Essential Guide

A CIO's essential guide to mobile business strategy

A comprehensive collection of articles, videos and more, hand-picked by our editors
Manage Learn to apply best practices and optimize your operations.

CIO Minute on mobile security: Start by identifying sources of risk

Editor's note: In this CIO Minute on mitigating mobile security risks, O.C. Tanner Co. CTO Niel Nickolaisen lays out a common sense approach that includes identifying the sources of risk then determining the likelihood of them happening. A plan comes next. Watch the video and read the transcript below.

Niel Nickolaisen: Whenever we talk about security -- and our topic today is mobile security -- I think it's always important to start the conversation from a perspective of risk. What are the sources of the risks? And then, for each of the sources of risk, what is the likelihood and impact of those risks?

So, if we are talking about mobile security, the sources of risks are things like: What would happen if there were a breach? Did somebody have a mobile phone that was stolen or compromised? What are the sources of those risks? Do we have client data, do we have employee data on those phones? Are there apps on those phones?

Once we have answers to those [questions], we can assess the likelihood and impact. Once we know the likelihood and impact of each of the risks, we can then figure out how to mitigate the sources of risk, the likelihood of [them happening] and the impact of those risks.

This helps us take a common sense approach. Otherwise, there is a chance we might go overboard on our risk controls, our security policies and practices -- and we might clamp things down too much. That wouldn't make sense, because the thing an IT leader can't do today is try and control -- through some rigorous process -- what people are going to do with their smartphones, because they are a work, business, organization and also a personal device.

But, by taking an approach where we assess the risks -- and in a logical, practical, pragmatic way mitigate those risks -- we can get what we need without going too far.

That's the approach that has worked for me.

View All Videos

Essential Guide

A CIO's essential guide to mobile business strategy

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you go about identifying the sources of risk to your company's mobile security?
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close