Reply Logo
Menu
  • TOPICS
    TOPICS
    • Architecture
    • Artificial Intelligence & Machine Learning
    • AUGMENTED & VIRTUAL REALITY
    • Big Data & Analytics
    • Blockchain
    • Cloud Computing
    • CRM
    • Digital Experience
    • Digital Workplace
    • eCommerce
    • Game & Gamification
    • Industrie 4.0
    • Internet of Things
    • Mobile
    • Quantum Computing
    • Risk, Regulation & Reporting
    • Security
    • Social Networking & Crowdsourcing
    • Supply Chain Management
    • Video
  • INDUSTRIES
    INDUSTRIES
    • Automotive
    • Energy & Utilities
    • Financial Services
    • Logistics & Manufacturing
    • Public Sector & Healthcare
    • Retail & Consumer Products
    • Telco & Media
  • JOIN
    JOIN

    join reply work with us

    Reply is the place to meet an incredible variety of enthusiastic, passionate, ideas-driven people, who want to make a difference and an i​mpact.
    ​Would you like to know more?

    Go to careers​​​​
  • ABOUT
    ABOUT
    • ABOUT
    • REPLY AT A GLANCE
    • ALL REPLY WEBSITES
    • CAREERS
    • Reply Code For Kids
    • OFFICE LOCATIONS & CONTACTS
    • INVESTORS
    • FINANCIAL NEWS
    • REPLY SHARE INFORMATION
    • FINANCIAL HIGHLIGHTS
    • FINANCIAL CALENDAR AND EVENTS
    • FINANCIAL REPORTS
    • SHAREHOLDERS' MEETING
    • LOYALTY SHARES
    • CORPORATE GOVERNANCE
    • EXTRAORDINARY TRANSACTIONS
    • NEWSROOM
    • News
    • Events
    • Press
    • Webinars
  • Login
    Your ProfileLogout
Choose language:
Reply Logo

Search

Focus On

Best Practice

Impacts of IT Consumerization on Business Security

Over the last few years, consumer devices entered the workplace. IT discovered whole new challenges and opportunities but, today comes the second wave in Consumerization of IT, the Shadow IT.

FOCUS ON: Security, Cloud,

Consumerization is happening in many different ways. The first is the use of consumer websites and services to get work done. Hotmail, Linked-In, Twitter and other web tools all fall under this category. The other is a move toward employee-owned hardwar​​e, such as smartphones and laptops. Smartphones were the most commonly cited employee- owned/managed device that had made it into business workflows. There are several factors driving this. Productivity demands on employees have increased over the last decade, partly due to layoffs and downsizing. There is a growing expectation for employees to deliver anytime, anyplace. While businesses push for increased productivity, they may not be able to justify investments in best-of-breed productivity tools such as smartphones for employees. Many employees already have the smartphones and laptops needed to meet business demands at home and they want to integrate them with their work life. Mounting pressure from both employee and corporation has pushed businesses to consumerize.

ADOPTING THIS NEW MODEL MEANS MOVING SECURITY TO BECOME CONSULTANTS FOR BUSINESS AND PROVIDING THE SECURITY CAPABILITIES AS A SERVICE.


Which are the security issues? How can we assure the appropriate security posture?

Context-Aware Security

It is mandatory support user’s freedom to move on Consumerization Era while keeping information protection, in this scenario security is even more important to ensure that adequate security processes and controls are in place to protect sensitive information and applications when accessing corporate IT assets from consumer devices and apps.

Legal Issues

If the company doesn’t own the device, there are open questions around compliance and audit.

  • E-DISCOVERY: How to examine and possibly judge an employee-owned device in the case of legal proceedings considering the concern of inadvertently retrieving personal data, maybe sensitive and clearly not company owned.
  • SECURITY AND CONTROL OF DATA: While for corporate-owned devices configurations can be set and enforced, security software installed and software updates monitored; for employee-owned devices it is more difficult to guarantee common configurations and allowing some amount of corporate control over data along with the ability to remotely wipe the phone.
  • LAWS AND REGULATORY REQUIREMENTS: Data protection, employees’ rights, capital market regulations (such as SOX), specific industry related requirements, etc. should be assessed against the new perimeter imposed by Consumerization. Companies must develop and enforce codes of conduct regarding the use of various software and services to limit corporate liability.

​Reply has developed a proprietary and dedicated​ framework to allow enterprises to manage the IT Consumerization phenomena assuring an adequate security posture.


MONITOR & IDENTIF​Y

Build awareness about shadow IT and BYO* identifying and monitoring its presence and usage.

  • Identify the usage or the needs to use new BYO* or to recur to shadow IT
  • Monitor the usage of managed BYO* and other managed IT solutions

​EVALUATE

Evaluate the needs, the use and the risks. Identify and evaluate possible solutions.

  • Evaluate the needs related to new identified BYO-Everything/Services and misuses about managed BYO-Everything/Services in terms of Risks (compliance, security, etc.) and Business benefits.
  • Identify possible solutions among: Accept or Deny (Policies & Technology), clone internal solution and control and Regulate the existing (Policies & Technology).
  • Evaluate the possible solutions.

OPERATE

Let the new solution or the regulated one be used and enforce security through the tools and solutions identified in the previous step.

MANAGE & SECURE

Implement the selected solution and setup the needed organizational, training awareness activities.

  • Implement the selected solution in terms of: technology to clone and/or control and regulate the us​age of the BYO* and organizational activities to define and formalize roles and rules (Policies, Procedures, etc.).
  • Training and awareness initiatives to assure the knowledge of the existence of a new BYO* and the related usage rules.
  • Assure synergies among Security and other departments (e.g. IT, Marketing, Innovation, etc.).

RELATED CONTENTS

CLOUD MIGRATION

Case Study

Sitecore Website migration to Cloud

Cluster Reply was involved in the migration of 12 Sitecore 8.2 premise websites to Sitecore 9 on the Cloud. The project was required to handle the client EU division fusion with another company and the constitution of a completely new company with dedicated IT infrastructure and applications ecosystem.

CyberSecurity Control

Best Practice

Stay on top of your Cybersecurity

Risk-Based Threat and Vulnerability Management is the combination of methods and tools to check your security control effectiveness and your risk posture. Discover new methods and tools to check your security control effectiveness.

Stay on top of your Cybersecurity
 0

28.01.2021

News & Communication

Spike Reply and Storm Reply Achieve AWS Security Competency Status

Reply announced today that its companies Storm Reply and Spike Reply achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes that the two companies of the Reply Group have demonstrated deep expertise that helps customers achieve their cloud security goals.

 
 
 
 
Reply ©​​ 2021​ - Company Information -
 Privacy
  • About Reply​
  • Inves​tors​​
  • Newsroom
  • Follow us on
  • ​
​
  • ​Privacy & Cookies Policy​
  • Privacy Notice (Client)
  • Privacy Notice (Supplier)
  • Privacy Notice (Candidate)
  • Privacy Notice (Mar​keting)
  • Modern Slavery Act Tran​sparency Statement (UK & IR)​
​​Reply Enterprise Social Network​