Information security professionals are being asked to lead the evaluation and decision process around programs that involve personal devices in the workplace, and access to applications that are for both personal and professional use. How does Microsoft IT help protect the company and enable productivity?

Risk management and digital security are priorities for us, as are end-user empowerment and productivity. This is a delicate balancing act. We see three common practices that an IT department can apply to assess risk levels and instill the right internal policies to help safeguard access to sensitive information. First, IT needs to invest in raising the bar on IT controls and employee empowerment. Second, IT needs to focus on the data. Devices come and go; data will always be treasured. Third, IT needs to develop a framework that balances business value and risk mitigation.