What’s the deal with BYOD and security?

Many of us carry around devices that contain a mix of personal and business information, which creates an issue for security teams.

For example, using your phone to entertain a toddler while dining out becomes a bad idea if you have any kind of corporate confidential data on your phone. Worse, if there is Protected Health Information (PHI) data on your phone. What happens if data is accidentally forwarded, lost, or shared inappropriately? These are some of the challenges of the bring your own device (BYOD) trend, the market progression where employees to want to have the ability to be connected to work on their own devices.

In the context of this blog, I’m speaking to mobile, but really, the issues around security, data governance and privacy apply to any device one would personally own and then connect to an employer private network.

With an increasing trend around BYOD in a corporation, there will be adoption issues. Among those issues are data breaches and data governance. How do you control data as a corporation if an employee leaves and takes their personal tablet with them? Corporate data may go with it. That’s a big problem.

It’s easy to institute corporate standards around how a device can be setup and used but without any serious controls it’s also very easy as an employee to ignore those rules, either actively or through ignorance.

ibm endpoint manager appIBM requires Tivoli Endpoint Manager on mobile devices used for work.  One thing about this piece of corporate software that could give a user pause is the ability to remotely wipe a device. Companies that care about security, and want to join the BYOD bandwagon must have carefully constructed policies around the devices, and a plan to enforce those policies.

We have to deal with long passwords, lock screens, malware detectors, power hungry VPNs and now monitoring software. All of these technologies enable us to do work on our toys.

The problem that corporations have with this new wave of mobile devices are all the personal types of uses they have and how employees view the devices as their own.

A new trend now is for people to carry two devices to satisfy these requirements. There is also work on mobile devices running the OS in a VM, allowing a locked down work VM and a second personal VM.

In my case, as long as I can still use Strava to map my bike rides, and take pictures with the camera, I’m fine with all of the corporate software on my mobile.

strava app

Share this post:

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Archive Stories

#Cloudchat November Recap: Retail analytics and the cloud

Just in time for the barrage of advertisements and deep discounts that dominate the holiday shopping season, our November #cloudchat focused on retail analytics and the cloud.

Continue reading

Image portability across hypervisors

Before going deeper on how IBM SmartCloud Provisioning deploys virtual images, I discuss various hypervisors. Each of them has its own peculiarity, allowing you to leverage various features, implemented in various ways. This leads us to deal with various hypervisor limitations.

Continue reading

Workload mobility can spur contestability of IaaS cloud services

Today, enterprises can have an infrastructure as a service (IaaS) cloud on premises, off premises or both—the combination is known as a hybrid cloud environment. There are many choices for off-premises IaaS cloud choices, such as IBM SoftLayer, Rackspace, Amazon Web Services Elastic Cloud 2 and Google Compute Engine. An organization’s information technology (IT) department […]

Continue reading