Device security driven by ‘executive whims’

Tablets are coming...

IT security departments need to take the reins when it comes to employees using their consumer devices in the workplace, according to senior security experts at Cisco.

During a discussion at Cisco Live held in London this week Tom Gillis, director of security at the company, said more and more security measures were being implemented retrospectively as company leaders brought in their own devices, such as iPads or Android phones, and insisted on using them before being given the security green light.

He told IT PRO: "A lot of customers have the official policy of no, you cant do it' and then some executive will say guess what? I am.' So, what we are seeing more and more is the policy of consumerisation is being driven a reaction to an executive whim or preference, not necessarily driven by the security team."

Gillis believed this needed to change and security teams needed to step up to the plate.

"We think that the security team should lead the discussion and say look this is going to happen at some point in our network, lets think now about how we are going to authenticate users,'" he added.

"Having a proactive stance... is really critical because if you are reacting to an executive decree then a lot of times you do not have the investment and resources necessary to go off and develop [a solution]."

Gillis claimed once personal devices had infiltrated the business and turned it into a "wild wild west," it was pretty hard to step and project security onto employee's products.

Consumerisation of IT was on all the security minds at Cisco, it seemed.

Gordon Thompson, director of security sales, said: "Security is top of mind for customers and the demand from their employees around mobility [is an issue]."

He added: "This consumerisation and the power of the employee are driving [security teams] to look at how they examine security and do things in a different way."

Paul King, senior security advisor at Cisco, added: "We can no longer be the ones saying no you can't do this, we have to provide a secure way to do what [companies want to do]."

Business might not all be fully on-board with these beliefs as yet and could be holding off putting policies in place, but Thompson claimed all was not lost.

"The good news is most of our customers are waking up to the facts and beginning to set out strategies around that, especially a lot of the larger customers around Europe," he concluded.

Jennifer Scott

Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.

Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.