Had an interesting conversation with new Sun Microsystems CISO Leslie Lambert this week. Lambert is a Sun veteran having held a litany of IT roles including several line-of-business CIO titles. Lambert shared a little bit about her short- and long-term goals and they include different aspects of identity management such as role-based access controls, and change management. The most interesting, however, reflects concerns any enterprise with intellectual property would have: data protection and mobility.
Sun is a global enterprise and its development and sales forces operate on campuses around the world. Sun Ray virtual desktop Java thin clients will remain standard issue, she says, but the need for mobility means a prevalence of Macintosh and Windows-based notebooks and devices. This is unavoidable and necessitates some flexibility and admittedly some security tradeoffs, says Lambert, who carries a Sony P910 mobile phone.
“Sun is an environment where we have not permitted a lot of Windows desktops. We’re shifting there,” Lambert says. “With our [employees] working from home or various campuses, the need to put more mobile devices for productivity is a reality. We’ll have to now focus on higher levels of data protection.”
Lambert says Sun employees can expect a ramp-up of awareness programs and security tools on those devices including antivirus, firewall and network access control that authenticates and audits mobile devices before they connect to the Sun network. In addition, depending on the categorization of data on the device and job responsibilities, hardware encryption may soon be part and parcel of laptops; all will have encryption software installed.
“Sun has been in a position to be able to create so much unique intellectual property to offer to the industry,” Lambert says. “Our collection of IP is who we are; protecting that is important.”