The Consumerism of IT
Will the consumerization of IT be the final nail in the internal IT support desk?
While far from a laggard, I'm not usually the earliest of early adopters when it comes to new technology. A close pal, though, is always the first among our friends to be toting the newest smartphone, tablet computer or other envy-inducing gadget.
When the iPad arrived only three months ago, my friend was all over that one, too. Within days of availability, having pre-ordered well in advance, he had it before anyone. Before long, he took it to work him. Naturally, being a programmer of Web-based applications, it occurred to him that he could perform tests and do other work from the handy tablet computer. He thought it'd be great to be able to check on projects, make fixes and update team members wherever he went. After all, he'd already been doing that on his corporate laptop in moments of necessity when out of the "traditional" office.
Herein lies the dilemma: This wasn't an option for his company. In fact, it was forbidden under old network security policies that didn't account for the proliferation of mobile devices capable of connecting to the corporate network, outside of the now-ubiquitous laptop (or netbook). Everything else, be it a smartphone or tablet, wasn't on the list.
For one, the security policies were written before so many workers were toiling outside of the office. The other reason: There are so many kinds of devices running so many different operating systems, with varying ways of implementing security measures, that knowing how to manage them all seems an impossible task. The company was essentially hiding behind an out-of-date policy as a way to avoid problems with what Mike Vizard calls the "consumerization" of IT. To keep corporate data safe, access simply wasn't allowed on equipment not managed by the company IT department. Unfortunately, this out-of-date and overly restrictive policy didn't reflect reality: Workers are using more and more of these devices in the workplace, and, increasingly, they are paying for mobile tools themselves.
While Vizard makes a different point about consumerization's potential to lessen the need for internal IT support, I do see a middle ground between "users rebelling against the status quo and IT organizations that are ultimately responsible for protecting corporate data." This middle ground can be reached through the use of security policies that address broad mobile use. In addition, technology is being developed to fill the security gaps created by the "borderless" network, so the relationship between IT and mobile device users may quickly become less adversarial as policy and security strategies evolve.
My friend wasn't about to try to connect his iPad to the company network, whether technically possible or not. He knew it simply wasn't allowed, and he's no rebel. If he'd had a way to access the company network that didn't put it -- and his job -- at risk, he would have done so. Mobile devices like the iPad have great potential as business tools, but security and usage policies have to keep pace for this potential to be realized.