Why BYOD represents evolution not revolution

Is BYOD necessarily the panacea that some suggests? We explore the disconnect between the theory and reality.

Henrys says that corporates need to ensure that employees sign up to BYOD policies that allow the IT department to wipe devices should they become lost. But these are without problems.

It might be easier to reach an acceptance with the employees on strict security measures, as opposed to in a situation where they have no influence on the tool du jour.

He cited an example of a test case currently going through the courts in the US where a man had lost a phone and the corporate had wiped its data. The man in question was going through a messy divorce and, along with work data, the phone played home to texts related to that divorce. The removal of that data resulted in the man taking legal action against the company he worked for.

"Whether or not he finds the policy to say that was OK to do that, we will find how much water that holds as it goes through the courts," Henrys says.

He suggested one way to avoid this is taking home corporate-provided devices and having part of that device partitioned off for personal use.

Regardless of whether the employee brings their device into the organisation or it provides them with a business device sporting the consumer features the user feels they need to perform their job, there has to be policies in place. Such policies will not only separate the business concerns from personal matters but will also ensure that confidential corporate data can only be accessed in a safe and secure manner. What's more, these policies need to be communicated effectively to the user.

Margrete Raaum, Steering Committee member of the Forum of Incident Response and Security Teams (FIRST), an international umbrella organisation of trusted computer incident response teams, suggests that firms need to create a model where all devices are deemed insecure and valuable assets on the local network can be protected in much the same way as you safeguard something that is placed directly on the internet.

"This might actually be a good strategy, as protected client networks are often more insecure than assumed by the internal firewalls, and rogue equipment is likely to exist on most company networks," she says.

"Also, it might be easier to reach an acceptance with the employees on strict security measures, as opposed to in a situation where they have no influence on the tool du jour."

The key here is to ensure that the flow of valuable data or potential malware does not cross the company's perimeters without detection, Raaum says.

Alongside the financial arguments, any company needs to weigh up whether BYOD is worth the cost and effort of implementation. Users may want the latest sexy device, but if the arguments don't stack up, there is very little incentive for the organisation to allow or fund - this.

Visit the Intel IT Centre for further help and guidance for IT managers and professionals.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Most Popular

How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021