Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Education is key to BYOD security: Experts

Organisations need to equip staff with knowledge on how to protect their devices or risk a security breach

Educating employees on how to protect data on their smartphones and tablets is crucial to bring-your-own-device (BYOD) security, according to a panel of security experts.

At the Cisco BYOD panel discussion today, Cisco’s chief security officer, John Stewart, said that majority of staff try to safeguard their devices but are not equipped with the knowledge to secure them effectively.

“Most employees are trying to do the right thing, never forget this,” he said.

“They’ll make mistakes, but they’re not trying to deliberately hurt the company, they’re not trying to deliberately lose information, they’re not trying deliberately to lose a thumb drive.

“On the other hand, they are also very rarely fully knowledgeable on what it is you have to do to protect stuff.”

Telstra’s chief information security officer, Glenn Chisholm, agrees. He also placed the onus on organisations to provide staff with sufficient BYOD security information on how to protect data on their devices or risk a security breach.

“You need to enable your people to do the right thing,” he said. “If you can’t control your current fleet, BYOD won’t solve your problems.”

Chisholm added that an organisation’s IT department should be responsible for educating employees about BYOD security and “empowering” them by providing appropriate security tools to protect themselves.

“There is a misunderstanding about what an IT department does,” he said.

“The IT department is there to enable business. If the IT department can’t communicate to staff to understand business, then you haven’t structured the department correctly [and] you don’t have the right people in the department.

“This is empowering people to understand what they need to do to make themselves safe… But do you actually make the security tools available to these people so that they know they have the ability to secure their devices?”

However, Craig Valli, Edith Cowan University’s head of computer and security science, said that the IT department are the “worst people” to teach employees about BYOD security because they have one particular world view and fail to look at technology from a business perspective and how it is a “business enabler”.

In addition to education, Scott Cass-Dunbar, a director with KPMG’s IT advisory practice, said that having a flexible, simple and well-designed security policy is also important in helping people understand security implications and may deter employees from trying to bypass strict security rules.

Follow Diana Nguyen on Twitter: @diananguyen9

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Cisco, Cowan, Edith Cowan University, Edith Cowan University, KPMG, Telstra
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Bring Your Own Devices [BYOD], business, Cisco, enterprise mobility, mobile security, mobility, security, smartphones, tablets
Latest Blog Posts
Whitepapers
  • IDC Insight: V-Ray Gives Symantec NetBackup a Competitive Advantage Today and into the Future
    Over a decade ago, Veritas software announced NetBackup FlashBackup to address the millions of small files problem, which had been and often remains the nemesis to fast and efficient backup of large file servers. Today, the FlashBackup technology is used to provide a logical understanding of what is stored with a VMDK- or VHD-image-level backup, without the necessity to install an agent inside each virtual machine. Read more.
    Learn more »
  • Oracle Exadata Database Machine Warehouse Architectural Comparisons
    Exadata is Oracle’s fastest growing new product. Much of the growth of Exadata has come at the expense of specialized data warehouse appliance vendors. These vendors have published competitive comparisons to Exadata, claiming: Architecture is what really matters for performance, Purpose-built data warehousing architectures perform best, They see architecture as an end in itself rather than as a means to an end. Read on.
    Learn more »
  • IDC Forecast: Worldwide Purpose - Built Backup Appliance 2011 – 2015, Forecast Update: Explosive Growth in 2011
    This IDC Forecast Update provides share positions for revenue and raw capacity for nine named PBBA vendors for the first half of 2011. In addition, this study provides the market size and a five-year forecast for the worldwide PBBA market as part of IDC's Storage Solutions coverage. The five-year forecast includes total factory revenue and raw capacity in terabytes through 2012. The worldwide PBBA market covers both open system-and mainframe-attached products.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.