Cloud Computing, Virtualization, and Wireless Networks
SENIOR MANAGERS WHO ARE WORKING with IT systems and processes for any length of time and building effective COSO internal control processes understand that IT technologies and their supporting processes are changing on a continual basis. Some of these changes—such as the move to wireless configured laptop or even handheld computers from desktop devices tied or wired to a network—do not have that significant of an impact on enterprise internal controls. Others do. This chapter discusses three areas where IT is changing and where enterprise management may need to take somewhat different approaches in its understanding of COSO internal controls.
This chapter begins with a discussion of the internal control implications of enterprise wireless networks, both public and private. Enterprise managers can often easily gain access to their e-mail messages or get current business news off their handheld or laptop devices and the Internet. These facilities provide a significant convenience to all system users, but they do present some control and security threats if an enterprise’s network is not properly protected through firewalls and other security controls. An enterprise’s senior manager may be quite happy to be able to gain access to e-mail messages or change an airline flight reservation over a wireless network, but those connections should be secure. This chapter will also briefly look at some wireless network security ...