Networking and Cyberbullying
Social Networking and CyberbullyingSocial Networking and Cyberbullying
Social Networking and CyberbullyingLouise Jones
 
HighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 TakeawaysHighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 TakeawaysEmory University
 
Technology gadgets a boon or a bane
Technology gadgets a boon or a baneTechnology gadgets a boon or a bane
Technology gadgets a boon or a baneBalasubramanian Kalyanaraman
 
Digital Self
Digital SelfDigital Self
Digital SelfAngeloMirabel
 
UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)Pod Legal
 
Digital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesDigital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesThe Lorenzi Group
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyTom Eston
 
KidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationKidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationOCTF Industry Engagement
 
Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01overcertified
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media SecurityDel Belcher
 
Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?Barry Caplin
 

More Related Content

What's hot

Online Safety for Seniors
Online Safety for SeniorsOnline Safety for Seniors
Online Safety for SeniorsConnectSafely
 
8th grade presentation for slideshare
8th grade presentation for slideshare8th grade presentation for slideshare
8th grade presentation for slideshareMarian Merritt
 
Parent workshop - Social Networks
Parent workshop - Social NetworksParent workshop - Social Networks
Parent workshop - Social NetworksClint Hamada
 
Cybersafety overview
Cybersafety overviewCybersafety overview
Cybersafety overviewJohn Woodring
 
Online Identity- Part 1
Online Identity- Part 1Online Identity- Part 1
Online Identity- Part 1KR_Barker
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Donald E. Hester
 
3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk Management3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk ManagementConnectSafely
 
Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)Pod Legal
 
Data and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs OneData and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs OneTim Rich
 
Social Networking and Cyberbullying
Social Networking and CyberbullyingSocial Networking and Cyberbullying
Social Networking and CyberbullyingLouise Jones
 
HighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 TakeawaysHighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 TakeawaysEmory University
 
UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)Pod Legal
 
Digital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesDigital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesThe Lorenzi Group
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyTom Eston
 
Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01overcertified
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media SecurityDel Belcher
 

What's hot (20)

Online Safety for Seniors
Online Safety for SeniorsOnline Safety for Seniors
Online Safety for Seniors
 
8th grade presentation for slideshare
8th grade presentation for slideshare8th grade presentation for slideshare
8th grade presentation for slideshare
 
Parent workshop - Social Networks
Parent workshop - Social NetworksParent workshop - Social Networks
Parent workshop - Social Networks
 
Cybersafety overview
Cybersafety overviewCybersafety overview
Cybersafety overview
 
Online Identity- Part 1
Online Identity- Part 1Online Identity- Part 1
Online Identity- Part 1
 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014
 
3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk Management3Rs of Internet Safety: Rights, Responsibilities and Risk Management
3Rs of Internet Safety: Rights, Responsibilities and Risk Management
 
Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)Social Media - the legal risks (AIM)
Social Media - the legal risks (AIM)
 
Data and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs OneData and Ethics: Why Data Science Needs One
Data and Ethics: Why Data Science Needs One
 
Oscpa sept 2013
Oscpa sept 2013Oscpa sept 2013
Oscpa sept 2013
 
Social Networking and Cyberbullying
Social Networking and CyberbullyingSocial Networking and Cyberbullying
Social Networking and Cyberbullying
 
HighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 TakeawaysHighEdWeb 2013 - 9 Takeaways
HighEdWeb 2013 - 9 Takeaways
 
Technology gadgets a boon or a bane
Technology gadgets a boon or a baneTechnology gadgets a boon or a bane
Technology gadgets a boon or a bane
 
Digital Self
Digital SelfDigital Self
Digital Self
 
UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)UPDATED Social Media - the legal risks (AIM)
UPDATED Social Media - the legal risks (AIM)
 
Digital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesDigital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR Executives
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
 
KidSafe - Parental Training Presentation
KidSafe - Parental Training PresentationKidSafe - Parental Training Presentation
KidSafe - Parental Training Presentation
 
Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01Risk Assessment of Social Media Use v3.01
Risk Assessment of Social Media Use v3.01
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 

Viewers also liked

Accidental Insider
Accidental InsiderAccidental Insider
Accidental InsiderBarry Caplin
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?Barry Caplin
 
How to safely configure your home wireless network
How to safely configure your home wireless networkHow to safely configure your home wireless network
How to safely configure your home wireless networkBarry Caplin
 
Elements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramElements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramBarry Caplin
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?Barry Caplin
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management ProcessBill Ross
 
Risk Management 101
Risk Management 101Risk Management 101
Risk Management 101Barry Caplin
 
Internal Risk Management
Internal Risk ManagementInternal Risk Management
Internal Risk ManagementBarry Caplin
 

Viewers also liked (9)

Accidental Insider
Accidental InsiderAccidental Insider
Accidental Insider
 
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?IT Consumerization – iPad’ing the Enterprise or BYO Malware?
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
 
How to safely configure your home wireless network
How to safely configure your home wireless networkHow to safely configure your home wireless network
How to safely configure your home wireless network
 
Elements of an Information Security Awareness Program
Elements of an Information Security Awareness ProgramElements of an Information Security Awareness Program
Elements of an Information Security Awareness Program
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle Management
 
The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?The CISO Guide – How Do You Spell CISO?
The CISO Guide – How Do You Spell CISO?
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
Risk Management 101
Risk Management 101Risk Management 101
Risk Management 101
 
Internal Risk Management
Internal Risk ManagementInternal Risk Management
Internal Risk Management
 

Similar to Embracing the IT Consumerization Imperitive

Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...Andris Soroka
 
Isc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeIsc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeLenin Aboagye
 
Shadow it risks & control managing the unknown unknowns in the deep &...
Shadow it risks & control managing the unknown unknowns in the deep &...Shadow it risks & control managing the unknown unknowns in the deep &...
Shadow it risks & control managing the unknown unknowns in the deep &...Priyanka Aash
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
 
Data Protection, Humans and Common Sense
Data Protection, Humans and Common SenseData Protection, Humans and Common Sense
Data Protection, Humans and Common Senseusbcopynotify
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernanceCloudera, Inc.
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io
 
Data Quality Success Stories
Data Quality Success StoriesData Quality Success Stories
Data Quality Success StoriesDATAVERSITY
 
Identity - The Cornerstone of Information Security
Identity - The Cornerstone of Information SecurityIdentity - The Cornerstone of Information Security
Identity - The Cornerstone of Information SecurityBen Boyd
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19TechSoup
 
Recent developments in data analytics and big data
Recent developments in data analytics and big dataRecent developments in data analytics and big data
Recent developments in data analytics and big dataDez Blanchfield
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting James Deiotte
 

Similar to Embracing the IT Consumerization Imperitive (20)

Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
 
Isc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagyeIsc(2) eastbay-lenin aboagye
Isc(2) eastbay-lenin aboagye
 
Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011
 
Shadow it risks & control managing the unknown unknowns in the deep &...
Shadow it risks & control managing the unknown unknowns in the deep &...Shadow it risks & control managing the unknown unknowns in the deep &...
Shadow it risks & control managing the unknown unknowns in the deep &...
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
 
Data Protection, Humans and Common Sense
Data Protection, Humans and Common SenseData Protection, Humans and Common Sense
Data Protection, Humans and Common Sense
 
Where IT's At 2012
Where IT's At 2012Where IT's At 2012
Where IT's At 2012
 
Internal social media: risks and added value
Internal social media: risks and added valueInternal social media: risks and added value
Internal social media: risks and added value
 
Perspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data GovernancePerspectives on Ethical Big Data Governance
Perspectives on Ethical Big Data Governance
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
 
Data Quality Success Stories
Data Quality Success StoriesData Quality Success Stories
Data Quality Success Stories
 
Identity - The Cornerstone of Information Security
Identity - The Cornerstone of Information SecurityIdentity - The Cornerstone of Information Security
Identity - The Cornerstone of Information Security
 
Wipo smes ge_08_topic07
Wipo smes ge_08_topic07Wipo smes ge_08_topic07
Wipo smes ge_08_topic07
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
 
Recent developments in data analytics and big data
Recent developments in data analytics and big dataRecent developments in data analytics and big data
Recent developments in data analytics and big data
 
Impact of data science in financial reporting
Impact of data science in financial reporting Impact of data science in financial reporting
Impact of data science in financial reporting
 

More from Barry Caplin

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare securityBarry Caplin
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503Barry Caplin
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Barry Caplin
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503Barry Caplin
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and CyberbullyingBarry Caplin
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13Barry Caplin
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso saysBarry Caplin
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11Barry Caplin
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksBarry Caplin
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsBarry Caplin
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsBarry Caplin
 
Internet Safety for Families and Children
Internet Safety for Families and ChildrenInternet Safety for Families and Children
Internet Safety for Families and ChildrenBarry Caplin
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfBarry Caplin
 
Stick to the Basics - a look at the Brazilian and Dutch soccer training methods
Stick to the Basics - a look at the Brazilian and Dutch soccer training methodsStick to the Basics - a look at the Brazilian and Dutch soccer training methods
Stick to the Basics - a look at the Brazilian and Dutch soccer training methodsBarry Caplin
 

More from Barry Caplin (17)

Healing healthcare security
Healing healthcare securityHealing healthcare security
Healing healthcare security
 
It’s not If but When 20160503
It’s not If but When 20160503It’s not If but When 20160503
It’s not If but When 20160503
 
Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16Dreaded Embedded sec360 5-17-16
Dreaded Embedded sec360 5-17-16
 
It’s not if but when 20160503
It’s not if but when 20160503It’s not if but when 20160503
It’s not if but when 20160503
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - Passwords
 
Bullying and Cyberbullying
Bullying and CyberbullyingBullying and Cyberbullying
Bullying and Cyberbullying
 
3 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-133 factors of fail sec360 5-15-13
3 factors of fail sec360 5-15-13
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Stuff my ciso says
Stuff my ciso saysStuff my ciso says
Stuff my ciso says
 
Toys in the office 11
Toys in the office 11Toys in the office 11
Toys in the office 11
 
Teens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social NetworksTeens 2.0 - Teens and Social Networks
Teens 2.0 - Teens and Social Networks
 
Laws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refsLaws of the Game For Valley United Soccer Club travel soccer refs
Laws of the Game For Valley United Soccer Club travel soccer refs
 
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsLaws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refs
 
Internet Safety for Families and Children
Internet Safety for Families and ChildrenInternet Safety for Families and Children
Internet Safety for Families and Children
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
 
Stick to the Basics - a look at the Brazilian and Dutch soccer training methods
Stick to the Basics - a look at the Brazilian and Dutch soccer training methodsStick to the Basics - a look at the Brazilian and Dutch soccer training methods
Stick to the Basics - a look at the Brazilian and Dutch soccer training methods
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 

Embracing the IT Consumerization Imperitive

  • 1.
  • 2. Embracing the IT Consumerization Imperative Barry Caplin CISO MN Dept. of Human Services barry.caplin@state.mn.us bc@bjb.org, @bcaplin, +barry caplin
  • 4. More About Me • Native New Yorker! • 30 years in IT/ 20 years in InfoSec
  • 5.
  • 6. Apr. 3, 2010 300K ipads 1M apps 250K ebooks … day 1!
  • 7. 2011 – tablet/smartphone sales exceeded PCs
  • 8. The real reason we need tablets
  • 9. Why are we talking about this? But really, all connected!
  • 13. 1 Day
  • 14. 5 Stages of Tablet Grief • Surprise • Fear • Concern • Understanding • Evangelism
  • 15. Security Challenges Devices: •Exposure of data •Leakage of data – sold, donated, tossed, repaired drives •Malware But don’t we have all this now???
  • 16. Consumer App Security • “non-standard” software a challenge • Vetting, updates/patches, malware • No real 3rd party agreements • Privacy policies, data ownership • SOPA/PIPA/CISPA
  • 17. Legal (IANAL) • Privacy – exposing company data • Litigation hold – on 3rd party services • Separation – what’s on Dropbox? • Copyright, trademark, IP? • How do you?: – Get data from a 3rd party service?
  • 18. BYOD Security Solutions • Sync – Network or OTA • VDI – Citrix or similar • Containerization – Sandbox, MAM • Direct Connection – Don’t!
  • 19. DHS view - POE • Policy • Guest wireless • Supervisor • FAQs for approval users/sups • Citrix only • Metrics • No Gov't records • $ - not yet on POE (unencrypted) • 3G/4G or wired
  • 20. Software Security Solutions • Policy – Examine existing – augment • Process – Vetting, updates, malware • 3rd party agreements – where possible • Data classification/labeling • PIE – pre-Internet encryption
  • 21. CoIT Nirvana • Any, Any, Any – work, device, where • Be nimble • Data stays “home”++ • Situational awareness
  • 22. Key Points • Business Need – Partner internally • BYOD, Consumer apps, or both? • Policy, Technical, Financial aspects • Watch the data • Make easy for users • Education/Awareness

Editor's Notes

  1. IT Consumerization is a major buzz-phrase
  2. 1. Check out my about.me, with links to twitter feed and Security and Coffee blog. 2. More about me… including the most important thing…
  3. Mobile/portable devices are not new. Then an event occurred that changed the game… IBM “Portable” 5155, $4225, 30 lbs, 4.77MHz 8088; Apple Newton; AppleBook; original ThinkPad; 1 st gen android; Palm III; early Blackberry
  4. 1 st iPad, 4/3/2010. 300K iPads sold, 1M apps, 250K ebooks downloaded on the first day. Features, form factor, intuitive use made it the people’s choice.
  5. 1. mid-2011 tipping point 2. By early 2012, 50% of US mobile users use a smartphone
  6. 2012 survey of IT leaders – Mobile is #1 tech impact But Cloud is 2, CoIT 3 and Social 4 – all connected
  7. The devices are hot and driving the space, but it’s really about the ability to have mobility – to bring the product or service to the consumer/customer. Not just “flavor of the week”.
  8. Just say no is not a viable IT or Security strategy or response. We must partner with the business/user to provide what is needed. Just say no is an…
  9. If your organization is saying “just say no” to consumer devices and apps, then they are already in your environment Take opportunity to partner, lead and add value.
  10. 2.5 years ago Story of call from lawyer about iPads in a meeting This lead to…
  11. Quickly moved to last stage – evangelism Now security is dragging other groups kicking and screaming into the present. Security is leading and adding value.
  12. Exposure is device in hand – eavesdropping, MitM Leakage is device is gone. We have all this already. Datalossdb.org and Accidental Insider. 10% of 2 nd -hand drives bought had company/private data. StarTrib malware.
  13. 1. Similarly, we have had software issues – local admin, devs, etc. can’t enumerate badness. If the service is free, we are the product not the customer.
  14. Be sure to include legal Information Discovery, Litigation Hold are big issues.
  15. Now for solutions – 4 general categories for devices Containerization includes Enterprise App Store
  16. Extensible policy; Citrix (no remnants); looking at containerization; guest wireless/wired; not yet considering $ (reimbursement/stipend) Gartner says at least 3-5 years for financial payoff.
  17. Policy already mentioned Working on process to more seamlessly allow consumer apps Know your data classifications PIE great for online storage, file sharing.
  18. Partner; Lead; Add value Good user experience is key
  19. Users are changing; expectations are changing; keep “eyes on the prize”; partner, solve problems, and add value