Information Systems Security and Privacy
A megatrend triad comprised of cloud computing, converged mobile devices, and consumerization presents complexchallenges to organizations trying to identify, assess, and mitigate risk. Cloud computing offers elastic just-in-time serviceswithout infrastructure overhead. However, visibility and control are compromised. Converged mobile devices offer integratedcomputing power and connectivity. However, end point control and security are compromised. Consumerization offersproductivity gains and reduction in support costs. However, end point control and the organization’s perimeter arecompromised. This paper presents an overview of considerations for organizations impacted by the megatrend triad and,subsequently, shows how threat modeling techniques can be used to identify, assess, and mitigate the attendant risks.
Ingalsbe, Jeffrey A.; Shoemaker, Dan; and Mead, Nancy R., "Threat Modeling the Cloud Computing, Mobile Device Toting, Consumerized Enterprise – an overview of considerations" (2011). AMCIS 2011 Proceedings - All Submissions. 359.