/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsINDIA: Well, there’s one thing common between Moms and CIOs (or CISOs). Whatever gets their antennae up and alert, makes an impact into the ‘Do and Don’t’ list of employees immediately.
It’s natural for someone who carries the huge responsibility of ensuring an enterprise’s security, to become concerned and watchful over every small change that washes across the company’s shores.
But being argus-eyed has its black spots too. Freedom, space, choice and flexibility are some words that feel squeezed when words like security and control spread their arms.
As Kartik Shahani, Country Manager, RSA India & SAARC points out, “It’s easy to take the traditional approach to control. But if today, you chose not to allow access as per guidelines, there might be losses on the HR front. To give or not to give, is the new dilemma for a CIO, when it comes to access.”
User has a big spread of choices nowadays. The machine, to top it, is something the user has invested in, not the company. Making it compliant to a company’s policies becomes an acrobatic challenge for CIOs then.
Many people use Macs to PCs, it’s a personal preference, but would a certain company policy allow it? BYOC (Bring Your Own Computer) days may be not so few and far between anymore.
As the ISACA survey shows, 56 per cent of respondents say that their enterprises do not allow installation of applications on mobile devices used for work activities. Mobile devices, in this case, include smart phones, flash drives, notepads, tablets and broadband cards.
Companies can not afford and are not going to stop consumerisation of IT, says Ambarish Deshpande, Director, Sales, India, McAfee. Mobiles will change every three months, and there is a decline in laptop sales numbers piggybacked by a rise in sales of tablets and smart phones, he adds. “Productivity and flexibility are important factors for any company when they care about their employees’ choices. But, all this while, and at the same time, the CIO has to take care of security too.”
Even in the bricks and mortar world of many organizations the control environment in the field is low. This could partly be on account of operational reasons that demand flexibility. The analogy is true about IT infrastructure too, explains Sandeep Godbole, Member, ISACA. The CIO and the CISO need to take a call on how much of flexibility is required and to what extent are the risks acceptable. An organization that does not leverage mobility may be considered retrograde, however an organization that goes to the other extreme without much thought about the cost and risk is not progressive either.
There is a tablet tsunami approaching if some projections are to be believed. Now this also means a Herculean task for the CIO in terms of interpreting all the support issues, architecture and standardisation realignment with the myriad platforms that are riding this tidal wave: iPads, PlayBook, Xoom, IdeaPad or iOS, Android or BlackBerry OS etc. Would this make the tablet wave a double whammy?
Most contents from any wish list can be supported - but at a cost, Godbole answers. “Greater the variety, more is the resource requirement. The moot question to answer is what do we want and to what extent are we prepared to commit the resources.” On the architecture front he does foresee newer architectural models coming up that do take cognizance of the tablets.
“For the same level of security, now there are different OS options and different platforms, multiple levels of operating systems and associated threat levels, and end-points. We can not restrict the users also. So, a fine balance needs to be struck by the CIO.” Shahani adds.
As Frost & Sullivan revealed in a report- Today, challenges also result from the need to integrate technology in order to better manage security solutions, lower total cost of ownership, along with the need to address challenges of hiring and retaining talent.
CIOs face challenges from business and technological aspects. Compliance and risk management, reputation loss, the need to meet business objectives, emergence of new technology, and globalization, continue to be the prime business challenges. Today, challenges also result from the need to integrate technology in order to better manage security solutions, lower total cost of ownership, along with the need to address challenges of hiring and retaining talent.
Unwanted attention from hackers and espionage guys would be another worry area.
The best one can do is to put on your own armour and protect yourself. If you have the basics correct - policy, encryption. authentication, trusted devices and platforms, anti-malware and oversight one can always have a reasonable level of comfort. We need to remember that there is no such thing as perfect security, Godbole advises.
He suggests that the CIO and the CISO need to take a call on how much of flexibility is required and to what extent are the risks acceptable. An organization that does not leverage mobility may be considered retrograde; however an organization that goes to the other extreme without much thought about the cost and risk is not progressive either.
Each industry may have its own set of requirements, risks and culture. The balancing point thus varies with each organization and within each industry segment. Even within an organization a one size fits all approach will not work.
One thing is certain the organizational needs and requirement should be the overriding factor in all decisions. If this is acceptable the balancing act becomes much easier.
"CIOs are determined not to make the same mistakes they made with smart phones, which were often written off early as expensive and frivolous toys, or executive status symbols – which then left room for more inventive leaders who saw the competitive advantage that mobile applications would bring," said David Willis, research vice president at Gartner in a press report. "They are also more willing to see that they don't need to supply and manage every device that employees use at work: Consumerization is here to stay, and moving very fast. If you can think of an application for tablets, your competition may well be thinking in the same way – and acting on it. It is time to explore the use of media tablets in business."
It's a big wave for sure. And whether you surf it with panache or are cast away, is not a dilemma anymore. Just make sure that the sweater fits well and looks charming.