BYOD Security: the Consumerization of Mobile Workforce Technologies
On June 28, 2007, the Blackberry was the height of business mobile technology, androids were still robotic sidekicks from "Star Wars" and when people left the office — and the super-fast T1 Internet connections that those offices built their networks on — they stopped working for the night.
The next day, Apple released the first iPhone, and the consumerization of mobile workforce technologies began.
In the ensuing years, apps shoved aside traditional software, the Internet became a 24/7 concept, tablets went from toys to workhorses and mobile computing became a way of life for anyone with a smartphone — which was nearly everyone.
Consumerization of Mobile Workforce Technology
Seven years ago, at the dawn of Facebook, most people experienced cutting-edge technology at their job and went home to an inferior laptop or desktop. Less than a decade later, the devices that represent the pinnacle of technology often find their way into the workplace in the pockets — or backpacks — of the employees who own them. As employees realize that their tablets, smartphones and mobile hotspots are often vastly superior to the clunky machines that dominate their offices, they're more frequently expressing a desire to just use — or at least incorporate — their own gadgets at work.
A Boon for Business, A Dilemma for IT and Security
Although businesses welcome any boost in productivity associated with employees incorporating their own, familiar devices — which require no training and are instantly streamlined — both IT and security experts are racing to keep up. Many companies don't have a concrete policy on when an employee may or may not tether their own 4G LTE mobile connection instead of sharing the office's shoddy wifi. Most businesses don't have a cohesive policy on when their workers are or aren't supposed to forward work emails to their Gmail accounts to get around space quotas or low image resolution. Consumerization of mobile workforce technology has made workers more efficient — and also more unbridled.
Like citizen militiamen who were expected to own and maintain their own firearms, which they would then bring with them when called to battle, many modern workers are likely to be engaged on some level in the growing trend of of BYOD, or Bring Your Own Device. There are credible sources who suggest that — especially in the United States — BYOD will not only not be curtailed, but will in fact will become mandatory (especially at larger companies). As IT departments struggle to keep up with the expanding trend, some tech pros are learning that some of the most in-demand skills are directly related to BYOD IT.
For Security Pros, Baby Steps are Best
Although the BYOD tidal wave seems to be engulfing the American workforce, the sharpest security pros are advocating a wait-and-see approach. According to recent research, more than a quarter of IT and security chiefs are not confident that their company's BYOD policy is even in compliance with data/privacy-protection regulatory acts such as HIPAA and Dodd-Frank. Half believe that sensitive corporate data is threatened by the proliferation of personal devices as work tools. In short, "the race to embrace BYOD might be outpacing sound business practices."
Chief information officers are learning to strike a delicate balance. "Anything goes" policies open the door to gaping holes in security, while zero-tolerance attitudes stifle growth and productivity. One certainty is that attempting to stonewall BYOD is a losing proposition — the trend simply isn't going to just go away. If wardens can't keep cell phones out of prisons, prohibition certainly won't work in the office. As with any emerging technological trend, the smart owners and managers are doing their best to eliminate the destructive elements without throwing the baby out with the bathwater.