Does BYOD really stand for Bolster Your Own Delusions?

I hate the BYOD (bring your own device) acronym with a passion. Whenever I put my journalistic feelers out among the security industry to get some comment for an unrelated article, you can bet your bottom dollar that no matter how precisely I've described the topic I'm writing about, someone will swing it round to BYOD.

"I'm looking for someone who can talk about developments in homomorphic encryption management as it applies to the cloud," I'll say, and the response I get from some idiot PR bunny will inevitably be: "We have someone who can discuss how BYOD can be managed in the cloud". Doh!

It's a combination of buzzword bingo syndrome (where certain tech terminologies get over-hyped to the point of press release saturation) and a need to jump on the mobile bandwagon.

Bring Your Own Device is nothing new, and security problems relating to the management of mobile devices did not start with smartphones or tablets. Laptops and netbooks have been causing security headaches for years.

Of course, laptops and netbooks never became commoditised to the point employees would rather buy their own and use them at work, which is what happened first with smartphones and more recently with tablets. As such, it's hardly surprising the need to manage these devices and control the data they access has verily exploded.

Unfortunately, the main place this combustion of need has occurred is in the media, rather than the enterprise. The smaller the enterprise, the truer this becomes. Which is why it's also hardly surprising that a newly released Gartner study has revealed that nearly a third of smartphone users who bring their own devices into the workplace have suffered a security issue and didn't tell their boss.

The report reckons only 15 per cent of respondents had signed any kind of BYOD usage agreement, and a third reported their employer had no formal policy

I did the math with the percentages in the study, and it turns out 59 per cent of employees are using their own devices in the workplace with no formal agreements or controls in place. With half of the people questioned using the device at work for more than an hour a day for social and productivity tasks, the risk to enterprise security is both obvious and potentially devastating.

The timing of the Gartner survey couldn't be better, coinciding as it does with the release of a warning from the Information Commissioners Office that businesses are failing when it comes to the security basics.

These include the storing of data in widely accessible locations. Forget Bring Your Own Device, maybe what BYOD really stands for is Bolster Your Own Delusions, both from the user who can't see the harm and the enterprise that can't see beyond the hardware cost savings.

Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.

Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.

You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.