What’s the deal with BYOD and security?

Many of us carry around devices that contain a mix of personal and business information, which creates an issue for security teams.

For example, using your phone to entertain a toddler while dining out becomes a bad idea if you have any kind of corporate confidential data on your phone. Worse, if there is Protected Health Information (PHI) data on your phone. What happens if data is accidentally forwarded, lost, or shared inappropriately? These are some of the challenges of the bring your own device (BYOD) trend, the market progression where employees to want to have the ability to be connected to work on their own devices.

In the context of this blog, I’m speaking to mobile, but really, the issues around security, data governance and privacy apply to any device one would personally own and then connect to an employer private network.

With an increasing trend around BYOD in a corporation, there will be adoption issues. Among those issues are data breaches and data governance. How do you control data as a corporation if an employee leaves and takes their personal tablet with them? Corporate data may go with it. That’s a big problem.

It’s easy to institute corporate standards around how a device can be setup and used but without any serious controls it’s also very easy as an employee to ignore those rules, either actively or through ignorance.

ibm endpoint manager appIBM requires Tivoli Endpoint Manager on mobile devices used for work.  One thing about this piece of corporate software that could give a user pause is the ability to remotely wipe a device. Companies that care about security, and want to join the BYOD bandwagon must have carefully constructed policies around the devices, and a plan to enforce those policies.

We have to deal with long passwords, lock screens, malware detectors, power hungry VPNs and now monitoring software. All of these technologies enable us to do work on our toys.

The problem that corporations have with this new wave of mobile devices are all the personal types of uses they have and how employees view the devices as their own.

A new trend now is for people to carry two devices to satisfy these requirements. There is also work on mobile devices running the OS in a VM, allowing a locked down work VM and a second personal VM.

In my case, as long as I can still use Strava to map my bike rides, and take pictures with the camera, I’m fine with all of the corporate software on my mobile.

strava app

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Archive Stories

Explaining cloud with PLAY-DOH

Breaking down the cloud to some of its simplest concepts helps your friends and family understand exactly what it is.

Three reasons you shouldn’t fear the cloud

While attending IBM Pulse 2014, I was talking to Gus Ortiz, who is the Managed Services program manager for Jenzabar, Inc. This company provides software and services for the administration of colleges and universities. SoftLayer, an IBM company, hosts their application, so they are both a client and a business partner. Gus and I were […]

June #cloudchat: The Open Cloud Movement

Open technology is the foundation for a robust cloud. Without it, says Angel Diaz, Vice President, IBM Open Technology and Cloud Performance, “you are building a dead end cloud, whether you look at the infrastructure, the platform or how you interact.” But how can we ensure that open cloud technology stays firmly entrenched on the […]