The Internet and mainstream media has been ablaze with articles and opinion pieces about the dispute between the FBI and Apple over an iPhone used by one of the San Bernardino terrorists. The issue has polarized public opinion and drawn attention to longstanding tensions over access by law enforcement. The issue is complex and the implications are far reaching.
The resulting debate is a good thing because it makes us think. The issues raised are far broader than just a technology or a law enforcement question. It will affect individuals, businesses, commerce, and security in our future. It requires that these issues be debated transparently, not just in courts, but by individuals, businesses, governments, and lawmakers. Not only will it make us think about the immediate issues, it will make us think about how we use technology in many different ways.
For example, because the iPhone in this case was supplied by an organization to an employee, it will make us think about BYOD policies, device management policies and technologies, risk and liability. It may also make us think about new problems that we haven’t yet discovered. These questions will in turn create new opportunities for new technologies and applications for supplied devices. New standards of best practice will arise. These standards will have implications with how we choose to allow these technologies to be used.
The intense scrutiny on this case will help organizations focus on these risks and issues and what they must do next. And it will make us think of other ways we use technologies. This is the kind of thinking that needs to be done in the open and not in the shadows. It is the kind of challenge that can bring out the best thinking in people. And regardless of the outcome of this case, this dispute is a good thing because it forces us to think.
About David Gamey:
David Gamey is a Sr. Security Consultant, CISSP, CISA, PCI & PA QSA (P2PE) and has been with Control Gap for over 5 years. He has worked in PCI for more than 10 years and frequently stays up to date with successes and downfalls in the industry. Control Gap is a privately held company, headquartered in Toronto, with hundreds of satisfied customers across North America including retail and e-commerce merchants, service providers, financial services, healthcare, petroleum, government, and more. Control Gap helps businesses safeguard sensitive data, reduce security risk and avoid fines. ControlGap is Canada’s foremost leader in Payment Card Industry (PCI) compliance validation and advisory services, founded from decades of information security, privacy data protection, and payment industry experience, and are home to some of the best and most tested information security talent in the industry.