I have been hearing more and more IT department and companies suggest that the days when they used to manage or control the company assets is over and it is time to allow people to bring your own device. The possible savings from those companies who are trying to save every penny seem worth it, possible reduction in hardware costs, maintenance costs, support/helpdesk could be reduced (assuming you rely on the users themselves to build and configure their own devices). Along with the possible savings though there is a certain amount of risk that you have to be able to manage or establish controls to prevent breaches based on your new open door paradigm. Asset management - a lot of IT people will scoff and say we don't manage the assets (well) now so this isn't much of a change. The current environment in many places has a limited set of operating systems, patch levels, software, and configurations. This is helpful in troubleshooting when you have an unexpected event occur
Ideas, tips, tricks, and theory on Information Security, risk management, forensics, and e-discovery.