The rapid adoption of the newest mobile devices -- especially the Apple iPhone and iPad and the Google Android-based equivalents -- will be a huge disruptive force in enterprise security next year. Not only will there be pressure to decide how to protect and manage these devices, which are growing as malware targets, the complexity of this task is magnified many times over because companies are allowing employees to use their own personal smartphones and tablets for business purposes -- what's sometime called "bring your own device" (BYOD).
And if that weren't enough, 2012 is likely to be the year when information-technology managers will be forced to come to grips with the security consequences of their own decisions to virtualize their networks, which has widely impacted servers and may also radically transform traditional desktop environments. But virtualization architectures are giving rise to the need for new types of security controls and options that must be weighed in the context of the network use. And decisions to link virtualized environments to cloud-based services also mean coming to grips with new security considerations.
[ Check out InfoWorld's guide to a successful BYOD and mobile IT strategy, as well as lessons from managing 12,500 iPads. | Learn about consumerization of IT in person March 4-6, 2012, at IDG's CITE conference in San Francisco. | Get expert advice about planning and implementing your BYOD strategy with InfoWorld's 29-page "Mobile and BYOD Deep Dive" PDF special report. | Keep up on key mobile developments and insights with the Mobilize newsletter. ]
MORE ON SECURITY: 2011's biggest security snafus
"One of the biggest challenges for companies is moving into the cloud space and virtualizing a lot of the products they use," says Lenin Aboagyue, principal security architect at Apollo Group, which owns and operates the University of Phoenix and other higher-education institutions where providing a wide array of high-bandwidth applications used for online learning is paramount.
Security controls such as data-loss prevention, anti-malware, encryption and intrusion-prevention shouldn't be forsaken in the quest to virtualize and link into cloud platforms, he says. In the hybrid virtualized environment Apollo Group is growing, Aboagyue says there's a need to constantly assess how security vendors or cloud services support virtualization-oriented security.