The document provides an overview of a conference on IT consumerization and BYOD. It discusses the benefits of BYOD programs including cost savings, productivity gains, and employee empowerment. It also covers some of the security challenges like data leakage, unauthorized access, and legal issues. The document proposes several approaches to address these challenges, such as using mobile device management, virtual desktop infrastructure, or containerization.
BYOD addresses the rising need for employees to be mobile and more productive. They will appreciate the ability to customize how and where they work. With a BYOD policy, businesses will rest easier knowing there’s a level of transparency and specific rules to point to when employees have questions. By clearly communicating company BYOD policies, a business will build trust and good rapport with employees while ensuring that company information remains safe.
Enterprise mobile access is transforming how work is done. While mobile devices increase productivity, unmanaged personal devices also increase security risks. There is no single solution to the challenges of an enterprise mobility program. An effective program balances usability and security through mobile device management and mobile application management. This allows secure access to corporate data from any device while mitigating risks from lost, stolen or compromised devices.
The trend towards personally owned devices in the workplace is on the rise, requiring IT organizations to address this concept with flexibility, yet without compromising security and regulatory requirements.
Download the slide deck as C/D/H discusses:
■Why the move to personal devices?
■How and what technologies are involved?
■Advantages and disadvantages of personal devices
■Managing personal devices
■Four different corporate policies
■What’s next
For more information about C/D/H, contact us at (616) 776-1600 or (248) 546-1800.
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...UL Transaction Security
At the ASUG Georgia Chapter Meeting in May 2014, SECUDE talks about mobility, the use of Bring Your Own Device (BYOD), and the myriad of security challenges businesses are facing, that are inherent to mobility.
Parag Deodhar presented on securing mobile workplaces at the Enterprise Mobility Summit on May 9th, 2012 in Bengaluru. He discussed how mobility is changing how IT operates as data moves outside of corporate networks. This crossing of the "Lakshman Rekha" or corporate firewall poses security risks. He highlighted issues with bring your own device policies including difficulty securing and managing personal devices on the network. Deodhar argued that organizations need a mobile enterprise strategy including device management, updated security policies, training, and enforcement mechanisms to balance security and productivity in an increasingly mobile workplace.
More and more employees are bringing their own devices and preferred applications into the enterprise, creating what we call the BYODA (BYOD plus Applications) phenomenon. Workers’ behavior and expectations are contributing to the consumerization of IT, where lines of business and users themselves are having an enormous influence on the types of technologies and applications used. While employees expect anytime, anywhere access to their content to get their work done, their CIOs are now expected to support BYOD within their corporate environment.
This document summarizes IBM's experience implementing a Bring Your Own Device (BYOD) program. It discusses how IBM developed a mobile strategy and policy, educated employees, and implemented technology like Lotus Notes Traveler and Endpoint Manager to manage devices while allowing flexibility. The next steps are to increase infrastructure for more devices, develop more apps, and enhance network access. Lessons included not trying to do too much at once and getting help from mobile experts.
BYOD addresses the rising need for employees to be mobile and more productive. They will appreciate the ability to customize how and where they work. With a BYOD policy, businesses will rest easier knowing there’s a level of transparency and specific rules to point to when employees have questions. By clearly communicating company BYOD policies, a business will build trust and good rapport with employees while ensuring that company information remains safe.
Enterprise mobile access is transforming how work is done. While mobile devices increase productivity, unmanaged personal devices also increase security risks. There is no single solution to the challenges of an enterprise mobility program. An effective program balances usability and security through mobile device management and mobile application management. This allows secure access to corporate data from any device while mitigating risks from lost, stolen or compromised devices.
The trend towards personally owned devices in the workplace is on the rise, requiring IT organizations to address this concept with flexibility, yet without compromising security and regulatory requirements.
Download the slide deck as C/D/H discusses:
■Why the move to personal devices?
■How and what technologies are involved?
■Advantages and disadvantages of personal devices
■Managing personal devices
■Four different corporate policies
■What’s next
For more information about C/D/H, contact us at (616) 776-1600 or (248) 546-1800.
Mobility & BYOD: Leveraging Best Practices and Latest Technologies for Compre...UL Transaction Security
At the ASUG Georgia Chapter Meeting in May 2014, SECUDE talks about mobility, the use of Bring Your Own Device (BYOD), and the myriad of security challenges businesses are facing, that are inherent to mobility.
Parag Deodhar presented on securing mobile workplaces at the Enterprise Mobility Summit on May 9th, 2012 in Bengaluru. He discussed how mobility is changing how IT operates as data moves outside of corporate networks. This crossing of the "Lakshman Rekha" or corporate firewall poses security risks. He highlighted issues with bring your own device policies including difficulty securing and managing personal devices on the network. Deodhar argued that organizations need a mobile enterprise strategy including device management, updated security policies, training, and enforcement mechanisms to balance security and productivity in an increasingly mobile workplace.
More and more employees are bringing their own devices and preferred applications into the enterprise, creating what we call the BYODA (BYOD plus Applications) phenomenon. Workers’ behavior and expectations are contributing to the consumerization of IT, where lines of business and users themselves are having an enormous influence on the types of technologies and applications used. While employees expect anytime, anywhere access to their content to get their work done, their CIOs are now expected to support BYOD within their corporate environment.
This document summarizes IBM's experience implementing a Bring Your Own Device (BYOD) program. It discusses how IBM developed a mobile strategy and policy, educated employees, and implemented technology like Lotus Notes Traveler and Endpoint Manager to manage devices while allowing flexibility. The next steps are to increase infrastructure for more devices, develop more apps, and enhance network access. Lessons included not trying to do too much at once and getting help from mobile experts.
The document discusses the challenges of BYOD (bring your own device) security and proposes an alternative approach of focusing on securing corporate data rather than devices. It notes that traditional MDM (mobile device management) approaches are too complex, restrict employee privacy, and don't effectively secure access to cloud applications. The document proposes that companies instead use data-centric security technologies like persistent digital watermarking and DLP (data loss prevention) to protect corporate data on any device or application, without imposing controls on personal data or device usage. This allows employees freedom while securely enabling the use of BYOD and cloud services.
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
A presentation for the 2014 TeamMate User Conference as a guide for auditors on bring your own device and mobile device management – an important and timely topic for auditors in all organizations.
Recent presentation I made at CSO Perspectives April 2011: Striking a Culturally Acceptable Balance Between Supporting Consumerized IT and Practical Security Boundaries
This document summarizes a continuing education conference for accounting, finance, and human resources professionals on technology updates for 2011. The conference will cover topics including cloud computing, security best practices, disaster recovery plans, and how to effectively use social media for business. The presenter will discuss what cloud computing really means, current security threats facing businesses, how to safeguard mission critical data through disaster recovery plans, and how to establish social media policies for business collaboration. The conference aims to bring professionals up to date on important technology topics and best practices.
This document outlines the "Ten Commandments of Bring Your Own Device (BYOD)" for creating a secure yet productive mobile environment in the workplace. It discusses the importance of creating a BYOD policy before deploying technology to address issues around supported devices, data plans, security, applications and more. It also emphasizes the need to identify all existing devices before enrollment, ensure a simple enrollment process, configure devices remotely through mobile device management software, provide self-service options for users, and protect personal employee information and data. The guidelines are meant to help support employee productivity while allowing secure use of personal apps and devices.
BYOD is an acronym that stands for bring your own device. It has been defined as an IT policy that facilitates for employees to utilize their personal mobile devices such as smart phones and tablets at work (Singh, 2012). Bring your own device can be viewed as a policy because any organization planning to adopt it needs to specify rules and regulations for the introduction and use of personal mobile devices at the workplace.
It can also be defined as an emerging trend that involves employees carrying their personal mobile devices to work for usage and connectivity to an enterprise network (Ravindra & Sadana, 2013). A trend can be defined as a novel (new) and fashionable way of doing something. In this context, a bring your own device trend can be viewed as a new cost effective and convenient way or method used by organizations to enable employees access the company infrastructure.
Leveraging Human Factors for Effective Security Training, for ISSA Webinar Ma...Jason Hong
Jason Hong presented on using microgames to educate users about cybersecurity. He discussed how mental models impact user interactions and the importance of designing systems that match user expectations. Hong described his research on the game "Anti-Phishing Phil" which significantly improved users' ability to identify phishing URLs and reduced false positives. He concluded microgames are an effective way to train users on cybersecurity if they incorporate learning science principles and provide opportunities to practice skills.
This document discusses issues related to Bring Your Own Device (BYOD) policies in corporations. It outlines some of the risks of BYOD including threats to network access and security, data leakage, increased bandwidth usage, and potential breaches of acceptable use policies. It emphasizes that developing a formal BYOD policy is important to address these risks and ensure all employees understand and agree to the policy. The policy needs to consider supporting a variety of personal devices including laptops, tablets, and smartphones running different operating systems. It also needs to address compatibility issues for browsers and mobile device management tools.
In most of the small businesses, the employees might own latest and more advanced devices like tablets, Ultrabooks or laptops while their employers provide them with desktop computers which are at least 2 or 3 years outdated. So this would be a good opportunity for the businesses to compete with the rival companies. But there are a set of risks that go along with this concept as well, such as the data risk.
An estimated 85 percent of companies allow employees to bring their own computers, tablets and smartphones to work and sync them with the organization’s email, file servers and databases. Bring your own device (BYOD) can be advantageous for both employees and corporations but it doesn’t come without risk. 4imprint’s newest Blue Paper®, podcast and infographic, Bring Your Own Device (BYOD) to Work: How It Can Be a Thirst Quencher for Your Company, explores the benefits of BYOD including increased productivity and improved responsiveness and also discusses how organizations can mitigate the associated technology and security risks.
Osterman Research conducted two surveys in February and March 2013 focused on Bring Your Own Device (BYOD) issues in small, mid-sized and large organizations, primarily in North America.
Presented at the Institute of Management Accountants (IMA) National Conference in New Orleans, LA on 6/22/13. Includes mobile best practice tips, recommended apps, web browsing, photo management, and more.
IBM Connect 2013 BP210 Using a Mobile ApproachGraham Acres
This session presents strategies to employ when planning to build a mobile application within an IBM Domino environment. Depending upon the need, whether it be mobilizing an existing Domino app, building a new Notes app with mobile components, or building an app that will support mobile first, we'll help you address the challenges that you will face in your project. What devices will I support? Does the business team understand mobile considerations when providing requirements? Does the admin team have the skills to support the mobile environment? Can I take advantage of my existing Domino infrastructure and skills? You'll leave with an understanding of the key considerations involved in building a mobile application strategy for your organization.
This document discusses the implementation of a Bring Your Own Device (BYOD) policy and program. It begins by explaining how the proliferation of mobile devices in the workplace has led to the rise of BYOD. It notes that most employees are already using their own devices for work purposes. The rest of the document outlines "The Ten Commandments of BYOD" which provide guidance on how to create a secure and productive mobile environment that supports BYOD while protecting corporate data. The ten commandments cover topics like creating a BYOD policy, identifying existing devices, simplifying enrollment, configuring devices remotely, giving users self-service options, and protecting personal information.
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...BlackBerry
1. Google and BlackBerry have collaborated to strengthen Android security for enterprises. Google has enhanced Android security through improved encryption, scanning and updates. BlackBerry extends this with advanced management, connectivity and apps.
2. BlackBerry management provides a single console for multiple Android deployment options. Its connectivity ensures secure access to corporate networks and apps from any device. Secured apps can be deployed alongside the Google Play catalog.
3. Together the solutions from Google and BlackBerry deliver the most comprehensive Android security for enterprises, including security updates, hardware protection on BlackBerry devices, and a full security suite.
The increased usage of mobile devices and the rise of social networking have made personal technology a more integral part of people's lives than ever before. This study looked to uncover any issues and concerns that people have with the increasing pervasiveness of technology in their lives, particularly around security, privacy, and heath/safety.
Some of the key findings from this study are:
- People still do not trust mobile technology enough to feel comfortable making online purchases/transactions, preferring instead to use their computers
- While people have concerns about their online privacy, it has little impact on their actual mobile technology usage
- Concerns over the usage of mobile technology and personal health have little impact on people's mobile device usage, in fact, many people are skeptical over claims that mobile technology may pose a health risk
Presentation on using the iPad for business. The "obvious" uses and some of the apps used in and actual business application setting are reviewed. Tablet interface is a serious executive information reporting and data management tool.
This document discusses the implementation and security issues related to BYOD (Bring Your Own Device) policies. It begins with an introduction to BYOD, noting the economic advantages for companies but also the security risks. The rest of the document covers: advantages of BYOD like increased productivity and lower costs; security issues with allowing personal devices on corporate networks; privacy concerns; challenges with infrastructure, device control, and support; and recommendations for developing a BYOD security policy including identifying risks, enforcing policies, and using security measures like encryption and mobile device management.
CISOs are from Mars, CIOs are from VenusBarry Caplin
Most organizations have a CIO; many have a CISO. These key leadership positions often approach solutions differently and have different motivations. The CIO must deliver IT, automation, innovation and efficiency. The CISO is tasked with assuring adherence to security frameworks and regulatory standards, and protecting against, and responding to, vulnerabilities and incidents. These mandates can conflict. And often the CISO reports to the CIO. We will take a light-hearted look at questions including: What are the issues?; Are CISOs and CIOs from different planets?; Can we align to meet critical business needs, deliver value and protect the organization?
The document outlines costume and prop ideas for characters in an upcoming film production. Kelly, Stacey, and Chantelle will wear stereotypical "chav" outfits of fake Ralph Lauren polos, leggings, and trainers to portray them as a gang. Rosie and Kate will wear floral dresses and minimal makeup to represent their innocence as young girls. Tom will wear jeans and a black top to suggest his casual and "bad boy" personality. Props like party cups, bottles of drink, snacks, a mirror, and phones will be used to establish a party scene and portray different characters. The costumes and props are designed to clearly show the inner and outer traits of each character to the audience.
The document discusses the challenges of BYOD (bring your own device) security and proposes an alternative approach of focusing on securing corporate data rather than devices. It notes that traditional MDM (mobile device management) approaches are too complex, restrict employee privacy, and don't effectively secure access to cloud applications. The document proposes that companies instead use data-centric security technologies like persistent digital watermarking and DLP (data loss prevention) to protect corporate data on any device or application, without imposing controls on personal data or device usage. This allows employees freedom while securely enabling the use of BYOD and cloud services.
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
A presentation for the 2014 TeamMate User Conference as a guide for auditors on bring your own device and mobile device management – an important and timely topic for auditors in all organizations.
Recent presentation I made at CSO Perspectives April 2011: Striking a Culturally Acceptable Balance Between Supporting Consumerized IT and Practical Security Boundaries
This document summarizes a continuing education conference for accounting, finance, and human resources professionals on technology updates for 2011. The conference will cover topics including cloud computing, security best practices, disaster recovery plans, and how to effectively use social media for business. The presenter will discuss what cloud computing really means, current security threats facing businesses, how to safeguard mission critical data through disaster recovery plans, and how to establish social media policies for business collaboration. The conference aims to bring professionals up to date on important technology topics and best practices.
This document outlines the "Ten Commandments of Bring Your Own Device (BYOD)" for creating a secure yet productive mobile environment in the workplace. It discusses the importance of creating a BYOD policy before deploying technology to address issues around supported devices, data plans, security, applications and more. It also emphasizes the need to identify all existing devices before enrollment, ensure a simple enrollment process, configure devices remotely through mobile device management software, provide self-service options for users, and protect personal employee information and data. The guidelines are meant to help support employee productivity while allowing secure use of personal apps and devices.
BYOD is an acronym that stands for bring your own device. It has been defined as an IT policy that facilitates for employees to utilize their personal mobile devices such as smart phones and tablets at work (Singh, 2012). Bring your own device can be viewed as a policy because any organization planning to adopt it needs to specify rules and regulations for the introduction and use of personal mobile devices at the workplace.
It can also be defined as an emerging trend that involves employees carrying their personal mobile devices to work for usage and connectivity to an enterprise network (Ravindra & Sadana, 2013). A trend can be defined as a novel (new) and fashionable way of doing something. In this context, a bring your own device trend can be viewed as a new cost effective and convenient way or method used by organizations to enable employees access the company infrastructure.
Leveraging Human Factors for Effective Security Training, for ISSA Webinar Ma...Jason Hong
Jason Hong presented on using microgames to educate users about cybersecurity. He discussed how mental models impact user interactions and the importance of designing systems that match user expectations. Hong described his research on the game "Anti-Phishing Phil" which significantly improved users' ability to identify phishing URLs and reduced false positives. He concluded microgames are an effective way to train users on cybersecurity if they incorporate learning science principles and provide opportunities to practice skills.
This document discusses issues related to Bring Your Own Device (BYOD) policies in corporations. It outlines some of the risks of BYOD including threats to network access and security, data leakage, increased bandwidth usage, and potential breaches of acceptable use policies. It emphasizes that developing a formal BYOD policy is important to address these risks and ensure all employees understand and agree to the policy. The policy needs to consider supporting a variety of personal devices including laptops, tablets, and smartphones running different operating systems. It also needs to address compatibility issues for browsers and mobile device management tools.
In most of the small businesses, the employees might own latest and more advanced devices like tablets, Ultrabooks or laptops while their employers provide them with desktop computers which are at least 2 or 3 years outdated. So this would be a good opportunity for the businesses to compete with the rival companies. But there are a set of risks that go along with this concept as well, such as the data risk.
An estimated 85 percent of companies allow employees to bring their own computers, tablets and smartphones to work and sync them with the organization’s email, file servers and databases. Bring your own device (BYOD) can be advantageous for both employees and corporations but it doesn’t come without risk. 4imprint’s newest Blue Paper®, podcast and infographic, Bring Your Own Device (BYOD) to Work: How It Can Be a Thirst Quencher for Your Company, explores the benefits of BYOD including increased productivity and improved responsiveness and also discusses how organizations can mitigate the associated technology and security risks.
Osterman Research conducted two surveys in February and March 2013 focused on Bring Your Own Device (BYOD) issues in small, mid-sized and large organizations, primarily in North America.
Presented at the Institute of Management Accountants (IMA) National Conference in New Orleans, LA on 6/22/13. Includes mobile best practice tips, recommended apps, web browsing, photo management, and more.
IBM Connect 2013 BP210 Using a Mobile ApproachGraham Acres
This session presents strategies to employ when planning to build a mobile application within an IBM Domino environment. Depending upon the need, whether it be mobilizing an existing Domino app, building a new Notes app with mobile components, or building an app that will support mobile first, we'll help you address the challenges that you will face in your project. What devices will I support? Does the business team understand mobile considerations when providing requirements? Does the admin team have the skills to support the mobile environment? Can I take advantage of my existing Domino infrastructure and skills? You'll leave with an understanding of the key considerations involved in building a mobile application strategy for your organization.
This document discusses the implementation of a Bring Your Own Device (BYOD) policy and program. It begins by explaining how the proliferation of mobile devices in the workplace has led to the rise of BYOD. It notes that most employees are already using their own devices for work purposes. The rest of the document outlines "The Ten Commandments of BYOD" which provide guidance on how to create a secure and productive mobile environment that supports BYOD while protecting corporate data. The ten commandments cover topics like creating a BYOD policy, identifying existing devices, simplifying enrollment, configuring devices remotely, giving users self-service options, and protecting personal information.
Android in the Enterprise New Security Enhancements: Google and BlackBerry St...BlackBerry
1. Google and BlackBerry have collaborated to strengthen Android security for enterprises. Google has enhanced Android security through improved encryption, scanning and updates. BlackBerry extends this with advanced management, connectivity and apps.
2. BlackBerry management provides a single console for multiple Android deployment options. Its connectivity ensures secure access to corporate networks and apps from any device. Secured apps can be deployed alongside the Google Play catalog.
3. Together the solutions from Google and BlackBerry deliver the most comprehensive Android security for enterprises, including security updates, hardware protection on BlackBerry devices, and a full security suite.
The increased usage of mobile devices and the rise of social networking have made personal technology a more integral part of people's lives than ever before. This study looked to uncover any issues and concerns that people have with the increasing pervasiveness of technology in their lives, particularly around security, privacy, and heath/safety.
Some of the key findings from this study are:
- People still do not trust mobile technology enough to feel comfortable making online purchases/transactions, preferring instead to use their computers
- While people have concerns about their online privacy, it has little impact on their actual mobile technology usage
- Concerns over the usage of mobile technology and personal health have little impact on people's mobile device usage, in fact, many people are skeptical over claims that mobile technology may pose a health risk
Presentation on using the iPad for business. The "obvious" uses and some of the apps used in and actual business application setting are reviewed. Tablet interface is a serious executive information reporting and data management tool.
This document discusses the implementation and security issues related to BYOD (Bring Your Own Device) policies. It begins with an introduction to BYOD, noting the economic advantages for companies but also the security risks. The rest of the document covers: advantages of BYOD like increased productivity and lower costs; security issues with allowing personal devices on corporate networks; privacy concerns; challenges with infrastructure, device control, and support; and recommendations for developing a BYOD security policy including identifying risks, enforcing policies, and using security measures like encryption and mobile device management.
CISOs are from Mars, CIOs are from VenusBarry Caplin
Most organizations have a CIO; many have a CISO. These key leadership positions often approach solutions differently and have different motivations. The CIO must deliver IT, automation, innovation and efficiency. The CISO is tasked with assuring adherence to security frameworks and regulatory standards, and protecting against, and responding to, vulnerabilities and incidents. These mandates can conflict. And often the CISO reports to the CIO. We will take a light-hearted look at questions including: What are the issues?; Are CISOs and CIOs from different planets?; Can we align to meet critical business needs, deliver value and protect the organization?
The document outlines costume and prop ideas for characters in an upcoming film production. Kelly, Stacey, and Chantelle will wear stereotypical "chav" outfits of fake Ralph Lauren polos, leggings, and trainers to portray them as a gang. Rosie and Kate will wear floral dresses and minimal makeup to represent their innocence as young girls. Tom will wear jeans and a black top to suggest his casual and "bad boy" personality. Props like party cups, bottles of drink, snacks, a mirror, and phones will be used to establish a party scene and portray different characters. The costumes and props are designed to clearly show the inner and outer traits of each character to the audience.
While insider threat is a reality, more problems are caused by mistakes. Workers are stressed and need to get the job done. These “accidental insiders” may be dealing with unclear process, security controls that aren’t well planned, or are just trying to get something done for the customer.
In this session we will discuss: How internal process, policy and technical environment can lead to mistakes; Appropriate levels of access control, and; What we can do proactively to prevent these kinds of problems.
Secure360 5-11-11
Capella University webcast 3-18-13
The document discusses the importance of physical literacy and long-term athlete development (LTAD) for children's sports programs. It summarizes the Canadian Sport for Life (CS4L) approach of focusing on children's development over competition. The Nor'West Micro Program has revamped its mini field programs based on CS4L's LTAD model to emphasize fun, fundamental movement skills, and appropriate training for children's developmental stages through small-sided games. The goal is to improve physical literacy and lifelong participation in sports.
How do you make an inanimate object “smart”? You put a chip in it! And then you connect it to the global internet! These chips run what is typically called an embedded operating system – a Windows, unix or Linux variant, or something custom made. Because these chips are embedded in power grid equipment, medical equipment, appliances or even people, updates and patches are problematic. The Internet of Things (IoT) is growing at a rate 10-times that of standard computers. A typical hospital/clinic system may have 4-5 times as many smart connected medical devices as computers. The Dreaded Embedded refers to the proliferation of vulnerabilities associated with these devices. What are the security and privacy concerns of these devices? What about FDA and other regulatory compliance? And how do we deal with these devices as part of an information security program?
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security PitfallsDaniel Rivas
T security has become more of a concern to organizations big and small. Major security breaches or hacks are frequently reported in the media, and for every reported hack, dozens more are unreported. Small and medium-sized nonprofits are not immune to potential security breaches. Many nonprofit leaders consider the work they do of little or no value to hackers, since they’re not a bank or major retailer. Hackers prey on this naïve perception.
If you’re storing and working with data regarding members, donors, volunteers, clients or patrons, or credit cards, you could be at risk. Any breach could have severe ramifications, including loss of trust among your community or possible financial penalties.
Bad IT habits and practices make smaller nonprofits prime targets for hackers. Management, IT controls, and procedures introduce security risks to the organization. Hackers know that most small and medium-sized nonprofits don’t have the financial capacity or technical resources to implement security controls rivaling those of large organizations. Still, there are some basic sound IT practices and controls that can be put in place to provide a comfortable measure of control.
We’ll walk through the seven commonly-found bad habits and consider the potential IT security risk within each practice. We’ll also discuss effective IT policies, procedures, and tools to minimize security risks and transform bad habits into good ones.
This session is appropriate for any small or medium-sized nonprofit staff member responsible for making technology decisions, as well as nonprofit leaders influencing IT operations.
Employees are the most vulnerable asset to any organization. General IT training for employees should cover common cybersecurity threats like phishing emails, malware, weak passwords, removable media, unsafe internet habits, social engineering, and physical security risks. Training should teach employees how to identify these threats and the proper procedures to avoid them, such as using unique, strong passwords, vetting email attachments and websites, and protecting devices. Regular security awareness training and enforcement of policies like clean desk can help defend organizations against cyberattacks targeting employees.
This document discusses the challenges that employers face with "Bring Your Own Device" (BYOD) policies. It outlines the risks in the areas of data security, privacy, records management, eDiscovery, and employment law issues. While BYOD policies can improve productivity and engagement, they also increase costs compared to company-owned devices. The document recommends that employers carefully plan, create policies, use technical controls, provide training, and modify agreements when implementing a BYOD program to mitigate these risks.
Staying afloat with the mobile tide
Our devices have become so ingrained in our lives—both personal and at work—that it’s almost impossible to envision a time
when they weren’t at our disposal. Today’s businesses and their employees rely on their devices for such a large number and wide assortment of use cases that the importance of effectively managing them has never been greater.
BYOD refers to employees bringing their own devices like smartphones, laptops, and tablets to the workplace. While it can increase productivity and flexibility, it also poses security risks if not properly managed. Key challenges include supporting a variety of devices and operating systems, managing costs, and protecting corporate data and networks. Successful BYOD programs, like Intel's, develop access controls, security tools, and register employee devices to enhance user experience while maintaining security. Companies must address factors like which devices and platforms to allow, inventory management, virtualization, and data protection when deciding whether to implement BYOD.
The document discusses how companies can retain control over devices and data in a mobile world. It outlines different technical approaches for mobile device management (MDM), mobile application management (MAM), and virtualization. MDM allows device configuration and monitoring but challenges BYOD, while MAM focuses on securing individual business apps and virtualization provides access to all apps and data from any device in a highly secure manner. The document recommends balancing user access needs with security by managing only critical systems, prioritizing user experience, virtualizing and containerizing data, and automating security policies.
7.5 steps to overlaying BYoD & IoT on Existing InvestmentsCaston Thomas
This document summarizes a presentation about managing risks and enabling opportunities related to bring your own device (BYOD), the cloud, mobile technologies, and the Internet of Things. The presenter discusses viewing these trends through three lenses: personal vs corporate data, who pays, and shifts in culture and relationships. A variety of security control options are presented, including mobile device management, virtual desktop infrastructure, application wrappers, and network access control. The presenter advocates for a comprehensive, multilayered approach combining several controls to balance security and business needs like access agility.
The importance of information security nowadaysPECB
Nowadays living without access to the information of interest at any time, any place through countless types
of devices has become unimaginable. However, its security has become more important than information
access itself. In fact today information security rules the world…! Why?
In this comprehensive ebook from Infinity Group, we highlight cyber security threats and the practical steps you can embark on to promote an effective remote and hybrid workforce for your business.
The document discusses the rise of Bring Your Own Device (BYOD) programs in workplaces and provides 10 commandments for effectively managing a BYOD program. It recommends that organizations first create a mobile device policy that considers what devices and apps will be allowed and how corporate and personal data will be separated and secured. It also stresses the importance of allowing simple, self-service enrollment and configuration of devices to reduce burden on IT staff and encourage user adoption. Continuous monitoring of devices is advised to ensure compliance with security policies and allow for automated responses to issues.
The document discusses two major technology trends in Thailand for 2012: consumerization and predictive analytics. Consumerization refers to consumer technologies being adopted for business use, such as employees using their personal devices for work. This brings challenges around security, applications, and lost control for companies. Predictive analytics uses statistical techniques to analyze data and predict future events. It has applications in various industries for tasks like customer relationship management, medical decisions, fraud detection, and retention programs. The document provides examples and context around both of these trends in technology for Thailand.
iPads on your network? Take Control with Unified Policy and ManagementCisco Mobility
Employee's are bringing tablets and smartphones onto corporate networks, increasing IT workload without adding resources. See how the Cisco Identity Services Engine and Cisco Prime Network Control System will help IT take control of the onslaught of mobile devices entering the network. Learn more: http://cisco.com/go/wireless
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
Joel Cardella has over 20 years of experience in IT, including infrastructure operations, data centers, sales support, network operations, and security. He provides his email and Twitter contact information. The document discusses using a risk-based approach to cybersecurity and focusing on reducing risks to the business using positive return on investment. It provides examples of security strategies and a layered security model.
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
Consumerization and mobility in the enterprise – and our daily lives – is not only here to stay, but its footprint and influence is expanding. What does the broader consumerization and mobile environment look like? How do you assess the drivers for adoption and the cost/benefit of a mobile-enabled organization?
Join us for this session to get an understanding of how a large state government agency took a proactive approach to enablement that ultimately set them ahead of the security challenges, rather than behind.
Anyone handling sensitive information in this day and age needs to to have a solid security setup and a plan for when something goes wrong. This webinar aims to get you looking at your security with fresh eyes and give you an outline of an action plan.
What 2014 holds for Internal CommunicationsTrefor Smith
This is the follow up to last years guide to Internal Communication trends. This years guide outlines 4 main areas that we think are going to be key in 2014, along with sub themes and a wealth of hints and tips. We hope it is of benefit, and brings you success with your 2014 internal communications!
Learn more at CloudUniversity: www.cloudservices.education
BYOD: (Bring Your Own Device) - A trend allowing employees to use their own personal devices, like smartphones, tablets and laptops, for work purposes. By clearly communicating company BYOD policies, a business will build trust and good rapport with employees while ensuring that company information remains safe.
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
Let us delve into strategies to safeguard your business's intellectual property (IP) and avoid leaks. Explore how Confiex's Virtual Data Room acts as a fortress against unauthorized access, ensuring your sensitive data and valuable IP remain protected at all times.
Source- https://confiexdataroom.com/blog/data-room/virtual-data-room/how-to-avoid-business-ip-leaks/
Similar to IT Consumerization – iPad’ing the Enterprise or BYO Malware? (20)
What’s the value of a stolen healthcare record? The healthcare sector has traditionally lagged behind other industry sectors in cybersecurity. HIPAA, the primary regulatory standard for healthcare, focuses on confidentiality of personal health information (PHI). Is that the right focus? In this session we’ll cut through the hype to understand what’s happening in healthcare security. However, this is not just a story about healthcare…we can apply the same lessons to any industry sector.
Key learning points:
What are the issues that cause the healthcare sector to lag other industry sectors in healthcare?
What's wrong with HIPAA and what needs to be done?
How can we use the NIST Cybersecurity Framework to build a comprehensive security program for healthcare?
With new and renewed attacks against our organizations, Incident Response and Management needs to be a core part of your Information Security program.
Doing only what’s worked in the past and focusing on “preventing” breaches in not a viable tactic. We need to focus broadly on proactive, detective and responsive measures. We need to provide leadership when things go wrong.
Incident Response and Management could be one of the most important parts of a security program because "when" it happens, how we respond to minimize the impact can make a huge different both for the patients/customers and the organization.
With new and renewed attacks against our organizations, Incident Response and Management needs to be a core part of your Information Security program.
Doing only what’s worked in the past and focusing on “preventing” breaches in not a viable tactic. We need to focus broadly on proactive, detective and responsive measures. We need to provide leadership when things go wrong.
Incident Response and Management could be one of the most important parts of a security program because "when" it happens, how we respond to minimize the impact can make a huge different both for the patients/customers and the organization.
Wearing Your Heart On Your Sleeve - Literally!Barry Caplin
“Wearables” are all around us. From fitness trackers to smart watches, many people are using these devices to monitor their health. Of course, we’ve had other types of portable health devices for quite a while including automated insulin pumps and pacemakers. These devices use various communication methods… but do we know what personal data is being communicated and how it’s shared? We will look at the current state of health and fitness wearables and portables and discuss where things are going.
Discuss the current state of health and fitness wearables.
Review privacy and security considerations for wearables and fitness apps.
Consider the implications and futures for health and fitness devices.
Passwords are the main authentication method used for internet sites and applications. But passwords get stolen and have many weaknesses Here are tips you can use at home and at work to protect your information.
The CISO Guide – How Do You Spell CISO?Barry Caplin
This document summarizes Barry Caplin's presentation on his role as Chief Information Security Officer (CISO) at Fairview Health Services. The summary includes:
1) Barry Caplin discusses his strategies for learning about Fairview's business, establishing a culture of security, and baselining the organization's security when he first took the CISO role.
2) He outlines his approaches to strategic planning, tactical planning, and developing a security roadmap for Fairview.
3) The presentation covers executing the plans, using metrics and risk communication, and providing ongoing reports to Fairview's Board of Directors.
Bullying and Cyber Bullying – from the classroom to the chatroom
Bullying is a difficult problem that far too many kids, and their parents, face. This has been with us for a long time. Nearly every child knows someone, or knows of someone, who has been bullied. With advances in communications, technology, smartphones and digital cameras, the problem has grown to be 24x7, and follows kids home. With events like Facebook’s anti-bullying campaign and well-publicized teen suicides resulting from bullying on Ask.fm, this issue has been prominent in the mainstream media. Join us for this unique discussion as we look at the psychological and technological issues surrounding modern bullying.
Passwords weakness has been in the news again lately. But we have known for some time that passwords alone are not a good authentication or access control mechanism. Strong and practical authentication is very challenging. There are “strong” schemes, but they often don’t work well for users. Security practitioners are familiar with the 3 factors of authentication: something you know; something you have, and; something you are. Each of these have fundamental flaws. I like to think of them as: something you forgot; something you lost, and; something you were!
We will take a look at the current state of authentication, examine weaknesses in authentication factors, introduce the fourth factor of authentication and consider some solutions.
Tech-Smart Parents and Preschoolers
There's plenty of focus on safety for teens and pre-teens online. But what about the youngest techies? Did you know that over 6% of kids in the US have social network profile... at birth! How do online technologies effect preschoolers? We’ll talk about: your home computer, tablets and smartphones, web surfing, games and social networks. This talk is for digital natives, digital immigrants, parents, or anyone who would like to learn more about these technologies!
It’s an online world. Most adults, and even teens, need to have online accounts for banking, shopping, communications, entertainment and social networks. Even many children have online lives. With all this online activity, how we keep ourselves and our families safe? How can we protect our private information? In this session we will discuss the advantages and dangers of our online lives. We will review practical tips for avoiding common mistakes. We will look at passwords, website safety, email and phishing, social networks and mobile devices. You can decrease the risks in our online world!
Embracing the IT Consumerization ImperitiveBarry Caplin
Barry Caplin, CISO of the MN Dept. of Human Services, discusses embracing consumerization and the security challenges of tablets and smartphones. He outlines the rapid adoption of these devices and consumer apps. Some key security risks include exposure of data, malware, lack of vetting and updates for third party apps, and privacy issues. Caplin provides an overview of potential technical solutions like mobile device management, virtualization, and containerization as well as the importance of policy, legal considerations, and user education when implementing a BYOD or mobile strategy.
Embracing the IT Consumerization ImperitiveBarry Caplin
Barry Caplin, CISO of the MN Dept. of Human Services, discusses embracing consumerization and the security challenges of tablets and smartphones. He outlines five stages of adjusting to these new technologies ("tablet grief"), and addresses issues like exposure of data, malware, vetting third-party apps, privacy policies, and bringing personal devices into the workplace. Caplin provides an overview of potential security solutions like syncing to networks, virtual desktop infrastructure, containerization, data classification, and pre-internet encryption. He advocates a holistic approach considering policy, technical, and financial aspects to make these technologies secure while also enabling flexibility.
Many CISOs come from more of a technical, rather than a business, background. However, we need to be able to communicate with Senior Management, business-area leaders and users who are usually not technologists. In this talk we will look at some of the common topics CISOs need to cover and discuss how to rephrase the messages to better reach a business-oriented audience. We will discuss: How to think about security risks in a way business personnel do; How to translate technical security topics into more business-friendly language, and; How to reach a broader audience with the information security message.
2011 may be the "year of the handheld". That is unless 2010 was! iPad sales exceeded all expectations in 2010. For the holiday season, many manufacturers came out with (and are coming out with) tablets. iPhones and Android devices can be seen everywhere... including the office. That means that people want to use these personal devices for work for a variety of reasons: they are more convenient; might be more powerful than company-issued gear; easy interfaces; they can carry less equipment, but, perhaps most importantly; these devices are finally like "real" computers. But use of these personally owned devices bring all kinds of security concerns including data leakage and vulnerabilities in these newer operating systems and apps.
We'll take a look at the convergence of mobile and desktop computing devices, security concerns and discuss some potential solutions.
Session Learning Objectives: 1. Define the convergence of mobile and desktop computing devices. 2. Discuss the tablet phenomenon. 3. Review security concerns with the use of these devices, particularly employee-owned. 4. Discuss possible solutions.
Cell phones, smart phones, tablets… FaceBook, Twitter, texting… the Internet and social networks are hardly new to our kids. New sites and features are being created all the time. New phones make these sites and services available to our kids anywhere, anytime. In this interactive talk we will discuss the basics of internet social networks, how our kids interact online, how they use mobile technology, and what we need to know to keep up.
Laws of the Game For Valley United Soccer Club travel soccer refsBarry Caplin
training on the FIFA/USSF youth soccer Laws of the Game as modified for the MN Youth Soccer Assn (MYSA) for travel soccer refs. Valley United Soccer Club is the travel soccer club in Apple Valley, MN. See http://www.vusc.org/ for more info.
Laws of the Game for Valley Athletic Assn (VAA) Community Soccer refsBarry Caplin
training on the FIFA/USSF youth soccer Laws of the Game as modified for Valley Athletic Assn (VAA) Community soccer refs. Valley Athletic Association is the community and travel sports governance body in Apple Valley, MN. see http://www.valleyathletic.org/
An introduction so various technologies for parents. Included are: Home Computers, Viruses, Safe Web Surfing, Social Networks, Cell Phones and Texting, and Reputation Management.
Internet Safety for Families and ChildrenBarry Caplin
The Internet is a useful and important part of our daily lives. Many can't
remember how we handled even the most mundane tasks without online
assistance. How did we even survive when we were kids? :-) However, along
with the good, there is bad. Children and teens (but not their parents!) are
very well versed in using the Internet, including web pages, blogs,
uploading and downloading information, music and photos, etc. They are also
trusting. This presentation will give an overview of the Internet and the
inherent dangers. Learn the realities and dangers of ``virtual communities''
websites your kids frequent like Xanga.com, MySpace.com and FaceBook.com.
Learn about the persistence of information on the net and Google hacking.
Learn the differences between a wiki, blog, Instant Messaging, text
messaging, and chat. Learn the Internet slang, key warning signs, and tips
for Parents and Kids. This talk is for anyone who has a child, who knows a
child, or who ever was a child!
The document discusses information lifecycle security management (ILSM) and outlines the key steps in the process. It begins with an overview of the Minnesota Department of Human Services (DHS) and its mission to help citizens meet basic needs. It then describes the DHS enterprise security strategy and emphasizes building security into systems from the beginning. Finally, it details the ILSM process which incorporates security activities at each stage of the system development lifecycle from concept through disposal.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 6
IT Consumerization – iPad’ing the Enterprise or BYO Malware?
1.
2. WELCOME TO SECURE360 2013
Don’t forget to pick up your Certificate of
Attendance at the end of each day.
Please complete the Session Survey front
and back, and leave it on your seat.
Are you tweeting? #Sec360
3. WELCOME TO SECURE360 2013
Come see my talks on Wed!
The Accidental Insider – Wed. 1:15P
3 Factors of Fail! – Wed. 2:35P
6. Housekeeping
We’re here all morning!
There will be breaks (but make your own if you need one)
Questions – ask ‘em if you got ‘em
IT Consumer devices – on of course! (but
vibrate or silent would be polite)
12. Why are we here?
1. Have a program
2. Considering a program
3. Just discovered iPads in the office
4. Wanted out of the office for the
morning
13. What is IT Consumerization?
More than just devices.
2 Parts:
Consumer devices
Consumer software tools
Using these in the workplace in addition to,
or instead of, company provided
14. Why are we talking about this?
But really, all
connected!
15. History – 1980’s
Early home PCs
Could augment work with
home learning/practice
First Mac
Mac
$2500
Commodore 64
$600
16. History – 1980’s
“luggables”
IBM “Portable” 5155
$4225
30 lbs
4.77MHz 8088
27. • 17% have > 1 in their household
• 37% - their partner uses it
• 14% bought cause their kid has one
• 19% considering purchasing another
http://today.yougov.co.uk/sites/today.yougov.co.uk/files/Tablet_ownersh
ip_in_households.pdf
Of iPad owners...
38. Forrester 2011 study – 37% using consumer
tech without permission
IDC survey
2010 30% BYOPC / 2011 40%
2010 69% company device / 2011 59%
Use of social doubled
Most important tool – 49% laptop, 9%
tablet, 6% smartphone
39. Self Sufficient?
PwC white paper:
“companies that have allowed Macintosh
computers… into their workplaces… find
those users support themselves and each
other. The same is true of iOS and Android
mobile users, users of software as a service
[SaaS] and other cloud services, and social
networking users.”
41. Empowered Employees
Self-taught experts know:
how to use smartphones, tablets, Web
apps like Google Docs and Dropbox
what they’re good for
how they can help the business
willing to do just that
42. Benefits
Forrester lists four
1. Communications – internal use speeds
communication
2. Social – use of tools to be in touch with
customers and shape message/attitude
3. HR – allow personal devices and you attract
young workers
4. Productivity – much consumer tech is self-
supported
73. Agenda 3
Admire the problem
Framing the Issue
Security Concerns
Solve the problem (kind of)
BYOD
74. What is IT Consumerization?
More than just devices.
2 Parts:
Consumer devices
Consumer software tools
Using these in the workplace in addition to,
or instead of, company provided
86. Security Challenges
Exposure of data
Leakage of data – sold, donated, tossed,
repaired drives
Malware
But don’t we have all this now???
87. Can’t be both…
Trend Micro survey
91% of employees would not grant
employer control over personal device
80% of enterprises stated they would
have to install management
mechanisms on mobile devices.
88. Impasse?
Resolution is in approach
Strategic
Cross-organization
Business and IT together
HR, Security, Privacy, Legal, Audit
92. Method 1 - Sync
• Direct, Net Connect or OTA
Issues:
• Need Controls – a/v, app install
control, filtering, encryption, remote
detonation
• Authentication – 2-factor?
• Leakage!
• Support
93. Method 2 – VDI
• Citrix or similar
Pros:
• Leakage – no remnants; disable screen
scrape, local save, print
• Reduced support needed
• Web filtering covered
Issues:
• Unauthorized access still an issue; User
experience; Support
94. Method 3 – Containerization
• Encrypted sandbox
• Separate work and home
• Many products
Pros:
• Better user experience
• Central management/policy
• Many products – local/cloud
• Leakage – config separation, encryption
Issues: access ; support; cloud issues
95. Method 4 – Direct Connection
• Directly connect devices to
network
• Or PC via usb
• Don’t do this! - Included for
completeness
Pros:
• Easy
Issues: no controls; no management;
no enforcement; leakage; remants; etc.
96. Apps
“non-standard” software a challenge
Updates, patches
Malware detection – can’t enumerate
badness
Business – how to transfer knowledge if
everyone uses different tools?
97. Case Study
Kraft
Deployed iPhones 2008 – by 2009 to half
of mobile users
Wanted to instill innovation
“opens employees’ minds to what is
possible”
Internal success led to successful
consumer apps – recipes, cooking videos,
shopping lists, store locator
104. Other Issues
• Notes or manually entered data
• Enterprise email/OWA
• Discovery
• Voicemail/video
105. The Future
• More tablets/phones/small devices
• More “slim” OS's – chrome, android,
ios, etc
• Cost savings/stipend?
• Cloud
• User Experience –Divide, Good,
Fixmo, VMware Horizon, Citrix XEN
• BES Fusion, Microsoft ???
106. MDM Capabilities to Consider
• Device encryption
• Transport encryption
• Complex PWs/policy
• VPN support
• Disable camera
• Restrict/block apps
• Anti-malware
InfoWorld Feb 2013 MDM Deep Dive
• Restrict/block
networks
• Remote lockout
• Remote/selected
wipe
• Policy enforcement
• OTA management
• 2-factor/OTP
107. Agenda 4
Admire the problem
Framing the Issue
Security Concerns
Solve the problem (kind of)
BYOD
Software
108. What is IT Consumerization?
More than just devices.
2 Parts:
Consumer devices
Consumer software tools
Using these in the workplace in addition to,
or instead of, company provided
109. Use of Consumer Tools
Skype – key for communications in
some countries
Facebook/Twitter for interacting with
customers
Twelpforce
111. Examples
Google docs or Dropbox for public info
(make sure the data is public)
Youtube, Vimeo for training videos (avoid
social engineering blueprints)
Facebook fan page
Twitter, LinkedIn, G+ for press releases,
outreach, customer support (just remember
who you are!)
114. Great Ideas
Ford – gave Fiestas to 100 social media
influencers, sent on “missions”, documented
on channels. Rcvd 50K inquires and sold 10K
cars in 6 days.
Pepsi – used social network outreach for
ideas for new Dew flavors
Levi Strauss – early use of location-specific
deals.
115. Social
Is there a strategy?
Or doing it to be hip? (and without a
clue?)
118. Phishing on Social Networks
Scams seem real when they come from
a “friend”
Malicious links/apps
Spread quickly when posted or “liked”
“Just say no” to apps
123. Policy
Examine existing – augment
New, but only if needed
(shouldn’t use of social be part of
your AUP? Who needs a social
media policy?)
124. Software/Apps
“non-standard” software is a challenge
Updates, patches
Malware detection – can’t enumerate
badness
Business – how to transfer knowledge if
everyone uses different tools?
125. Non-Standard Software - YMMV
Inventory
Watch
changes
X-ref v.
CVE/malware
Watch
rights
Auto-
patch
Handle
exceptions
126. Cloud
Ask:
Whose data is it?
Where is it going?
3rd party agreements?
Know your data (classification)
PIE – pre-Internet encryption
128. Summary
What are people doing?
Establish business need
BYOD, Consumer apps, or both?
Cross-domain planning (security,
IT, legal, audit, privacy, HR,
business)
Document requirements
Check out my about.me, with links to twitter feed and Security and Coffee blog.
I used one of these for remote access at my first job!
First IBM thinkpad; Apple PowerBook; Apple Newton; Palm Pilot
Spring Break 2011 in Chicago. There was a line each morning across from our hotel.We saw similar lines 2012 in NYC.
Mall of America – Apple and Msoft stores are situated opposite each other. The Apple store is always packed, Msoft always empty.
This is important because of potential for 2-factor auth adoption
Tablets pulling ahead of phones, but PC’s still rule… for now
The devices are hot and driving the space, but it’s really about the ability to have mobility – to bring the product or service to the consumer/customer.Not just “flavor of the week”.
Just say no is not a viable IT or Security strategy or response.We must partner with the business/user to provide what is needed.Just say no is an…
If your organization is saying “just say no” to consumer devices and apps, then they are already in your environmentTake opportunity to partner, lead and add value.
There is even a BYOD strategy out of the White House for federal agencies
Another example of risk v hype in the system/server world. This is from the 2012 Verizon DBIR and shows that most attacks are simple and can be avoided using basic methods
Lumension 2013 BYOD and Mobile Security report
Split into 4 groups, 1 group for each of Dr., lawyer, salesperson, sys admin. Be that business consumer and consider the use cases. Describe your business need/want. Create requirements + wish list. Describe your desired user experience. Choose a spokesperson. Share.
Now we will trade among groups. Given the use cases… now you are the CISO… respond to meet the business case AND protect the organization!
Datalossdb.org and Accidental Insider. 10% of 2nd-hand drives bought had company/private data. StarTrib malware.