Published on Security Management (http://www.securitymanagement.com)
Networks Threatened by Rogue Devices, Says Cisco Report
By John Wagley
Created 06/30/2010 - 10:31



    
Wrap-Up?: 
No
Weight: 
0
Lead Headline?: 
Yes
Date: 
06/30/2010
By Line: 
By John Wagley
Teaser: 
As consumers continue to purchase smart phones and other portable devices at a rapid clip, they are increasingly bringing these devices inside organizational networks, according to a study by Cisco Systems.


As consumers continue to purchase smart phones and other portable devices at a rapid clip, they are increasingly bringing these devices inside organizational networks, according to a study  [1]by Cisco Systems. This trend is creating data loss and other security risks, it states.




About 40 percent of organizations have detected unsupported devices on their networks, according to the study, which was conducted by InsightExpress and surveyed about 500 IT managers in the United States, Germany, China, India, and Japan. Approximately the same percentage of respondents also said they had experienced data loss because of such devices.


(For more on the incredible power of smart phones for good and ill, see "DHS Wants to Turn Cell Phones Into Chemical Sensors [2]" and "BlackBerry App Can Spy on You, US CERT Warns [3].")


Many IT managers reported having security policies and controls in place. Seventy-five percent of respondents said they had written policies that included consequences for noncompliance. Forty percent said they employed technical measures to block unauthorized devices from the network.


But such safeguards are unevenly applied and enforced, according to John Girard, a Gartner Research vice president, speaking at a recent Gartner conference in Washington.


Many organizations could significantly reduce risks by implementing and enforcing a key set of measures, he said. These include requiring the use of encryption and some form of authentication, he said. They also include setting devices to “time out” after about 20 minutes as well as employing some form of remote data wiping technology. Employees should also be accountable for noncompliance.


Many organizations should also consider security software, he said, which can help ensure that devices connect in a safe manner, use certain security features, and receive regular security updates, for example.


Seventy-five percent of Cisco respondents said IT departments should hold principal responsibility for writing, communicating, and enforcing security policies. Security is most effective, according to Girard, when IT executives work with other departments, such as human resources, to craft and enforce policy.




♦ Photo by Gonzalo Baeza Hernandez/Flickr [4]


Related Resources: 
Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 37,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703-519-6200 | fax 703-519-6299 | www.asisonline.org


ASIS


© 2012 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/news/networks-threatened-rogue-devices-says-cisco-report-007341

    
Links:
[1] http://newsroom.cisco.com//dlls/2010/ekits/Full_Survey_Results_062410.pdf

[2] http://www.securitymanagement.com/news/dhs-wants-turn-cell-phones-chemical-sensors-007003

[3] http://www.securitymanagement.com/news/blackberry-app-can-spy-you-us-cert-warns-006401

[4] http://www.flickr.com/photos/gonzalobaeza/4096799964/