Employees who use their own devices for work functions gain flexibility and can be more productive, but those devices are typically more difficult for IT to secure and manage.

Big data, the consumerisation of IT and the growing dominance of mobile devices are the three trends that are set to dominate the IT landscape in 2012, according to global non-profit IT association ISACA.

“Big data” refers to the extremely large volumes of data being collected by enterprises in an increasingly connected world, through diverse sources which also include social networks, sensor networks and customer chat sessions.

“Big data is going to evolve out of its ‘shiny new object’ status in 2012. IT leaders will need to figure out how to coax order out of the chaos from all those zeroes and ones, as well as optimise ROI and manage data privacy,” said Mr Ken Vander Wal, International President of ISACA.

In a white paper on Data Analytics – A Practical Approach, ISACA recommended that enterprises use analytics across many projects for greater insight, performing ad hoc analysis to support key areas of risk, and defining measures of success along the way.

The second major trend, the consumerisation of IT, is marked by the invasion of employee-owned smartphones and tablet devices into the workplace. ISACA noted that employees who use their own devices for work functions gain flexibility and can be more productive, but those devices are typically more difficult for IT to secure and manage.

Describing the BYOD (Bring Your Own Device) development as “a fast-moving train”, Mr Robert Stroud, past International Vice President of ISACA and currently Vice President, Innovation and Strategy, CA Technologies, said, “IT departments have to jump on it or risk getting left at the station.”

An ISACA survey of IT professionals found that enterprises in Europe, North America and Oceania are more likely to allow employees to use corporate IT assets and time for personal purposes to promote work-life balance, while those in Asia, Latin America and Africa say their enterprises generally restrict this due to security concerns.

For organisations that embrace BYOD, Mr Stroud suggested a two-pronged approach to security by focusing on both the device and the data it can access. “In 2012, we should see an increased focus on the mobile device and its access to information. IT will need to answer questions such as, ‘Who is accessing corporate information, when and from what device? Is the device trustworthy?’” said Mr Stroud.

Indeed, the growth of mobile devices is set to become one of the most prominent elements in the 2012 security landscape. These devices could range from smartphones and tablet computers to laptops and Universal Serial Bus (USB) memory sticks. “2012 will see a sharp increase in attacks targeted at mobile devices, either to exploit them or use them as an access point to corporate networks,” said Mr John Pironti, Security Advisor, ISACA, and President, IP Architects.

In ISACA’s view, information security managers need to create an easily understood and executable policy that protects against the data leakage and malware – and then communicate it. These are central to effective governance of enterprise IT. As noted in the 2011 Global Status Report on the Governance of Enterprise IT by ISACA’s research affiliate, the IT Governance Institute, “The right governance enablers can ensure the transparency of IT supply and demand and facilitate decision making about demand and its prioritisation in pursuit of value delivery to the enterprise.”