Are there many iPhones being used for your business as opposed to the BlackBerry?
Wessel: There are a handful of iPhones and iPads in use. I'm pretty open if someone prefers an iPhone over a BlackBerry. It's much easier to deal with the iPhone than it is to try and fight their use. I'm not personally an iPhone guy, though a couple years ago I was a test case when the beta Exchange support for iPhone came out. We also find people who go back and forth, they have the iPhone because they love it and then a year later they decide it isn't working from a business perspective and they go back to the BlackBerry.
Describe the larger security strategy that makes it so you can allow the mix of consumer devices.
Wessel: Generally my goal on security is to centralize as much as possible so I'm not trying to work on end-user devices. The end user devices are harder because you have to get to them -- you have to arrange to meet up with the user or get the device some other way -- so central security gateways are important. Good antivirus (AV) runs on our Exchange server as well as the AV on the device level. Our approach is to focus on e-mails coming in and out. I use a cloud-based archiving, spam and AV service called Mimecast. They receive all my mail and filter it, scan for malware and archive the messages before forwarding them to the Exchange server in my infrastructure. It has simplified my internal security procedures. There are fewer false positives. I almost never have to look in the queues like I used to for wanted e-mails that get trapped in the spam filter, and. I only get user calls about e-mails caught in the filter once a month.
Does the team's success of recent years mean you're having to filter many more e-mails?
Wessel: With the Celts doing well, e-mail continues to explode. Everyone continues to communicate that way, from the coaches to everyone in between like the folks in marketing. But the numbers are still very manageable: We get hundreds of e-mails a day, not hundreds of thousands as some might think.
Obviously the organization spends a lot of time on the road. How much trouble are the hotel Internet access points?
Wessel: Hotel networks are better than they used to be but not good by any means. The Macs seem immune for now, but on all the mobile devices I run more security. It uses up more CPU but I have to do it.
How are your users when it comes to security awareness. Are they a big target for social engineering?
Wessel: Slowly, users are beginning to use their heads more. They've realized they shouldn't click on any link they come across.
You mentioned Mimecast as your tool for messaging security. Who are your other security providers?