Well, there've been very few breaches due to BYOD since then. Instead, the losses continue from the traditional venues IT doesn't seem able to address, such as insider attacks, lost thumb drives (ironically, because IT won't support cloud storage), and lost or stolen unencrypted laptops (ironically, because IT often doesn't protect PCs, where most sensitive data is used, but obsesses over mobile devices).
The number of IT fist-shakers has declined since 2010 — or at least quietly gone underground. Most organizations have figured out a balance between access and security — rarely perfect, but usually reasonable.
But there are still those in IT who refuse to accept that technology is part of most everyone's work and that many users need access to information from multiple locations and device types to do their jobs. IT's job — more complicated, to be sure — is to figure out how to facilitate that. There are now solid methods to follow for BYOD (which really indicates heterogeneous computing and access, not who pays for it), so the challenge today is more about deployment and education than figuring out a core strategy.
If you don't get that and work in IT, you can expect your career options to shrink. You're denying a fundamental reality that reflects how businesses actually operate. We've decomposed so many facets of businesses into changeable parts, and we expect employees who weren't automated away and the increasing army of contractors to be able to work anywhere, any time, on whatever they own themselves on those components.
If you can't accept that, much less help enable it, you're not the kind of technologist most businesses need. It's a fundamental shift IT needs to accept if it wants to survive as more than a group of technology janitors.
Stop blaming users for doing what they need to do. Start figuring out how to safely enable users and lay out the risks for a business to decide on acceptable compromises. It may not be easy, but it is that simple.
Sign up for CIO Asia eNewsletters.