Tuesday, December 27, 2011

ISACA recommends ways to manage three top trends in 2012: Big data, consumerization of IT and mobile growth

ROLLING MEADOWS, USA: Global nonprofit IT association ISACA shared recommendations today for managing three of the trends widely cited to dominate the IT landscape in 2012: Big Data, the consumerization of information technology (BYOD) and the growing dominance of mobile devices.

Big data--coaxing order out of chaos
“Big Data” describes not only the extremely large volumes of data being collected by enterprises in an increasingly connected world, but also their diverse sources, including social networks, sensor networks, customer chat sessions and more.

“Big Data is going to evolve out of its ‘shiny new object’ status in 2012. IT leaders will need to figure out how to coax order out of the chaos from all those zeroes and ones, as well as optimize ROI and manage data privacy,” said Ken Vander Wal, CISA, CPA, international president of ISACA.

According to the complimentary ISACA white paper Data Analytics—A Practical Approach, enterprises should aim for early success by using analytics across many projects for greater insight, performing ad hoc analysis to support key areas of risk, and defining measures of success along the way.

Invasion of consumer devices
The consumerization of IT, marked by the invasion of employee-owned smartphones and tablet devices into the workplace, is predicted to be another major trend in 2012. Employees who use their own devices for work functions gain flexibility and can be more productive, but those devices are typically more difficult for IT to secure and manage.

“BYOD—or Bring Your Own Device—is a fast-moving train. IT departments have to jump on it or risk getting left at the station,” said Robert Stroud, CGEIT, CRISC, past international vice president of ISACA and vice president, Innovation and Strategy, CA Technologies.

“Organizations that embrace the BYOD trend need to consider a two-pronged approach to security by focusing on both the device and the data it can access. In 2012, we should see an increased focus on the mobile device and its access to information. IT will need to answer questions such as, ‘Who is accessing corporate information, when and from what device? Is the device trustworthy?’” said Stroud.

IT professionals’ acceptance of this trend is mixed. More ISACA members in Europe, North America and Oceania say their enterprises allow employees to use corporate IT assets and time for personal purposes to promote work-life balance, while those in Asia, Latin America and Africa say their enterprises generally restrict this due to security concerns, according to the recent 2011 ISACA Shopping on the Job Survey: Online Holiday Shopping and BYOD Security.

Growth in mobile equals growth in threats
One of most prominent elements in the 2012 security landscape will be the growth of mobile devices, including everything from smartphones and tablet computers to laptops and Universal Serial Bus (USB) memory sticks.

“2012 will see a sharp increase in attacks targeted at mobile devices, either to exploit them or use them as an access point to corporate networks,” said John Pironti, CISM, CRISC, CISSP, security advisor, ISACA, and president, IP Architects.

ISACA advises that information security managers need to create an easily understood and executable policy that protects against the data leakage and malware – and then communicate it. In ISACA’s recent BYOD survey of 1,224 US consumers, 16 percent of respondents say their organization does not have a policy prohibiting or limiting personal activities on work devices, and another 20 percent do not know if one exists.

Setting and communicating policies are central to effective governance of enterprise IT (GEIT), which is a priority with most enterprises, according to the fourth Global Status Report on the Governance of Enterprise IT (GEIT)—2011 by ISACA’s research affiliate, the IT Governance Institute (ITGI).

Only 5 percent of business executives and heads of information technology surveyed indicated that they do not consider it important, and two-thirds of enterprises have some GEIT activities in place. However, the survey uncovered opportunity for IT leaders to be more proactive, especially in striking a balance between innovation projects and “run the business” tasks.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.