A new study says hiring a CISO reduces security incident costs by 35%. Week in Review, March 20...Enterprise CIO Forum community manager John Dodge.
Follow John Dodge on Twitter.
Issues relating to application security, not BYOD itself, is the problem that needs to be addressed. Used to be that data was accessed on one device. Now many employees have 3+ not counting their own personal devices. Every device with enterprise data is the risk. I've always been a fan of the one-to-many approach. Lock-down the apps/data ... then choose what to do re: device security. Too often when there is a well publicized incident, it isn't that a particular safeguard failed, but that there weren't any safeguards (at all) in that case. It starts with having a policy and following through on it. It starts with a checklist, like David Snow's on "How to make BYOD truly work".
(note: I work on projects sponsored by EnterpriseCIOForum.com and HP)