Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BYOD is a user-driven movement, not a secure mobile device strategy

Sean Martin, a CISSP and the founder of imsmartin consulting | July 9, 2012
Many organizations have tried to fight the tide, but it's a losing battle.

Regardless if you call it the consumerization of IT or the bring your own device (BYOD) movement, the trend of people using their own mobile devices to access corporate resources is unstoppable. Some users (guests) simply want to check their social networks, while others (employees) want to connect to their organizations' sales applications and other business apps while on the road. Many organizations have tried to fight the tide, but it's a losing battle.

Let's be honest -- users are controlling the IT security agenda, like it or not. They love their devices and the apps on them, and they want to use them at work. Clearly, vendors and enterprises alike have recognized this is more than a fad and are fueling the secondary driving force behind BYOD: the potential to make and/or save money by capitalizing on the movement.

Allowing employees to bring their own devices to work means cost-savings for corporations as it gives them the ability to avoid the expense of buying or leasing the devices themselves. These savings do come at a cost however; personal devices still need to be controlled and managed -- hence the enormous vendor revenue opportunity.

Make no mistake about it, it won't be long before there will be unfathomable numbers of these devices to control and manage throughout the corporate world. In a recent report, Gartner predicted that 90% of businesses will support corporate applications on mobile devices by 2014. And Cisco survey data suggests that we can expect to see 3.47 devices per person in 2015 and a whopping 6.58 devices per person in 2020. This begs the question: How many devices per person will the enterprise ultimately need to manage?

With this in mind, let's take a look at the basic options for addressing the BYOD phenomenon. With minor investments and relatively simple changes to infrastructure and processes, organizations can choose to:

- Block all devices that have not been provisioned by the corporation.

- Block none of the devices, regardless of their origins (note: I specifically chose this phrase over "enable all devices" as it better expresses the risk involved in letting anything access the network). [Also see: "Young employees say BYOD a 'right' not 'privilege'"]


1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.