The Chasm Between BYOD And Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Enterprise Architecture
Commentary
3/5/2012
02:48 PM
Larry Seltzer
Larry Seltzer
Commentary
Connect Directly
Twitter
Facebook
LinkedIn
RSS
E-Mail
50%
50%

The Chasm Between BYOD And Security

There's just no good intersection of sound device security and a bring-your-own-device policy.

One of my big takeaways here at RSA 2012 in San Francisco is the dichotomy--nay, the chasm--between the dual business imperatives of security and mobile device support, especially in a bring your own device (BYOD) setup. This problem is core to the consumerization of IT and it's not a good situation out there, folks.

Most of the press going into the show indicated a focus on "big data" and privacy issues and there was a lot of that. But I think that by far the biggest problem on people's minds was that of data breaches.

You don't hear big news stories often anymore about massive breaches of, for example, credit card data. But breaches do happen. In fact, it's likely that we only find out about a minority of them. The really successful ones go undetected. And there are weaknesses enough in corporate networks without adding mobility to the mix.

On one of the panels I saw Michael Dahn of PricewaterhouseCoopers put it this way: The right way, the only real way to protect your data is to begin at the beginning: Identify your data, protect it, and protect all access to it. Unfortunately, very few companies have a clear idea of where all their data is.

Now throw in users with their own devices on mobile networks demanding access to that data you're supposed to be protecting, both because it's your job and because there are laws that require you to protect it. For you to have any real confidence in the data under such circumstances you'll have to have control of the device, the software running on it, and the power to wipe it if necessary.

There are companies that demand this sort of control in a BYOD environment and it's probably still not enough. BYOD itself is an outcome of the fact that convenience will almost always trump security. We pay a lot of lip service to security, but in the end we don't want ourselves inconvenienced by it.

There are solutions out there that hold out some hope for IT to meet their obligations without their users hating them too much. Good Technology, for example, has a mobile app environment that is isolated and secured. Good got a bad reputation for apps that were unpleasant to use, but the latest versions look great to me.

But for now, it appears that our systems are disturbingly open to attack and our data subject to breach. BYOD makes this worse by taking it all outside the control of IT. If I were rolling out mobility at a company I'd want to do it as slowly and carefully as possible.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
Can Cloud Revolutionize Business and Software Architecture?
Joao-Pierre S. Ruth, Senior Writer,  1/15/2021
Slideshows
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
News
How CDOs Can Build Insight-Driven Organizations
Jessica Davis, Senior Editor, Enterprise Apps,  1/15/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Slideshows
Flash Poll