Consumer devices pose threat to enterprise security

* Gartner’s take on consumer devices and corporate security

As more consumer technologies make their way to the enterprise, Gartner advises IT leaders to prepare to manage the additional security risks. Your security managers should consider deploying network access control (NAC) or content management filtering (CMF)/data loss prevention (DLP) to minimize threats.

Policy alone won’t protect you. “Although consumer technologies create new risks for the enterprise, eliminating their use is increasingly difficult, and impractical,” says Rich Mogull, research vice president for Gartner. “By taking security precautions and investing in foundational security technologies now, enterprises can prepare themselves for increasing use of consumer devices, services and networks within their organization, and manage these risks.”

As covered in the new Gartner report, “Gmail, IPhones and Wiis: Preparing Enterprise Security for the Consumerization of IT,” here are a few issues IT leaders should anticipate:

*Prepare for consumer e-mail and communications services: Many of your employees use instant messaging, private e-mail services and services such as Skype. You probably won’t be able to block these services, so the next best thing is to examine for malicious software or violations of corporate communications policies.

*Prepare for Web 2.0 services: Adoption of blogs and social networks is on the rise and creates a risk of information leaks or provide a new channel for malware. Define policies about their usage and roll out a Web security gateway configured to block malicious inbound traffic. Configure a CMF/DLP to monitor and enforce policies on HTTP traffic.

*Prepare for unmanaged mobile devices. Deploy a portable device-control solution to restrict the ability for unsanctioned devices to connect to the network, use an SSL VPN and encrypt mobile devices to protect sensitive data in the event the device is lost.

*Manage networks and remote connectivity. More employees work from home on unprotected system. Deploy an SSL VPN to restrict access based on a health check and security check of the endpoint.

* Check out these two stories about IT and the iPhone: CIOs leery of iPhone; and Gartner to IT: Avoid Apple's iPhone.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

IT Salary Survey: The results are in