Through 2007 IT needs to prepare itself for an onslaught of unmanaged IP enabled devices as millions of users plug in new computers, USB drives, music/video players, handheld mobile devices, and even the stray game console into enterprise networks. In addition to new shiny objects many users will install applications like iTunes, VoIP, multi-player games, and all manner of non-compliant software on their enterprise-owned computers, all of which introduce security risks, complicates support groups, and creates instability for compliance initiatives.
Consumer products are becoming more sophisticated and in many cases support Internet connectivity, data-synchronization with computers and significant data storage capabilities. Allowed or not, consumer products are creating an increasingly hostile device population and they should be treated as such. The ability to secure and manage any asset connecting to the enterprise network, or block access all together, is critical to limiting the security risk of these products and to increase the ability for organizations to manage their networks against them.
The evolving threat environment has also shifted the focus of the attackers from systems to data. As data has become more digitized and transient and as more unmanaged assets take advantage of corporate network services IT has become ineffective in protecting corporate data. A new wave of consumer devices and non-compliant applications creates an environment where protecting data from theft or breach, which results in undermining consumer and investor confidence, becomes critical to the business.
Bottom Line: Consumer products are invading corporate networks and IT must implement processes and technologies to define and enforce usage policies, support security configuration baselines, enforce application control and treat non-managed assets as hostile until proven otherwise.