Beruflich Dokumente
Kultur Dokumente
Srikanth Ravindran is
a service management/
information security
consultant and ITIL
practitioner with Infosys Ltd.
Ravindran has the ITIL v3
Intermediate and COBIT 4.1
Foundation certificates. He
can be contacted at srikanth_
ravindran@infosys.com.
Rajat Sadana is a process
consultant with Infosys Ltd.
He is an ITIL expert and holds
the ITIL v3 Intermediates, ITIL
v2 Practitioner and COBIT 4.1
Foundation certificates.
Sadana can be contacted at
rajat_sadana@infosys.com.
Deepa Baranwal is an
associate process consultant
with Infosys Ltd. and holds the
ITIL v3 Foundation Certificate.
She can be contacted at
deepa_baranwal@infosys.
com.
9.3%
14.8%
3.9%
72.2%
www.isaca.org/auditprograms
Read Securing Mobile Devices Using COBIT 5 for
Information Security.
www.isaca.org/
Securing-Mobile-Devices
Discuss and collaborate on mobile computing in the
Knowledge Center.
www.isaca.org/
topic-mobile-computing
implementing BYOD. According to the requirements of
PCI DSS, all devices used in processing payment card
transactions must implement encryption and passcode
protection. Similarly, the US Health Information Technology
for Economic and Clinical Health (HITECH) Act states that
health care organizations are accountable for:
The condentiality, integrity and availability of the electronic
protected health information (ePHI) of their patients
Maintaining a record of disclosure of patients PHI, failing
which they may incur financial penalties in the case of
data breaches
Ensuring that patients know who has accessed their PHI
records and when
Network/Support Capability and Platform Compatibility
BYOD can result in a plethora of additional devices being
supported by the IT infrastructure and staff. If BYOD is
implemented without having enough staff with the required
skill sets and clearly defined boundaries for scope in place,
BYOD adoption levels, user satisfaction and user productivity
will decrease. New skill sets will also be required for the
service desk, application development and maintenance
teams because they will no longer be developing apps for
a single environment. Applications and their security must
be customized to support different platforms across diverse
devices. Mobile device management (MDM) is an essential
ISACA JOURNAL Volume 1, 2013
Reward
CSI
Strategy
Train
Encourage
REFERENCES
Juniper Networks, B.Y.O.D. Without the R.I.S.K: How CIOs
Can Fully Harness the Enterprise Mobility Phenomenon, April
2012, www.juniper.net/us/en/local/pdf/pov/3200006-en.pdf
Finnie, Scot; Getting IT Set for Mobile, ComputerWorld,
8 November 2010, www.pcworld.com/businesscenter/
article/210079/getting_it_set_for_mobile.html
ISACA JOURNAL Volume 1, 2013
8
Op cit, Network World
9
Unisys Corp., Unisys Empowers Employees With
Anytime, Anywhere Access to Mission-critical
Applications, 2012, www.unisys.com/unisys/common/
download.jsp;jsessionid=D686D96891546594833F030
CCA056305?d_id=1120000970022510165&backurl=/
unisys/ri/cs/detail.jsp&id=1120000970022510165
10 Trend Micro, Bring em on!The Consumerization of
Enterprise Mobility, white paper, 2011, www.trendmicro.
com/cloud-content/us/pdfs/about/wp_bring-em-on-theconsumerization-of-ent-mobility.pdf
11
Op cit, Unisys
12 Cobb, Stephen; BYOD Infographic: For Security Its
Not a Pretty Picture, 4 April 2012, http://blog.eset.
com/2012/04/04/byod-infographic-for-security-not-apretty-picture
13 Op cit, Network World
14 Dimensional Research, Consumerization of IT Survey
2011, September 2011, www.kace.com/~/media/Files/
Resources/Analyst-Reports/Consumerization-of-ITSurvey-2011.ashx
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving ITgovernance professionals, entitles one to receive an annual subscription
to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance
Institute and their committees, and from opinions endorsed by authors employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors content.
2013 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in
writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St.,
Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25 per page. Send payment to the CCC stating the ISSN (1526-7407), date,
volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without
express permission of the association or the copyright owner is expressly prohibited.
www.isaca.org
ISACA JOURNAL Volume 1, 2013