Consumer tech forcing corporate security rethink

The increased enterprise use of consumer and cloud technologies will force chief information security officers (CISOs) to rethink their strategies, according to a new report from Forrester Research.

The analyst firm claimed that almost a third of information workers in the UK and Europe are using technologies without explicit permission from the IT department, and could be putting their organisation at risk.

Companies should start by tackling these technologies, managing their risks and using them to help grow the company as a whole.

"CISOs must align their strategies with business initiatives while reshaping the current operating model," said Forrester analyst Chenxi Wang.

"Specific tasks should include establishing a standard for emerging technology adoption, defining a set of acceptable use policies, and initiating internal communications to educate employees."

One in four companies uses some kind of social collaboration tool, according to Wang, while half support at least two mobile applications.

Wang said that the tools often creep into enterprises as pieces of "shadow IT " and, although beneficial, are supported through necessity rather than as part of a wider security initiative.

"Just as a few clever individuals will find a way to read corporate emails on their iPhones without IT support, consumer technologies such as mobile, social, video and cloud will invade your enterprise regardless of any adoption barrier, " said Wang.

The analyst added that all such applications require consistent oversight and proper integration with enterprise systems.

"Siloed technology initiatives can result in duplicated efforts, inefficiency and missed opportunities to leverage others' experiences," said Wang.

"As the global glue, IT can provide central oversight and co-ordination to ensure optimal investment and resource allocation across business units."

Adopting such technologies provides the opportunity to reinvent the way enterprises use security, according to Wang.

"Corporate data is going into the cloud, mobile devices are edging out traditional PCs, and social technologies are enabling ad hoc collaborations anytime from anywhere," she said.

"The status quo approach simply won't cut it. If there ever was a time to rethink existing security models, it's now."