ENISA’s new report, Consumerization of IT: Risk Mitigation Strategies and Good Practices looks at the latest developments, and delivers six key messages to help ensure that “bring your own device” doesn’t also bring unforeseen risks.
Aimed at Chief Information Officers, Chief Executives and others who take IT security decisions, the report’s messages are:
1. Ensure that governance aspects are derived from business processes and protection requirements, and are defined before dealing with technology.
2. End-user involvement can effectively mitigate risks. Awareness-raising on COIT programmes is highly effective for the enforcement of security policies.
3. Periodic risk assessment on COIT programmes should be undertaken to ensure that security policies remain compatible with evolving technologies.
4. Keep in mind that encryption complements but does not replace strategic risk management within a COIT programme.
5. Perform small steps initially and proceed with more complex policies when sufficient experience has been gained.
6. It is important to identify which COIT risks need to be mitigated within your organisation while the window of opportunity till remains open
The report builds on ENISA’s October 2012 publication, Consumerization of IT: Top Risks and Opportunities, and was produced by ENISA with input and comments from a group of experts from industry, academia and public sector organisations.
For the full report: Consumerization of IT: Risk Mitigation Strategies and Good Practices
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!