2011 has been dubbed as the year of specialized attacks. This fact has been very prominent in this year’s RSA Conference held this month in San Francisco, where we saw the different leading security companies shifting focus from protecting the traditional enterprise architecture to its next evolutionary stage, which is more susceptible to targeted attacks.
New advances in technology have initiated big changes on how people work in the enterprise world. These changes are also bringing in new security challenges in the workplace. What does consumerization, BYOD, and cloud computing bring to the enterprise security scene and how should we approach these new challenges?
The New Workforce Generation
Enrique Salem’s (President and CEO of Symantec) keynote discussing the differences of today’s workforce (which he termed “digital natives”), as opposed from earlier generations, is a good way of describing the current situation being experienced by enterprises today.
Salem describes this new workforce generation as the people born during and after the Internet boom of the 1990s. They have been raised in a world where everything is connected through the web and everything is done through the web. They are natural networking people that do everyday things in ways that were never done before, using tools such as social media and cloud computing. They are mobile, able to do anything, anywhere, any time, but exhibit continuous partial attention due the volume of information that they consume every day.
This whole new generation has just started entering the workplace in the last few years. They have brought with them demands to change the traditional enterprise architecture to fit their own working methodologies.
Blurring the Lines
As more and more people start embracing new technologies from the “digital native” mindset, they are slowly integrating these technologies into their own lifestyles. Mobile, always connected, always informed… these are all very helpful capabilities to have for our everyday tasks; more and more people are applying these same concepts in the workplace. Consumer devices–which is how most people are first introduced to mobility and connectivity–start finding their way into enterprise networks. People start bringing them in and demanding their network administrators to support them because they make their work easier and faster. More and more systems are being integrated into the cloud in order to give people access to their data wherever and whenever.
New technologies and devices are starting to blur the lines between people’s personal and professional lives. RSA Chairman Art Coviello even said that we are already past the tipping point of separating the two. The end result is that IT organizations end up having to learn how to manage things that they cannot directly control; security organizations end up having to learn how to protect things that they cannot directly control.