Connect with us

Featured

BYOD: Bring Your Own Damage

Published

on

Companies need to start determining the impact BOYD plays on them and implement appropriate policies that would balance the security concerns, as well as their employees’ requirements, writes CATHERINE BERRY.

It is estimated that, by 2018, there will be approximately 10 billion mobile devices in use globally. The harsh reality is employers cannot prevent employees from utilising their personal mobile devices in the workplace, whether it be for personal or professional use. Further, organisations typically expect a high level of productivity from employees, and the utilisation of mobile devices supports this due to the large degree of flexibility it introduces for the employee. Unfortunately, the issue is exacerbated further by the fact that employees expect the organisation’s information technology to provide support in respect of these devices. What most companies do not understand is that they are in fact liable for the consequences of employees using their own personal devices for work.

Most employees would also be shocked to discover that that their devices may be subject to discovery request in the context of litigation involving their company, and may have to surrender their personal devices (containing browser history and including personal information, photos, etc).

The challenge facing organisations is that this employee IT ownership model, generally referred to as Bring Your Own Devices (BYOD), significantly influences the traditional security model, particularly since these devices are being used to access corporate data. BYOD typically includes end users who provide their own mobile phones, use their personal tablet device at work, or where there are unsubsidised devices required for business utilisation. Organisations now have to determine what the exact impact is, in order to establish appropriate procedures and policies that would balance the security concerns, as well as their employees’ requirements.

BYOD without Borders

In an attempt to establish the organisation’s exposure to BYOD, an exercise should be undertaken to determine exactly what type of data and functionality is being exposed. Consideration should also be given to legislation which may impact hereon, such as the imminent POPI Act, as well as PCI-DSS requirements (if applicable to the organisation). Other considerations include geographical spread of the devices, given that this would not only increase risk levels, but would also require absolute clarity in respect of legislation applicable to those areas.

Password Protection, Remote Wipe & Lock & Disclosure

One of the primary concerns surrounding the security of mobile devices is the loss of such devices. Particularly in respect of the content on the mobile device being accessed, or the possibility of corporate data being accessed through channels such as VPN connections. Clearly security considerations must include password protection, encryption, as well as remote wipe procedures. Many organisations enforce ActiveSync policies, pre-installed in most consumer mobile devices, to enforce password protection and remote wipe and lock. As a further measure, employees should be encouraged to keep sensitive devices in their possession, and sight, at all times. Ensuring that regular backups are made will not only salvage lost information, but will also assist with minimising downtime by easing the transfer of the information onto a new device. Last and perhaps even more importantly, having a backup of the data will make identifying what information has been lost (and thus determining whether a disclosure needs to be made in terms of regulations) that much simpler.

Verizon’s 2014 Data Breach Investigation Report considered 63,437 security incidents, of which 1,367 were confirmed data breaches. Of this, incidents where an information asset went missing, whether it be through misplacement or malice, accounted for 9,704 total incidents, and 116 confirmed data disclosures. Out of the 9,704 incidents, the theft / loss of laptops accounted for 308 incidents, desktops for 108, flash drives for 102 and a staggering 8,929 “other devices” (where the type of device has not been stipulated). Interestingly, loss of devices is 15 fold more prevalent than theft of a device. The statistics show that, in terms of location, 43% occurred at the victim’s work area, 23% from a personal vehicle and 10% from a personal residence.

Another concern posed by the use of mobile devices in the corporate network, is the risks posed by the integration of applications into our daily lives.

Vulnerabilities within the application could potentially expose the corporate network. Malware presents a major concern, particularly given the risk of it being injected into the corporate network at large.

Effective Policing Improbable

It is vital that organisations proactively engage with employees to manage their expectations relating to the support of personal mobile devices, particularly as this may impact upon information technology support resources required. It should also be borne in mind that help desk staff may require additional training to ensure that they are able to render the necessary support. Hinging hereon is the fact that organisations have less control over these devices. This makes identifying vulnerabilities which may exist, by utilising anti-virus software, ensuring patches are regularly installed, and implementing fire walls near impossible. Even if employees do agree to BYOD policies, it is questionable as to how effectively the organisation will be able to monitor the devices for compliance.

The complexities of cybercrime risk management are more intricate that imaginable; regardless of the complications – it takes just moments from connection to infection.  While staff may be protecting their personal computers, the general lack of awareness to safeguard BYOD tablets and smartphones poses a major risk to organisational cyber security. For all these reasons, businesses would be remiss to leave protection to chance, particularly in a country that is home to some of the best hackers in the world.

* Catherine Berry, Camargue Director, Commercial and Cyber Crime Division

* Follow Gadget on Twitter on @GadgetZA

Featured

IoT at tipping point

We have long been in the hype phase of IoT, but it is finally taking on a more concrete form illustrating its benefits to business and the public at large, says PAUL RUINAARD, Country Manager at Nutanix Sub-Saharan Africa.

Published

on

People have become comfortable with talking to their smartphones and tasking these mini-computers to find the closest restaurants, schedule appointments, and even switch on their connected washing machines while they are stuck in traffic.

This is considerable progress from those expensive (and dated) robotic vacuum cleaners that drew some interest a few years ago. Yes, being able to automate cleaning the carpets held promise, but the reality failed to deliver on those expectations.

However, people’s growing comfort when it comes to talking to machines and letting them complete menial tasks is not what the long-anticipated Internet of Things (IoT) is about. It really entails taking connectedness a step further by getting machines to talk to one another in an increasingly digital world filled with smart cities, devices, and ways of doing things.

We have long been in the hype phase of IoT, but it is finally taking on a more concrete form illustrating its benefits to business and the public at large. The GSM Association predicts that Africa will account for nearly 60 percent of the anticipated 30 billion connected IoT devices by 2020.

Use cases across the continent hold much promise. In agriculture, for example, placing sensors in soil enable farmers to track acidity levels, temperature, and other variables to assist in improving crop yields. In some hotels, infrared sensors are being used to detect body heat so cleaning staff now when they can enter a room. In South Africa, connected cars (think telematics) are nothing new. Many local insurers use the data generated to reward good driver behaviour and penalise bad ones with higher premiums.

Data management

The proliferation of IoT also means huge opportunity for businesses. According to the IDC, the market opportunity for IoT in South Africa will grow to $1.7 billion by 2021. And with research from Statista showing that retail IoT spending in the country is expected to grow to $60 million by the end of this year (compared to the $41 million of 2016), there is significant potential for connected devices once organisations start to unlock the value of the data being generated.

But before we get a real sense of what our newly-connected world will look like and the full picture of the business opportunities IoT will create, we need to put the right resources in place to manage it. With IoT comes data, more than we can realistically imagine, and we are already creating more data than ever before.

Processing data is something usually left to ‘the IT person’. However, if business leaders want to join the IoT game, then it is something they must start thinking about. Sure, there are several ways to process data but they all link back to a data centre, that room or piece of equipment in the office, or the public data centre down the road. Most know it is there but little else, other than it has something to do with data and computers.

Data centres are the less interesting but very essential tools in all things technology. They run the show, and without them we would not be able to do something as simple as send an email, let alone create an intricate system of connected devices that constantly communicate with each other.

Traditionally, data centres have been large, expensive and clunky machines. But like everything in technology, they have been modernised over the years and have become smaller, more powerful, and more practical for the digital demands of today.

Computing on the edge

Imagine real-time face scanning being used at the Currie Cup final or the Chiefs and Pirates derby. Just imagine more than a thousand cameras in action, working in real time scanning tens of thousands of faces from different angles, creating data all along the way and integrating with other technology such as police radios and in-stadium services.

As South Africans, we know all too well that the bandwidth to process such a large amount of data through traditional networks is simply not good enough to work efficiently. And while it can be run through a large core or public data centre, the likelihood of one of those being close to the stadium is minimal. Delays, or ‘latency and lag time’, are not an option in this scenario; it must work in real time or not at all.

So, what can be done? The answer lies in edge computing. This is where computing is brought closer to the devices being used. The edge refers to devices that communicate with each other. Think of all those connected things the IoT has become known for: things like mobile devices, sensors, fitness trackers, laptops, and so on. Essentially anything that is ‘remote’ that links to the Web or other devices falls under this umbrella. For the most part, edge computing refers to smaller data centres (those in the edge) that can process the data required for things like large-scale facial recognition.

At some point in the future, there could be an edge data centre at Newlands or The Calabash that processes the data in real time. It would, of course, also be connected to other resources such as a public or private cloud environment, but the ‘heavy lifting’ is done where the action is taking place.

Unfortunately, there are not enough of these edge resources in place to match our grand IoT ambitions. Clearly, this must change if we are to continue much further down the IoT path.

Admittedly, edge computing is not the most exciting part of the IoT revolution, but it is perhaps the most necessary component of it if there is to be a revolution at all.

Continue Reading

Featured

Don’t panic! Future of work is still human

Published

on

The digital age, and the new technologies it’s brought with it – blockchain, artificial intelligence (AI), robotics, augmented reality and virtual reality – is seen by many as a threat to our way of life as we know it. What if my job gets automated? How will I stay relevant? How do we adapt to the need for new skills to manage customer expectations and the flood of data that’s washing over us?

The bad news is that the nature of work has already changed irrevocably. Everything that can be automated, will be. We already live in an age of “robot restaurants”, where you order on a touch screen, and machines cook and serve your food. Did you notice the difference? AmazonGo is providing shopping without checkout lines. In the US alone, there are an estimated 3.4 million drivers that could be replaced by self-driving vehicles in 10 years, including truck drivers, taxi drivers and bus drivers.

We’re not immune from this phenomenon in Africa. In fact, the World Economic Forum (WEF) predicts that 41% of all work activities in South Africa are susceptible to automation, compared to 44% in Ethiopia, 46% in Nigeria and 52% in Kenya. This doesn’t mean millions of jobs on the continent will be automated overnight, but it’s a clear indicator of the future direction we’re taking.

The good news is that we don’t need to panic. What’s important for us in South Africa, and the continent, is to realise that there is plenty of work that only humans can do. This is particularly relevant to the African context, as the working-age population rises to 600 million in 2030 from 370 million in 2010. We have a groundswell of young people who need jobs – and the digital age has the ability to provide them, if we start working now.

Make no mistake, there’s no doubt that this so-called “Fourth Industrial Revolution” is going to disrupt many occupations. This is perfectly natural: every Industrial Revolution has made some jobs redundant. At the same time, these Revolutions have created vast new opportunities that have taken us forward exponentially.

Between 2012 and 2017, for example, it’s estimated that the demand for data analysts globally grew by 372%, and the demand for data visualisation skills by more than 2000%. As businesses, this means we have to not only create new jobs in areas like data science and analytics, but reskill our existing workforces to deal with the digital revolution and its new demands.

So, while bus drivers and data clerks are looking over their shoulders nervously right now, we’re seeing a vast range of new jobs being created in fields such as STEM (Science, Technology, Engineering and Mathematics), data analysis, computer science and engineering.

This is a challenge for Sub-Saharan Africa, where our levels of STEM education are still not where they should be. That doesn’t mean there are no opportunities to be had. In the region, for example, we have a real opportunity to create a new generation of home-grown African digital creators, designers and makers, not just “digital deliverers”. People who understand African nuances and stories, and who not only speak local languages, but are fluent in digital.

This ability to bridge the digital and physical worlds, as it were, will be the new gold for Africa. We need more business operations data analysts, who combine deep knowledge of their industry with the latest analytical tools to adapt business strategies. There will also be more demand for user interface experts, who can facilitate seamless human-machine interaction.

Of course, in the longer term, we in Africa are going to have to make some fundamental decisions about how we educate people if we’re going to be a part of this brave new world. Governments, big business and civil society will all have roles to play in creating more future-ready education systems, including expanded access to early-childhood education, more skilled teachers, investments in digital fluency and ICT literacy skills, and providing robust technical and vocational education and training (TVET). This will take significant intent not only from a policy point of view, but also the financial means to fund this.

None of this will happen overnight. So what can we, as individuals and businesspeople, do in the meantime? A good start would be to realise that the old models of learning and work are broken. Jenny Dearborn, SAP’s Global Head of Learning, talks about how the old approach to learning and work was generally a three-stage life that consisted largely of learn-work-retire.

Today, we live in what Ms Dearborn calls the multi-stage life, which includes numerous phases of learn-work-change-learn-work. And where before, the learning was often by rote, because information was finite, learning now is all about critical thinking, complex problem-solving, creativity and innovation and even the ability to un-learn what you have learned before.

Helping instill this culture of lifelong learning, including the provision of adult training and upskilling infrastructure, is something that all companies can do, starting now. The research is clear: even if jobs are stable or growing, they are going through major changes to their skills profile. WEF’s Future of Jobs analysis found that, in South Africa alone, 39% of core skills required across all occupations will be different by 2020 compared to what was needed to perform those roles in 2015.

This is a huge wake-up call to companies to invest meaningfully in on-the-job training to keep their people – and themselves – relevant in this new digital age. There’s no doubt that more learning will need to take place in the workplace, and greater private sector involvement is needed. As employers, we have to start working closely with should therefore offer schools, universities and even non-formal education to provide learning opportunities to our workers.

We can also drive a far stronger focus on the so-called “soft skills”, which is often used as a slightly dismissive term in the workplace. The core skills needed in today’s workplace are active listening, speaking, and critical thinking. A quick look at the WEF’s “21st Century Skills Required For The Future Of Work” chart bears this out: as much as we need literacy, numeracy and IT skills to make sense of the modern world of work, we also need innately human skills like communication and collaboration. The good news is that not only can these be taught – but they can be taught within the work environment.

It sounds almost counter-intuitive, but to be successful in the Digital Age, businesses are going to have to go back to what has always made them strong: their people. Everyone can buy AI, build data warehouses, and automate every process in sight. The companies that will stand out will be those that that focus on the things that can’t be duplicated by AI or machine learning – uniquely human skills.

I have no doubt that the future will not be humans OR robots: it will be humans AND robots, working side by side. For us, as businesspeople and children of the African continent, we’re on the brink of a major opportunity. We just have to grasp it.

Continue Reading

Trending

Copyright © 2018 World Wide Worx