I was specifically disallowed from requiring PIN for mobile devices connected to our Exchange server. Higher ed.
—Jack— On May 3, 2014, at 7:29 AM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: Sample-size of 169 people. Given that most say they don’t have a PIN, that would indicate that they either don’t have Exchange policies, or they don’t have an MDM in place. Or they simply don’t connect their mobile device to work networks (that question doesn’t seem to be answered in the article). I think that rules out pretty much all major enterprises and government departments, and just about any decent sized org that has centralised IT. Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Andrew S. Baker Sent: Saturday, 3 May 2014 2:40 AM To: ntsysadm Subject: Re: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security best practices This is true of the privileged of every vertical. Education just has more of them per capita. (The music industry and law firms are neck and neck for a close second) ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… On Thu, May 1, 2014 at 10:24 PM, Jon Harris <[email protected]<mailto:[email protected]>> wrote: My experience was they were usually the ones that caused the most issues including putting sensitive information in public places. Jon ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security best practices Date: Fri, 2 May 2014 01:56:19 +0000 Every time a professor uses “Academic Freedom” as a reason that they should have admin rights to a state-owned device used to access, process, and potentially store private data about their students… a ninja kills a kitten. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Jon Harris Sent: Thursday, May 1, 2014 7:35 PM To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security best practices My personal experience working in higher Ed was anyone with a PhD after their name always made it hard to take away permissions. They just felt they knew EVERYTHING and anyone without a PhD knew nothing or very little! Jon ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security best practices Date: Thu, 1 May 2014 23:52:42 +0000 I preach on this to every med-and-large organization I speak with. Higher-Ed doesn’t seem to care (mostly), but CSOs and CTOs are very interested…. There are some EXCELLENT solutions for this, for WP7.5+, iOS 6+, BB 10+, etc. Android just sucks, but there are some workarounds you can apply to get “improved” results (for “secure” Android, you basically have to throw away whatever google version you are running, and run one of a couple of other Android builds that supports secure containers). From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David Lum Sent: Thursday, May 1, 2014 5:37 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] IT sec pros surprisingly cavalier about mobile security best practices http://www.net-security.org/secworld.php?id=16783 <image001.jpg> David Lum Network System Admin, Information Services office 503-265-4728<tel:503-265-4728> | modahealth.com<http://www.modahealth.com/> I’m excited to announce that ODS Health is now Moda Health. Please make a note of my new email address,[email protected]<mailto:[email protected]>, so we can stay connected. This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message.
