1. International, federal, and state laws and industry regulations mandate that organizations invest in cybersecurity defenses, audits, and internal controls to secure confidential data and defend against fraud and unauthorized transactions, such as money laundering.
2. People wanting to use their mobile devices at work has led to the practice of “bring your own device (BYOD)”
3. People wanting to use their mobile devices at work is part of a growing trend called Dual-Use Mobile Equipment.
4. Many smartphones are not being managed as secure devices, with fewer than one in five adding anti-malware and only half using data encryption. This can create security problems for organizations.
5. Most smartphones come equipped with anti-malware and data encryption apps which make them secure devices for use on enterprise (workplace) networks and for handling work-related data.
6. Despite the recent increase in popularity of mobile devices, PCs continue to outnumber mobile devices in terms of number of units sold.
7. Forrester Research, Inc. estimates that a majority of companies had begun allowing employees to use their own mobile devices for some aspects of their work by 2012.
8. According to a Forrester Research, Inc. report, companies are increasingly prohibiting employees from using their personal mobile devices for work related purposes because of security and compliance challenges.
9. Cost savings associated with allowing employees to use their own mobile devices can be wiped out by increased IT costs—mostly for IT personnel who struggle to maintain control over new and existing mobile devices.
10. Cost savings associated with allowing employees to use their own mobile devices almost always outweigh any increased IT costs associated with IT personnel needed to manage new and existing mobile devices.
11. Organizations are subject to national and international regulations and standards that specify how data can or cannot be collected and stored, as well as how it must be made available in the event of an audit or legal action.
12. Controls placed on employee-owned devices can infringe on personal privacy. For instance, organizations could know what sites were visited or movies were watched, what was done on sick days, what texts were sent/received, and all social media activities during work hours and off-hours.
13. To reduce the threat of security breaches related to employee owned devices, data and ISs need to be protected from unauthorized access, including when an employee’s device is lost or stolen, or an employee leaves the company.
14. Your textbook lists 3 challenges associated with managing employee owned mobile devices used in the work place: 1) Increased costs of managing employee owned devices, 2) Employees using the devices for non-work related activity (e.g. personal social media, texting, personal phone calls) and 3) Morale issues related to the fact that some employees will have better, more expensive devices than others.
15. With the number of mobile apps hitting 1.3 million in mid-2012–compared to only 75,000 apps for PCs–-managing employee-owned devices is more complex and expensive.
16. Since mobile devices are smaller and less complex than high powered PCs, managing employee-owned mobile devices is relatively simple.
17. Cyber threats will continue to emerge, evolve, and worsen over the next 10 years and beyond.
18. Critical infrastructure is defined as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
19. Social engineering tactics are used by hackers and corporate spies to trick people into revealing login information or access codes.
20. In the United States and other