DCL Connecting talent
  • Virgin
  • SingTel
  • Tata
  • Nebulas
  • CNS
  • Secure Data
  • Telstra Global
  • Telecity
  • KCOM
Comments Off on Bring Your Device to Work but Keep to Company Rules

Bring Your Device to Work but Keep to Company Rules

Posted by Admin | August 1, 2016 | IT Security

The advantages of allowing employees to bring their own technology to work outweigh the risks, but security of company data must be safeguarded

When the BYOD or bring-your-own-device trend first emerged, it was hailed by many technology experts as a game-changer for productivity, work-life balance and collaboration in businesses across all sizes and industries. Unfortunately, the reality has been markedly different, as a myriad of unforeseen issues has caused chief information officers (CIOs) to rethink their approach.


The first generation of BYOD policies left much to be desired and caused significant unease among employees, with technology research firm Gartner predicting in early-2014 that within two years one-fifth of all BYOD projects would fail.

“Companies instituted policies that were too stringent, so employees became afraid to adopt BYOD or had complaints after doing so,” says Nick Galea, chief executive of unified communications provider 3CX. “Many companies also failed to reassure employees that their personal information on their own devices would not be accessed by the company.”

While these oversights had high costs for some enterprises, there are crucial lessons to be learnt from their missteps, especially when the next generation of BYOD policies is considered.
Lessons to be learned

A central feature of many initial policies was strict containerisation, where users were only allowed to use a suite of select business apps, separated from the rest of the device. If this practice was followed in all respects then business data would be highly secure, but users have been largely resistant to this method, according to John Shaw, vice president of product management at IT security firm Sophos. “Having to sign in and out of two logically distinct interfaces, and being unable to use their favourite apps for work didn’t sit well with users in general,” he says.


The introduction of all-encompassing mobile device management (MDM) proved to be similarly problematic. This solution gives IT departments the ability to wipe the entire device clean, including all personal files, in the event of loss or hacking. Beyond the costly investment required to implement the system, MDM has security limitations that mean it is not a feasible option for most enterprises.

EM&C_dash_1





“Once my kids are logged on to play their favourite game on my iPad, they can send e-mails to anybody in my company contact list, including my boss. And the same goes for anybody who might happen to find my device on the train,” says Mr Shaw.


Some organisations may be hesitant to put BYOD policies into effect, viewing the potential security challenges as too much of a risk, but it’s now too late to put the genie back in the bottle, with a study commissioned by VMware showing that 39 per cent of UK employees would consider leaving their jobs if they were not allowed to use their mobile devices for work. Instead of looking for ways to fight against BYOD, enterprises need to embrace this movement and work with employees to ensure it is safely implemented.

“Employees are all working on personal devices. The devices may belong to the employee or to the company, but either way they are personal,” says Mr Shaw. “So BYOD has happened to some degree to every organisation; the only questions are how much control does IT have over BYOD and how wide open is the company’s security posture as a result?”

Just because a company forbids employees from downloading unapproved apps by blacklisting masses of popular programs doesn’t mean that issues of BYOD security will instantly disappear and in many cases employees will simply circumvent IT regulations. Almost 70 per cent of 20 and 30-something millennials openly admit to breaching IT policies and using apps not sanctioned by their employer, according to a survey conducted by TrackVia.

Even more concerning is the finding in the same study that 60 per cent of millennials, often referred to as digital natives, don’t have concerns about corporate security when they use unauthorised personal apps. “By all means, organisations should embrace #GenMobile’s penchant for openness, innovation and collaboration, using any device they wish, but only when they can understand and plan for the security risks these behaviours bring along,” says Alain Carpentier, Europe, Middle East and Africa vice president and general manager for Aruba, an HP Enterprise company.

Source: raconteur

126 total views, 1 today