"Bring your own device" (BYOD) is a phrase that has been on the lips of many a technology professional for the past two years, but classifying it, quantifying it and facing up to it has become paramount as more and more enterprises recognise it as an area for risk mitigation.
Whether you label BYOD is a trend, a movement or a culture change, the fact remains that more employees are bringing more devices to the office, consuming resources and then crossing network boundaries to their home LAN, or a public Wi-Fi hotspot.
And these users are demanding. It has no longer become practical to bar their access to the corporate domain as many of these devices are used for one or more productive, work-based tasks.
BYOD has many faces. When addressing the phenomenon, corporate bodies must consider a number of issues that cross department lines. First of all, who is in charge? IT? Not necessarily, as Fischer explained.
"BYOD has a marketing dimension and a business dimension. From the marketing [perspective], with the consumerisation of the devices, people are now looking for a private experience within the enterprise [network].
"Policy management in the past was an IT task, but it might now move over to the security office. Then we come to network capacity management and resource allocation. We believe that in the wireless space a lot of that will be automated and the classic administration roles will [disappear].
"But we see a new need that crosses IT administration and marketing. We believe in the future the marketing department will be more empowered because they are closer to the needs, from a business perspective, [and are better able] to serve the [user] community. [Those people in] the marketing department will need to understand more about technology so they can balance business and marketing needs with what is available through [the devices]."
Continues on next page>>
Once the role of BYOD officer is handed out, then the journey begins. At IT industry research company
"We had to take a step back and look at our overall security model, not just BYOD," he told ITP.net. "For instance, when an employee has intellectual property on a device, what is the risk associated with that? Customers were asking in their RFPs [request for proposal] to us, 'What is your BYOD policy?' because they were concerned about data they shared with us being at risk."
BYOD is emerging as an issue fraught with business concerns before technology is ever considered. What are employees doing with their devices? What is their routine, at home and at work?
"The paradox in being a CIO comes from having to balance the conflicting [needs] of security and [resource] availability," said Rose. "The first step is to look at corporate strategy: efficiency, process and security. For example, I discovered that [IDC] analysts were accessing a lot of our cloud resources from Wi-Fi hotspots. So what is the difference between that and bringing one device to work and using corporate resources? What is the risk I want to mitigate?"
Such considerations gain an extra layer of complexity when organisations consider cloud, which is increasingly becoming part of the network model.
"From a BYOD and cloud perspective I believe there are three things organisations should look at," said
"Secondly, if you are using cloud services such as storing photos on the cloud, the challenge is how quickly I can upload and download. That is the only concern, because if you worry about security and you decide to choose a provider that uses encryption, then when you have a high-resolution photo [performance will decrease].
"The last point is how secure is the data in the cloud? Is it for private usage, or corporate? And when you go into the more complex environments, say government, these are regulated environments."
Continues on next page>>
Once organisations have taken stock of how their device-happy employees are living and working, the next step is to identify risks. IDC's Rose explained a process that was very personal to IDC. A bank keeps personal information and credit card details, a hospital keeps patient records. The risks of such data going astray are clear. But for IDC, the model was simpler: protecting monetisable assets.
"Am I worried about credit card information? No; we're a B2B company," he said. "Am I worried about personal information? No, we don't have personal information; we're not a hospital. For us, it's all about protecting intellectual property."
Rose went on to say that matching risks against devices is a slow and methodical process. The task involves identifying all devices and their OS platforms that use the network and whether they are personal or private; then listing all the services (email, business software, Web access) that run on the corporate network. The resultant grid becomes the granular policy for device access. What remains is to use tools that can implement the policy slickly.
"We need to reduce the [burden] on the BYOD officer; [solutions] must be as automated as possible," said
"Here [in the region] we are seeing a new trend emerging and we are going beyond BYOD to an all-wireless office where even your desktop phone is wireless."
Continues on next page>>
For Rose, the use of a network solution is sufficient to deliver control over users and their devices: "There are tools like [network-access control solution] PacketFence. It will enforce by technology, so to get on the corporate network you must be using a known device and to get on the guest network you can use any device."
"We are now targeting Generation Mobile; they are graduating today from university," said Enaya. "As a matter of fact, you can go back to [those graduating] in 2010. Those people who are joining the workforce have never connected to a wired network. In a study we conducted [in
In addressing performance,
"Users need a very stable, secure, smart and simple [
"One challenge with [the all-wireless office] is phones; people like to connect them using a cable. With
"Those who have invested heavily in wired networks need to change their approach because there is a huge demand right now for wireless," added Fischer. "And designing a wireless network is totally different from designing a wired network."
Building all-wireless environments is something
Fischer gives an example: "In our solutions we use client matching. We match the device to the application you are using. If you stream video [the system] recognises that and allocates more bandwidth to you."
Most Popular Stories
- Obama Administration Releases Proposal to Regulate For-Profit Colleges
- Some California Cities Seeking Water Independence
- Apple, HP, Intel May Take a Hit from Slowdown in Smartphone Sales Growth
- Chinese e-Commerce Giant Alibaba Gears for IPO in U.S.
- FDIC Files Lawsuit on Behalf of Banks Allegedly Hurt by Libor Scandal
- Motley Crue's Nikki Sixx Marries Model Courtney Bingham
- Will Missing Malaysian Jet Prompt Aviation System Change?
- SoCalGas Reaches Record Spend on Diversity Suppliers
- Keurig Adds Peet's coffee, Alters Starbucks deal
- Obama Seeks to Stay Neutral in CIA-Senate Conflict