Securing Enterprise Social Media and Mobility Apps

Similar documents
Securing Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing

Mid-market technology trends: Leveraging disruption to drive value The Dbriefs Private Companies series Anthony Stephan, Principal, Deloitte

Data Standards in Oil & Gas

CFO meets M&A: Value creation in the digital age The Dbriefs Driving Enterprise Value series

The rise of the empowered health care consumer

Webcast title in Verdana Regular

Rewriting the rules for talent management and mobility: Insights from Deloitte's 2017 Human Capital Trends Report The Dbriefs Global Mobility, Talent

ERP systems and operational transfer pricing: Relief is on the way Dbriefs Tax Operations series

Managing FTI Data Compliance. Addressing Publication 1075

Consumer engagement Guiding your customers down the yellow brick road. Strengthening the health care customer journey

Developing a Mobile Security Strategy

Outsourcing Transparency Evolution: Creating Value Across the Third-Party Extended Enterprise

AI in government: Could smart technology revolutionize the public sector? The Dbriefs Federal & State Government series

Information Technology Risks in Today s Environment

Quarterly accounting roundup: An update on important developments The Dbriefs Financial Reporting series Robert Uhl, Partner, Deloitte & Touche LLP

Internal Audit (IA) for Social Media

Digital HR: Driving organizations to be digital, not just do digital

Online Risk and Digital Reputation Management. September Risk Advisory

Implementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager

The BOLD HR Business Partner: Beyond Generalist to Trusted Advisor

Online Risk and Digital Reputation Management For private circulation only. Risk Advisory

Deloitte Accelerated Value: SaaS innovation for the digital core. Extending the potential of core systems, addressing tomorrow s needs

Thinking logically about Logical Separation Part of the Wired for Winning series on M&A IT topics

Modernizing compliance: Moving from value protection to value creation

Social Analytics in Media & Entertainment The three-minute guide

Measuring Corporate Culture: Enhancing the Board s Understanding

Enterprise Risk Management in Health Care

Reimagining IT: Leading technology organizations into the future The Dbriefs Technology Executives series

Flashpoint The digital advertising ecosystem. Overcoming new barriers to achieve better results

A View from the C-Suite: The Value Proposition of Shared and Global Business Services The Conference Board 20th Annual Global Business and Shared

Financial Strength through Consumerism and Pricing Transparency

SAP S/4HANA Finance The Finance Labs The Art of the Possible

Help Wanted Addressing the Skills Gap in US Manufacturing

Insurance Accounting & Systems Association (IASA): NY/NJ Chapter Spring 2014

Presented by David Bischof SIOPSA 2016

CPQ as a Strategic Enabler

HR and Business Collaboration for Leadership Development Why It Is Important and How to Make It Happen Andrea Derler, Ph.D.

HR Metrics and Model for Modern Times

Rich Mobile Content. by DigitalMIX. Dynamically publish content without changing a single line of code

Talent Management in Growth Markets: India

The Role of the Board in Strategy & Risk. NACD National Conference Power Breakfast October 15, 2012

TALENT-DRIVEN INNOVATION The #1 driver for creating a competitive advantage. Ben Dollar Principal Deloitte Consulting LLP

Workplace Redesign: Adapting Your Environment to Improve Productivity and Innovation

Shine a light on media accountability

Taking labs to the next level with cloud and IoT VELP Scientifica tightens the customer connection

Airline customer experience: Time to chart a new course? The Dbriefs Travel, Hospitality & Leisure series Guy Langford, Advisory Partner, Deloitte &

Global Manufacturing Industry Landscape

Creating a Risk Intelligent Enterprise: Risk sensing

Creating a Risk Intelligent Enterprise: Risk governance

High-Impact Talent Management in the Mid-Market November 30, 2016

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

Connectors Making shared services work at the core of the business rather than on the outskirts

2017 Deloitte Renewable Energy Seminar Innovating for tomorrow November 13-15, 2017

Appointing, Assessing, and Compensating the Independent Auditor The Role of the Audit Committee

Avoiding Data Loss Prevention (DLP) Pitfalls A Discussion of Lessons Learned. April 2013

2017 NASC Annual Conference SESSION G: Postmodern ERP: Back to The Future

Your Digital Brand A career development webinar for Deloitte alumni. Copyright 2018 Deloitte Development LLC. All rights reserved.

Unlock your digital marketing potential

Key findings: Almost 60% of respondents found the biggest challenge was getting answers to technical questions.

Compliance As A Profession Aditi Taylor, Senior Manager, Deloitte & Touche LLP

Corporate Tax Spring Training Trends in Tax Technology

Social Media Policy POLICY TITLE: UPDATED ON: 1 st July 2015 APPROVED BY BOARD ON:

DIGITAL DISRUPTION. Embracing Change and Harnessing the Opportunity. January 18, Copyright 2016 Deloitte Development LLC. All rights reserved.

Courageous Principals From Insight to Action. Deloitte University, The Leadership Center

Welcome to the postmodern era for public sector ERP

Empower your field technicians. A smarter approach to managing field assets using mobile tools

Conflict minerals The automotive perspective. November 2014

CFO Insights Defining and delivering your talent agenda

SATURN th Annual SEI Architecture Technology User Network Conference

Conflict minerals The retail perspective. September 2014

XBRL-based Financial Reporting: Potential Impact of an SEC Mandate

Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting

People analytics: Actionable insights are the new mandate The Dbriefs HR Executives series

The Deloitte Center for Financial Services Insights. Action. Growth.

Human Capital Trends Siiri Sutt, Deloitte Estonia

The State of the Media Democracy Deloitte s Reality Check on the Future of Media Second Edition. Select Highlights

New Technology: Mission Impossible?

Carving The Path For Cloud Transition

A quick take on The future of connectivity

Beyond Mentorship: Enrich the Employee Experience

Diversity and inclusion: Why training isn't enough The HR Executive Dbriefs series

Harnessing the power of GIS

Create Experiences. Build Customers. Drive Sales.

Social Media Guidelines: King County 1

Social Media Policy. Reference: HR th December Induction CD/ Sharepoint/ EDRMS HR Site/ Website

SEC hot topics: Year-end update The Dbriefs Financial Reporting series

Solve for now. Build for next. The Deloitte Audit

Securing Intel s External Online Presence

1. Understanding Big Data. Big Data and its Real Impact on Your Security & Privacy Framework: A Pragmatic Overview

The digital fund lifecycle

Link'n Learn Interactive Access to Deloitte Knowledge

Redefining Measurement for Continuous Learning

Take 3 Making smarter, faster resource decisions

Flashpoint Emerging wireless protocols. Evolving technologies prompt new thinking on application and business model designs

Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

Due for a transformation Accounts payable optimization with machine learning

Managing Complex Programs Using Predictive Modeling and Simulation. October 7, 2014

Practical Suggestions/Tips for an Effective BSA/AML Compliance Function

International Finance Corporation

Setting Strategy: How Should the Board Be Involved?

Transcription:

The Dbriefs Technology Executive series presents: Securing Enterprise Social Media and Mobility Apps JR Reagan, Principal, Deloitte & Touche LLP Kieran Norton, Principal, Deloitte & Touche LLP August 4, 2011

Release for answers to polling questions Understand that any data or information provided by you as part of participating in this Dbriefs webcast ( webcast ) may be used by Deloitte in connection with this webcast, other studies, or analyses performed by Deloitte, publications, or in connection with services provided by Deloitte or otherwise. Understand that this webcast is the proprietary property of Deloitte. Understand that any such data or information may be disclosed by Deloitte to related entities or other third parties, including, without limitation, in publications, in connection with this webcast or such studies, analyses, or services, provided that such data or information does not contain any information that identifies you or associates you with the data or information that you have provided or are providing. Understand disclosure of such data or information could be required by law, in which case Deloitte will endeavor to notify you.

Agenda Social media trends, drivers and risks The interplay between social media and mobility Lessons from early adopters Summary Question & answer

Social media trends, drivers and risks

Social media Did you know? Of the Fortune Global 100, 65% have active Twitter accounts, 54% have facebook fan pages, 50% have YouTube video channels and 33% have corporate blogs 2010 Burson-Marsteller study 75% of Internet users worldwide visit social networks or blogs; 22% of the time spent on Internet usage is spent on social media activities Nielsen Corporation, April 2010 Facebook has more than 750 Million users, making it equivalent in population to the world s third largest country -- Facebook.com, WorldAtlas.com, July 2011 More than 250 million users access Facebook through mobile devices and are twice as active as non-mobile users -- Facebook.com

Poll question #1 Does your organization currently allow the use of social media applications in the workplace? Yes, employees are free to use social media tools for personal or organizational use Yes, employees are free to use social media tools on behalf of the organization Yes, but only designated individuals may use social media tools on behalf of the organization Yes, but social media tools are used only by an outside vendor on our behalf No usage of social medial tools is allowed Don t know/not Applicable

Social media on the rise Use of social media/networking tools while on the corporate LAN 2008 2010 35% 33% 30% 27% 25% 24% 24% 24% 20% 19% 20% 17% 15% 13% 14% 10% 5% 0% Total US UK Germany Japan Source: Trend Micro 2010 Corporate End User Study

Business drivers for social media The adoption of social media as a business tool is rapidly increasing and can bring tremendous value 1 Increase productivity and operational efficiencies through collaboration and communication 2 Foster creativity, innovation, and collaboration 3 Enhance customer and stakeholder relationships

Social media risk landscape Identity Theft Viruses/ Malware Impersonation Privacy Information Leakage Legal/ Regulatory Social Network Statistics 25% of companies surveyed investigated exposure of sensitive information via a blog or message board; 20% investigated exposure via a social networking site 1 Intellectual Property Theft Access Control Defamation Brand / Reputation Copyright/ Trademark Harassment A cybercriminal recently offered packages of 1,000 Facebook accounts with 10 or fewer friends for $25, and 1,000 accounts with 10 or more friends for $45 2 Some Twitter accounts being sold for $1,000+ 3 Opportunity Risk for Late Adopters 1 Proofpoint and Osterman Research, Outbound Email and Data Loss Prevention in Today s Enterprise, 2010 2 Verisign idefense, April 2010 3 Kaspersky Labs, February 2010

Damaging your own brand Classic Cases of Social Media Missteps Anonymous chat, blogs, Wikipedia edits Masquerading online as a customer Response to rogue or negative postings Addressing customer service issues through normal channels -- before the customers escalate online

Poll question #2 Based upon the risks and threats presented previously, what has your organization done to address social media risks? Developed and communicated social media security and privacy policy Established social media governance committee Implemented technology and/or monitoring controls More than one of the above None of the above Don t know/not Applicable

The interplay between social media and mobility

The social media/mobile relationship Social media and mobile security risks are closely linked given the majority of social media access is being driven through mobile platforms. Entertainment Review & opinion Virtual community Collaboration Multimedia Social Media Conversation 1 The State of the U.S. Mobile Advertising Industry and What Lies Ahead, comscore,june 2011

Poll question #3 Do you think your organization currently has unapproved or unauthorized mobile devices (smartphones, tablets, e- readers) connecting to your enterprise intranet, email server etc.? Yes, I believe there are unauthorized PDAs connecting to my intranet Yes, I believe there are unauthorized tablets connecting to my intranet Yes, I believe there are unauthorized PDAs and tablets connecting to my intranet No, all devices connecting to my intranet are authorized No, all devices connecting to my intranet are authorized and we actively monitor for rogue device connections Don t know/not Applicable

Mobility growth Is innovation or consumerization driving proliferation? Employees, including senior executives, are demanding greater choice, flexibility and capabilities as they rapidly adopt and extend the use of smart phones and tablets Employees and customers Increasingly leverage these devices in their day-to-day work and personal lives Application platforms can extend the desktop to handheld devices and deliver more powerful tools to employees, potentially increasing productivity and improving bottom line performance Companies are also looking to take advantage of mobile technologies to extend their current online business models

But Mobile devices present relatively easy, low-risk points of entry to attackers, who can compromise and remotely monitor them for passwords, account numbers, and personal identification data Mobile devices are especially vulnerable to theft and loss, potentially resulting in data leakage Mobile malware is increasing and mobile device security solutions are immature There are significant, natural conflicts when using the same device for corporate and personal use The proliferation of mobile apps complicates the enforcement of enterprise security standards The key: find a pragmatic balance between security and usability

Poll question #4 Based on the mobile security threats discussed during the previous slide and knowing your organization s risk profile, which risk area concerns you most when it comes to mobility? Operational risk Technology risk Infrastructure & device risk Legal & regulatory risk All of the above Don t know/not applicable

Lessons from early adopters

What are early adopters doing? Taking an organization-centric approach 1. Understand the specific mobility use cases 2. Understand key mobility risks that affect the organization 3. Incorporate key business drivers and objectives 4. Implement security controls through both policy and technology 5. Enable, not disable adoption of new innovations (it s not stopping here )

Poll question #5 To what degree does your organization have strategies, policies, procedures and technology controls in place to effectively enforce mobile security while also meeting mobility business objectives? Overarching mobile security program inclusive of governance, process, technology and training Only process controls in the form of high level policies and procedures Only technology controls such as mobile device management solutions (MDM) Some combination of technology & process controls None of the above Don t know/not applicable

Summary

Responding nimbly Managing growing pains Content Management Risk Monitoring Access Management Policies / Standards Virus Protection Data Leakage Prevention Activity Monitoring User Education Secure Coding Vigilant Culture

Question and Answer

Join us September 1 at 2 PM ET as our Technology Executives series presents: The Death of ERP: An Urban Legend Is Dispelled

CPE certificates are now available for immediate download. Click the Request CPE link in the lower right hand corner of the screen.

Contact info Mark White Principal Deloitte Consulting LLP mawhite@deloitte.com JR Reagan Principal Deloitte & Touche LLP jreagan@deloitte.com Kieran Norton Principal Deloitte & Touche LLP kinorton@deloitte.com

This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation.

About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback