RE: [NTSysADM] IT sec pros surprisingly cavalier about mobile security best practices

[David Lum]

"Our information isn't as important as making it easy for our users to get at 
it"

-Dave Lum

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kramer, Jack
Sent: Saturday, May 03, 2014 10:14 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] IT sec pros surprisingly cavalier about mobile security 
best practices

I was specifically disallowed from requiring PIN for mobile devices connected 
to our Exchange server. Higher ed.

-Jack-


On May 3, 2014, at 7:29 AM, Ken Schaefer 
<k...@kj.net.au<mailto:k...@kj.net.au>> wrote:


Sample-size of 169 people. Given that most say they don't have a PIN, that 
would indicate that they either don't have Exchange policies, or they don't 
have an MDM in place. Or they simply don't connect their mobile device to work 
networks (that question doesn't seem to be answered in the article). I think 
that rules out pretty much all major enterprises and government departments, 
and just about any decent sized org that has centralised IT.

Cheers
Ken

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andrew S. Baker
Sent: Saturday, 3 May 2014 2:40 AM
To: ntsysadm
Subject: Re: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile 
security best practices

This is true of the privileged of every vertical.
Education just has more of them per capita.  (The music industry and law firms 
are neck and neck for a close second)






ASB
http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market...




On Thu, May 1, 2014 at 10:24 PM, Jon Harris 
<jk.har...@live.com<mailto:jk.har...@live.com>> wrote:
My experience was they were usually the ones that caused the most issues 
including putting sensitive information in public places.

Jon

________________________________
From: na...@nowmicro.com<mailto:na...@nowmicro.com>

To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile 
security best practices
Date: Fri, 2 May 2014 01:56:19 +0000


Every time a professor uses "Academic Freedom" as a reason that they should 
have admin rights to a state-owned device used to access, process, and 
potentially store private data about their students...  a ninja kills a kitten.









From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Jon Harris
Sent: Thursday, May 1, 2014 7:35 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile 
security best practices



My personal experience working in higher Ed was anyone with a PhD after their 
name always made it hard to take away permissions.  They just felt they knew 
EVERYTHING and anyone without a PhD knew nothing or very little!

Jon


________________________________

From: mich...@smithcons.com<mailto:mich...@smithcons.com>
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security 
best practices
Date: Thu, 1 May 2014 23:52:42 +0000

I preach on this to every med-and-large organization I speak with.



Higher-Ed doesn't seem to care (mostly), but CSOs and CTOs are very 
interested....



There are some EXCELLENT solutions for this, for WP7.5+, iOS 6+, BB 10+, etc. 
Android just sucks, but there are some workarounds you can apply to get 
"improved" results (for "secure" Android, you basically have to throw away 
whatever google version you are running, and run one of a couple of other 
Android builds that supports secure containers).



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David Lum
Sent: Thursday, May 1, 2014 5:37 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] IT sec pros surprisingly cavalier about mobile security 
best practices



http://www.net-security.org/secworld.php?id=16783



<image001.jpg>








David Lum

Network System Admin, Information Services

office 503-265-4728<tel:503-265-4728>  |  
modahealth.com<http://www.modahealth.com/>


I'm excited to announce that ODS Health is now Moda Health. Please make a note 
of my new email 
address,david....@modahealth.com<mailto:david....@modahealth.com>, so we can 
stay connected.


This message is intended for the sole use of the individual and entity to whom 
it is addressed, and may contain information that is privileged, confidential 
and exempt from disclosure under applicable law. If you are not the intended 
addressee, nor authorized to receive for the intended addressee, you are hereby 
notified that you may not use, copy, disclose or distribute to anyone the 
message or any information contained in the message. If you have received this 
message in error, please immediately advise the sender by reply email and 
delete the message.