Archive for December, 2011

What are the Assessments?

Wednesday, December 21st, 2011

Self Assessments

The self-assessments at ITpolicycompliance  turn 20+ page research reports from the Group into two-minute exercises that allow you to compare your practices against others in your industry, others your size, your peers, and best performing organizations.

They distill the critical findings into an easy to use, actionable online exercise that’s relevant to you and your organization and provide a fact-based foundation for your improvements as well as a basis for defending your due-diligence.

In Depth Assessments

The In-depth assessments are, as their name implies, more in-depth. Delivered by Charter and Affiliate members of the Group, these assessments take place online or on-site, involve more time and effort to accomplish, and deliver very specific answers to more focused questions.

Manage the Risks of Smartphones

Monday, December 19th, 2011

Compare the impact of your practices for managing the risks of using Smartphones with your peers, industry and best performers.

(more…)

Manage the Benefits of Smartphones

Thursday, December 15th, 2011

Compare the impact of your practices for managing the benefits of Smartphones with your peers, industry and best performers.

(more…)

Managing the Benefits and Risks of Mobile Computing

Thursday, December 8th, 2011

Is the use of Smartphones good for business? The answers are yes and no. Explore some of the compelling benefits, risks, and what the best-in-class are doing to manage both. And, find out why some are avoiding certain mobile devices and why.

The use of Smartphones and Tablet computers are resulting in some compelling benefits and very real business risks. One of the primary actions to manage the risk-benefit tradeoff of using these supercharged pocket devices is to limit their use in the workplace. But, the organizations allowing more employees to use Smartphones experience higher revenue and profit, while those with fewer employees using Smartphones post lower revenue and profit.

If the benefits are that obvious, then why are organizations limiting the number of employees who can use Smartphones? Because the business risks are not only very obvious, they are currently enough to outweigh the benefits unless appropriate practices and controls are implemented.

If you know which policies, practices and controls to implement, and which phones are best to avoid for now, then you can do what the best performers are doing: which is to let more employees use Smartphones and Tablet computers.

In this groundbreaking benchmark report, the IT Policy Compliance Group reveals the key Apps driving the use of Smartphones and Tablet computers in the workplace today, which devices employees can bring from home and which can’t, the business benefits and risks of using Mobile computing, the actions organizations are taking to manage its benefits and risks, policies and practices governing the use of these devices in the workplace, operational and legal challenges contributing to business risks, and the practices and controls most responsible for determining outcomes being experienced by organizations.

In addition, the report covers current employee usage rates, whether Smartphones or Tablet computers are being artificially limited in the workplace, which of the two are expected to increase in use, which are expected to decline in the next two years, and what current sentiment about mobile phone and tablet platforms (including Android, Apple, Blackberry and Windows) means for you by 2013.

To learn more, download the full report.

Managing the Benefits and Risks of Mobile Computing

Thursday, December 8th, 2011

Is the use of Smartphones or good for business? The answers are yes and no. Explore some of the compelling benefits, risks, and what the best-in-class are doing to manage both. And, find out why some are avoiding certain mobile devices and why.

The use of Smartphones and Tablet computers are resulting in some compelling benefits and very real business risks. One of the primary actions to manage the risk-benefit tradeoff of using these supercharged pocket devices is to limit their use in the workplace. But, the organizations allowing more employees to use Smartphones experience higher revenue and profit, while those with fewer employees using Smartphones post lower revenue and profit.

Download the report here

If the benefits are that obvious, then why are organizations limiting the number of employees who can use Smartphones? Because the business risks are not only very obvious, they are currently enough to outweigh the benefits unless appropriate practices and controls are implemented.

If you know which policies, practices and controls to implement, and which phones are best to avoid for now, then you can do what the best performers are doing: which is to let more employees use Smartphones and Tablet computers.

In this groundbreaking benchmark report, the IT Policy Compliance Group reveals the key Apps driving the use of Smartphones and Tablet computers in the workplace today, which devices employees can bring from home and which can’t, the business benefits and risks of using Mobile computing, the actions organizations are taking to manage its benefits and risks, policies and practices governing the use of these devices in the workplace, operational and legal challenges contributing to business risks, and the practices and controls most responsible for determining outcomes being experienced by organizations.

In addition, the report covers current employee usage rates, whether Smartphones or Tablet computers are being artificially limited in the workplace, which of the two are expected to increase in use, which are expected to decline in the next two years, and what current sentiment about mobile phone and tablet platforms (including Android, Apple, Blackberry and Windows) means for you by 2013.

Download the report here

 

Carrier IQ, the Spy Files, and More

Monday, December 5th, 2011

Carrier IQ: Where is your data – today?

The most recent revelations that your sensitive data and personal data are being controlled, purchased and sold by others came to light last week with the Carrier IQ revelations made by Trevor Eckhart. In addition to his own video detailing what he found, there’s been a deluge of opinion and analysis of what might be going on, what it might mean, what it might not mean, etc.

We’re simply carrying links to the original video of Trevor showing what actually happens when CarrierIQ is found on phones, and a fairly straigtforward piece of analysis frrom the folks at engadget.

Eckhart source:

Rootkit called Carrier IQ discovered phoning home with user data

Engadget analysis:

Carrier IQ: What it is, what it isn’t, and what you need to know

 

The Spy Files: where is your data – today?

Ready for the next installment from the folks at WikiLeaks? Lot’s of private government-contractors willing to sell anyone and any government all-manner-of-surveillance tricks and technology. Not a surprise, but the sheer size of the revelations indicate an out-of-control market in the tools needed to steal your companies sensitive information is not limited to criminal gangs, state-sponsored theft, and Internet distribution channels.

Wikileaks source:

The Spy Files Map

Engadget analysis:

WikiLeaks’ Spy Files shed light on the corporate side of government surveillance

 

Garden variety where is your data – today?

And for garden variety data breaches of the past few days, we’ve selected just three, given all the attention lavished on CarrierIQ and the SpyFiles.

 

11/30:  The College of NJ

Campus Student Employment System compromised resulting in Exposure of PII data

http://www.databreaches.net/?p=21917

 

11/28:  United Nations (again)

Old UN electronic accounts acquired and posted by hackers

http://www.theregister.co.uk/2011/11/30/un_hack/

 

11/25:  Korean Maple Story Users

Maple Story players have PII data stolen by hackers

http://www.vg247.com/2011/11/28/maple-story-hack-compromises-13-2-million-korean-players/