What’s the deal with BYOD and security?

Many of us carry around devices that contain a mix of personal and business information, which creates an issue for security teams.

For example, using your phone to entertain a toddler while dining out becomes a bad idea if you have any kind of corporate confidential data on your phone. Worse, if there is Protected Health Information (PHI) data on your phone. What happens if data is accidentally forwarded, lost, or shared inappropriately? These are some of the challenges of the bring your own device (BYOD) trend, the market progression where employees to want to have the ability to be connected to work on their own devices.

In the context of this blog, I’m speaking to mobile, but really, the issues around security, data governance and privacy apply to any device one would personally own and then connect to an employer private network.

With an increasing trend around BYOD in a corporation, there will be adoption issues. Among those issues are data breaches and data governance. How do you control data as a corporation if an employee leaves and takes their personal tablet with them? Corporate data may go with it. That’s a big problem.

It’s easy to institute corporate standards around how a device can be setup and used but without any serious controls it’s also very easy as an employee to ignore those rules, either actively or through ignorance.

ibm endpoint manager appIBM requires Tivoli Endpoint Manager on mobile devices used for work.  One thing about this piece of corporate software that could give a user pause is the ability to remotely wipe a device. Companies that care about security, and want to join the BYOD bandwagon must have carefully constructed policies around the devices, and a plan to enforce those policies.

We have to deal with long passwords, lock screens, malware detectors, power hungry VPNs and now monitoring software. All of these technologies enable us to do work on our toys.

The problem that corporations have with this new wave of mobile devices are all the personal types of uses they have and how employees view the devices as their own.

A new trend now is for people to carry two devices to satisfy these requirements. There is also work on mobile devices running the OS in a VM, allowing a locked down work VM and a second personal VM.

In my case, as long as I can still use Strava to map my bike rides, and take pictures with the camera, I’m fine with all of the corporate software on my mobile.

strava app

Share this post:

Share on LinkedIn

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Archive Stories

Analyze the latest fashion trends with software as a service

What can the fashion industry teach us about SaaS? Turns out plenty.

Why CMDBs are still relevant in a cloud world

A properly designed and utilized configuration management database (CMDB) provides a foundation for good IT service management. I’ve spoken to several clients who have asked (rightly so) about whether or not to use a CMDB with their cloud provider. They have even asked questions such as “Whose CMDB should my servers and services be described […]

Do we need a cloud services broker?

By Kirk Steinkluaber, Rhonda Childress and JeongGahk Kim Kirk Steinklauber, an IBM chief engagement architect, was recently working with an existing strategic outsourcing client who wanted to use the “cloud” for their SAP applications. The client was struggling to deal with all the cloud vendors and was worried about all the different cloud processes, tools and delivery teams […]