Week 6:
For this week's blog we are asked to discuss the sources we mentioned in our blog in the second week of class. We are asked if we have actually used these sources this week or if there are additional sources we found, or if we have decided that any would not be a good source to use.
The sources I mentioned in week 2 were techtarget.com, IT News Daily, and CNet. I have to say I did not use any of these sources for last week's assignment. Instead I utilized our textbook and a couple other sites, not anything worth mentioning.
However, I did find myself in the position where I could not get Visio and get it downloaded onto my new laptop in time to use it to get the network diagram done. So, I had to go out and find some freeware to do this. This was not an easy task. I did find one I liked and used, but of course, I have had trouble finding it a second time so I'm still looking. Ugh!
Monday, October 6, 2014
Thursday, October 2, 2014
Week 5 Blog - CYBR650
Well, I have continued to struggle this week with my new laptop. Needed Visio for a class assignment, of course, could not get it to load to save my soul. Wasted two days on trying to get it on before finally giving up and searching for an alternate freeware program to use in the meantime. Finally got my network diagram done and turned in, but later than expected. Hoping the Professor understands.
This week I caught an article "Breach Prevntion: The Missing Link" that looked interesting. This piece addresses gaps in mobile policies and how those gaps threaten corporate data protection. I found this interesting because I know BYOD is becoming more and more popular. They had just started allowing it at TD Ameritrade while I was interning. I know I bring my own iPad to my current job to work with, not anything to do with my job, but I do access the network with my own device.
This piece opens up stating that one of the huge issues, and what managers find most often, is that a large portion of their workforce are using mobile devices, applications and cloud services that are outside of an organization's sanctioned and approved services, and out of the organization's control.
This leaves organizations struggling to determine what "shadow IT" services are being utilized by their workforce, as well as what type of security and privacy aspects are being exercised by the providers, if any.
Apparently many IT departments are playing catch up with this issue, as well as the organizations themselves. This increased personal device usage many times find Company policy and standards and procedures lagging behind and containing gabs and other inconsistencies on their use and their security.
The piece did suggest that in order to increase breach prevention in these circumstances, they need to account for mobile pieces and incorporate the following:
Recognize the advanced sophistication of malware attacks on mobile applications and work to mitigate those risks;
Go beyond implementing a mobile device management system to address application and network layer security;
Encrypt mobile devices, including laptops, in order for them to safely and securely store sensitive company information; and
Consider establishing a mobile center of excellence to educate employees on safe mobile device use.
Well, I have continued to struggle this week with my new laptop. Needed Visio for a class assignment, of course, could not get it to load to save my soul. Wasted two days on trying to get it on before finally giving up and searching for an alternate freeware program to use in the meantime. Finally got my network diagram done and turned in, but later than expected. Hoping the Professor understands.
This week I caught an article "Breach Prevntion: The Missing Link" that looked interesting. This piece addresses gaps in mobile policies and how those gaps threaten corporate data protection. I found this interesting because I know BYOD is becoming more and more popular. They had just started allowing it at TD Ameritrade while I was interning. I know I bring my own iPad to my current job to work with, not anything to do with my job, but I do access the network with my own device.
This piece opens up stating that one of the huge issues, and what managers find most often, is that a large portion of their workforce are using mobile devices, applications and cloud services that are outside of an organization's sanctioned and approved services, and out of the organization's control.
This leaves organizations struggling to determine what "shadow IT" services are being utilized by their workforce, as well as what type of security and privacy aspects are being exercised by the providers, if any.
Apparently many IT departments are playing catch up with this issue, as well as the organizations themselves. This increased personal device usage many times find Company policy and standards and procedures lagging behind and containing gabs and other inconsistencies on their use and their security.
The piece did suggest that in order to increase breach prevention in these circumstances, they need to account for mobile pieces and incorporate the following:
Recognize the advanced sophistication of malware attacks on mobile applications and work to mitigate those risks;
Go beyond implementing a mobile device management system to address application and network layer security;
Encrypt mobile devices, including laptops, in order for them to safely and securely store sensitive company information; and
Consider establishing a mobile center of excellence to educate employees on safe mobile device use.
Roman, J. (2014,
September 30). Breach Prevention: The Missing Link. Retrieved from
databreachtoday.com:
http://www.databreachtoday.com/breach-prevention-missing-link-a-7369
Subscribe to:
Posts (Atom)