There has always been tension between what end users would ideally like to do and what the internal IT organization feels comfortable supporting that goes all the way back to when the first PCs started showing up in the enterprise.
Now, that same basic argument is taking place concerning mobile computing devices that people want to use to access corporate applications. From the vantage of the average employee, these devices are increasingly becoming the tools they use to manage their lives, so using them to access work-related information only make sense. After all, the devices help them balance their work and personal lives, which really can't happen unless they can see everything that is happening via one "personal management" console.
Given this new reality, Sujai Hajela, vice president and general manager for Cisco's Wireless Networking Business unit, says it's time for IT organizations to make the necessary mental and technology adjustments required to allow employees to securely bring their own devices to work. The Bring Your Own Technology (BYOT) debate, says Hajela, should no longer be about how to secure these devices. That technology, in the form of Cisco's Identity Services Engine, already exists. IT organizations need to realize that they can dynamically apply security policies to any device that attaches to their network. As a result, there's no need to ban devices from the network. Instead, IT organizations just need to figure out how to put the tools and processes in place to secure the environment.
Granted, that will require a level of investment in new security technologies that some organizations may resent having to make. But as Hajela points out, end users now not only have expectations about what kind of information they should be able to access, they also have definite opinions about how seamlessly that access should be provided both inside and outside the enterprise. At the same time, many companies see the BYOT phenomenon as a way to reduce costs by letting users bring their own devices to work versus having to pay to give employees corporate-sanctioned devices.
The real opportunity, says Hajela, is to deploy an end-to-end approach to security management that includes wireless networks and mobile computing, versus buying separate point products to manage BYOT that are usually accessing a wireless network that is an extension of the core enterprise network.
Whatever the approach, the days when IT organizations could ignore BYOT are rapidly coming to a close, which means they are going to have to find a way to give people access to the information they need in a way that does not compromise the security of the enterprise. Anything short of that is not going to be acceptable.