02-16-12 12:05 PM
37 12
tools
  1. lnichols's Avatar
    I really don't think that you, and the other resident "security experts" at Crackberry gives as much credit to corporate Americas CIO's as they deserve...

    They would have reviewed the potential pitfalls and beenefits of a change to a BYOD policy, if necessary implemented different security levels for different users, and concluded that the change was worth it, before they proceeded.
    According to RIM's previous CEO's, they were working directly with CIO's and what Blackberry offers now is what CIO's wanted if they are to be believed. The issue is that CEO's or Cabinet level officers whom the CIO report to have told the CIO to get them iPads and iPhones working in the corporate or federal network (I've heard of this happening in lots of government places). When the CEO above you or the Secretary of Whatever tells you to get something working, you get something working, making sure that when you do you lay out all of the potential pitfalls that you are introducing (CYA) and have the higher-up sign off on it. I'm sure that they make it as secure as possible and maybe it is just as secure as BES. Maybe Good, maybe Citrix, etc. Does it save money after all this is implemented on the federal side? Don't know and they would never admit to doing something that costs more.

    FIPS is no guarantee of security either, simply another CYA even though it is a good CYA because it does require a lot of testing. I've used FIPS approved devices where vulnerabilities were discovered after they were approved, they get patched, then re-approved and you load the new code on and go.
    02-16-12 10:18 AM
  2. CrackedBarry's Avatar
    I actually think that customer satisfaction would still be higher. Using am iPhone is just a very pleasing experience overall... You should try it sometime. Same can be said for some of the.Android handsets as well, like HTC...
    02-16-12 10:19 AM
  3. Economist101's Avatar
    Nowhere on my personal list, actually. I am tasked with safeguarding systems, connections, firewalls, data, contracts. Individual employee personal satisfaction with a tool is not a concern. I leave that to the morale, welfare and recreation branch.
    Cold? Yup. Hard nosed? Yup. B1tchy? Yup. My personal opinions have nothing to do with my employees. I deal with everyone who works for me on a professional level.
    And that is the reality of an IT and contracts manager in a secure agency. Other division managers have other responsibilities.
    Again, I didn't say you should be concerned about anything. But at the same time, the feigned concern regarding how an employee might feel using an iPhone without Angry Birds is disingenuous.

    Now, personally I don't know many IT people or CIOs, but I assume they're professionals like you, and that their decisions are supported by an analysis of all pertinent risks. If the dangers are so obvious, why would they make this switch?
    02-16-12 10:20 AM
  4. undone's Avatar
    I really don't think that you, and the other resident "security experts" at Crackberry gives as much credit to corporate Americas CIO's as they deserve...

    They would have reviewed the potential pitfalls and beenefits of a change to a BYOD policy, if necessary implemented different security levels for different users, and concluded that the change was worth it, before they proceeded.
    Its not the CIO's that are driving this. Every rag I get about BYOD points to the Business/sales units that are driving the need of these non-corporate standard devices. CIO's have been the gate keepers of security, but they are being pushed by people who gain the ear of the CEO and other organizational leaders that dictate policy. Any CIO worth there salt will tell you its better to own and control the device. For CIO's to get ahead of there organizational peers, they have to adapt to a multi-platform model so they have a chance in h3ll of protecting the corporate assets (aka information). In front of the wave is where IT departments have to stay, problem is they cant always be.
    02-16-12 10:20 AM
  5. Sith_Apprentice's Avatar
    Or of course you can use something like Good Technology, and have it locked down as securely as any BB given to you by the IT department..
    GOOD is NOT as secure as a BB on BES. Lets be clear about that. It is a secure container, and does nothing to secure the device itself.
    02-16-12 10:21 AM
  6. qbnkelt's Avatar
    I actually think that customer satisfaction would still be higher. Using am iPhone is just a very pleasing experience overall... You should try it sometime. Same can be said for some of the.Android handsets as well, like HTC...
    I have tried an iPhone. I owned an iPhone and I returned it because the experience was not that satisfactory. I much prefer my Android devices. Mine have been Motorola and Samsung. And my Skyrocket has me exceedingly happy.
    As far as within my agency, satisfaction with a PC, laptop, copier, printer, mobile device are the lowest considerations. Security, productivity, monitoring and accountability are paramount.
    02-16-12 10:32 AM
  7. kraski's Avatar
    For certain agencies FIPS is the *minimum* level of certification required.
    Agencies can specify requirements that go way above FIPS.
    And some do. I no longer have to worry about that, but I recall times when any remote access to some places had to be by the ways specified by the agency/department or no access. Sometimes at some cost to the contractor.
    02-16-12 10:43 AM
  8. qbnkelt's Avatar
    Again, I didn't say you should be concerned about anything. But at the same time, the feigned concern regarding how an employee might feel using an iPhone without Angry Birds is disingenuous.

    Now, personally I don't know many IT people or CIOs, but I assume they're professionals like you, and that their decisions are supported by an analysis of all pertinent risks. If the dangers are so obvious, why would they make this switch?
    My concern about Angry Birds was intended to be disingenuous.

    There are separate organisations with different sets of risks. An organisation that is not charged with public trust would not have the same level of risk as a secure agency. If I were part of the Federal government charged with providing guides and tablets for customers to use during tours, I might see a possibility. However, just as there are preferences as well as regulatory considerations, I would not support BYOD. I would want work/personal separate. And as a personal choice, I would not want to use my personal device for work. When I take a vacation I want to take a vacation and not be saddled with work emails or phone calls.
    kbz1960 likes this.
    02-16-12 10:54 AM
  9. Laura Knotek's Avatar
    My concern about Angry Birds was intended to be disingenuous.

    There are separate organisations with different sets of risks. An organisation that is not charged with public trust would not have the same level of risk as a secure agency. If I were part of the Federal government charged with providing guides and tablets for customers to use during tours, I might see a possibility. However, just as there are preferences as well as regulatory considerations, I would not support BYOD. I would want work/personal separate. And as a personal choice, I would not want to use my personal device for work. When I take a vacation I want to take a vacation and not be saddled with work emails or phone calls.
    That is the big drawback. One of my friends formerly had a work Blackberry and a personal iPhone. His company said they wanted to save money by eliminating work-issued devices. He wanted to keep his job, so he gave up the work device. However, he is annoyed by the work emails on weekends.
    02-16-12 11:49 AM
  10. jelp2's Avatar
    Again, I didn't say you should be concerned about anything. But at the same time, the feigned concern regarding how an employee might feel using an iPhone without Angry Birds is disingenuous.

    Now, personally I don't know many IT people or CIOs, but I assume they're professionals like you, and that their decisions are supported by an analysis of all pertinent risks. If the dangers are so obvious, why would they make this switch?
    They would make the switch simply to save money. Its all about profit. How many thousands dollars could be saved by not having to purchase work devices and maintain them. Their all taking the " it's not going to happen to us chance that the employee phones wont get hacked, lost, etc. Theyll deal with it when and if it happens, but for now is about all the money being saved and showing that to the investors. Nothing more nothing less, its foolish to think it has anything to do with employee satisfaction. If that were the case, you could wear anything you wanted to work for years now.
    kbz1960 likes this.
    02-16-12 12:02 PM
  11. CrackedBarry's Avatar
    . The answer is controlling it in the OS so application access causes a warning to come up asking for permission and explaining what is being attempted. It does not have to happen every time that app tries it but, a warning should happen at least once.
    You mean like in Android?

    I partly agree with you... But then again, I trust Apple... And I suspect the vast majority of people/users are like me. Trust Apple and the developers we get our apps from, but doesn't install apps from dodgy sources. (And dodgy devs can be a threat on any platform. Some have even slipped through RIMs security measures)

    And if a developer screws up on a rare occasion like Path did, its no big deal. The day I'm so paranoid that I in all seriousness say: " ohnoes! They have my addressbook!" is the day I get rid of all of my gadgets/devices.
    02-16-12 12:02 PM
  12. Sith_Apprentice's Avatar
    You mean like in Android?

    I partly agree with you... But then again, I trust Apple... And I suspect the vast majority of people/users are like me. Trust Apple and the developers we get our apps from, but doesn't install apps from dodgy sources. (And dodgy devs can be a threat on any platform. Some have even slipped through RIMs security measures)

    And if a developer screws up on a rare occasion like Path did, its no big deal. The day I'm so paranoid that I in all seriousness say: " ohnoes! They have my addressbook!" is the day I get rid of all of my gadgets/devices.
    RIM has done this from the beginning with applications, even their own home grown ones.
    02-16-12 12:05 PM
37 12
LINK TO POST COPIED TO CLIPBOARD