Five Common Legal & Regulatory Challenges With Social Media

It should come as no surprise that regulators and organizations alike struggle to set and enforce guidelines for social media activity. It’s not just that the rise of social media is rapidly transforming the way we interact with people, customers, and brands; but also how many ways this transformation is happening.

The core issue is that social media alters the way we as individuals share who we are, merging our roles as people, professionals, and consumers.  As we share more of ourselves on a growing number of social networks, questions quickly surface:

  • How frequently and on what social networks should we post?
  • When should we present ourselves in our professional role versus sharing our personal opinions?
  • Is it okay to be social media friends with co-workers, clients, or your boss?

These are complicated matters for individuals, and absolute conundrums for organizations concerned with how employees behave and interact with others in, and outside of, the workplace. Their questions are even more complicated:

  • Can organizations dictate how their employees use social media?
  • Can they monitor social media conversations or use it to learn more about prospective job applicants?
  • When does the personal connection allowed by social media tools cross the line from business to personal?
Read more

The "Home Security" Administrator

I had a conversation recently with one of the top consumer antivirus companies in the world. What came out of this conversation was very intriguing. The conversation presented a vision into how mobility is shaping consumer views on security and how security of the home might be improved.

The vendor and I began by discussing the rapid growth that homes are seeing in the number of Internet-connected devices. An average person today has approximately five consumer devices connected to the Internet in their home, and the number is growing rapidly. For example, my home has the following devices connected today:

  • Two iPhones.
  • Two iPods.
  • Two Kindle Fires HD.
  • Two Apple TVs.
  • Four TV set top boxes.
  • One Mac Mini.
  • Three Windows laptops.
  • One printer.
  • One Xbox.
Read more

Orange Business Services Analyst Event 2013: The Cobbler Sticks To His Last

Brownlee Thomas, Ph.D., Dan Bieler, Henning Dransfeld, Ph.D., Bryan Wang, Clement Teo, Fred Giron, Michele Pelino, Ed Ferrara, Chris Sherman, Jennifer Belissent, Ph.D.

Orange Business Services (Orange) hosted its annual analyst event in Paris July 9th & 10th. Our main observations are:

Read more

Trend Micro Bets Big On Cloud Security In Asia Pacific

Trend Micro held its first Asia Pacific (AP) Industry Analyst summit on April 9, 2013 in Singapore. The most obvious message for me is that the company is clearly seeking to expand its focus well beyond the “legacy” antivirus market. Throughout the event, Trend Micro emphasized the need for cloud security solutions and the opportunities that exist in the Asia Pacific market. Speakers also highlighted the need to invest in breaking Trend Micro’s image as an antivirus vendor to help capitalize on the market opportunities for enterprise cloud security. 

Below are the two key themes highlighted by Trend Micro during the event and my take on each:

  • Enabling cloud-related security is central to company growth. Security-related concerns remain the most prominent reason that organizations cite for not adopting cloud services.  Recently, the Cloud Security Alliance (CSA) outlined the “Notorious Nine” threats for 2013, and the top three cloud-related threats include data breaches, data loss, and account hijacking. Forrester’s Forrsights IT Budgets and Priorities Survey, Q4 2012 shows that 30% of organizations in the AP region aim to create a comprehensive strategy and implementation plan for public cloud and other as-a-service offerings over the next 12 months. Cloud-related spending therefore represents a big market opportunity. Security will be central to organizations’ cloud strategies and hence spending. Trend Micro is aiming to meet this nascent demand but must better explain why it is best positioned. 
Read more

Defining The Mobile Security Market

Understanding the terms and technologies in the mobile security market can be a daunting and difficult task. The mobile ecosystem is changing at a very rapid pace, causing vendors to pivot their product direction to meet the needs of the enterprise. These changes in direction are creating a merging and twisting of technology descriptions being used by sales and marketing of the vendor offerings. What we considered “Mobile Device Management” yesterday has taken on shades of containerization and virtualization today.
Mobile antivirus used to be a standalone vision but has rapidly become a piece of the mobile endpoint security market. Where do we draw the lines, and how do we clearly define the market and products that the enterprise requires to secure their mobile environment?
 
In an attempt to help the enterprise S&R professional understand the overlapping descriptions of mobile security products, I am working on new research that will help organize and quantify the market. Understanding the detailed state of each of the technology offerings in the market, and their potential impact on a five- to 10-year horizon, will help enterprises make more-educated purchasing decisions.
 
To begin the process of covering all of the technologies being offered today, I’ve divided the solutions in the space by technology type. Not only am I analyzing technologies that are available now, but I’m also researching any additional products, services, and vendors in the mobile security space that have innovative new concepts that they are bringing to bear. These new-age offerings will help shape the future of mobile security, and we need to get ahead of the concepts now if we wish to have a better understanding of the impact of the innovation.
 
 
Read more

RSA acquires Aveksa and finally joins the full-functionality IAM suites vendor party

 

On July 1, 2013, RSA acquired Aveksa for an undisclosed sum. The Aveksa access governance solution, which includes access request management and approval, attestation, role mining and management, user account provisioning, identity administration and auditing will augment RSA's existing product lines for access control (RSA Access Manager, RSA Authentication Manager, RSA Federated Identity Manager, RSA Adaptive Federation, RSA Adaptive Directory, etc.). Short term, Aveksa will operate under its old management and will keep its OEM relationship with OneLogin for single sign-on into SaaS applications. Forrester expects that RSA will integrate its access management, VMware Horizon, and fraud management (SilverTail) product lines into a modern and full functionality IAM portfolio using risk and identity intelligence concepts -- and which will initially probably suffer from the growing pains that Dell's Quest IAM acquisition and Oracle's stack suffered from immediately after their IAM acquisitions. Forrester expects that long term, RSA also will revitalize and consolidate its access management portfolio, solidify its presence in the cloud IAM space (IAM as a SaaS offering), and offer the stack as a fully hosted option, similar to CA's CloudMinder.

What it means: After years of consolidation and vendors bailing out of the space (HP, BMC, etc.), we will have one more vendor to choose from in the complete, full-functionality IAM suites market. This will create greater competition and more innovation -- something we and our clients are particularly happy about.