BYOD Proponents Must Confront Security, Privacy Concerns

Carl Weinschenk
Slide Show

BYOD: User Policy Considerations

Questions and key points companies should consider when establishing BYOD policies.

The biggest trend in the IT world right now is the bring-your-own-device (BYOD) approach in which employees use their own mobile device at work. It can be a win/win: The organization saves on capex and the employee doesn't have to carry around an extra phone or tablet.

There are a host of issues associated with BYOD, however. Front and center are those centered on management of the device: What happens if the phone or tablet goes missing? What happens when the employee and the employer part ways?

Security and privacy are made more complex by BYOD. And, as usual, small- and medium-size businesses (SMBs) are scrambling to keep up with their enterprise counterparts. InformationWeek's Kevin Casey offers SMBs four pieces of advice on dealing with BYOD security issues. The steps are to create strong policies, educate employees and segregate personal from corporate data. The fourth point is a bit murky as it related to BYOD, but it seems to be that great care should be taken when using one device both for social media and work.

This is not a theoretical exercise. A survey by Decisive Analysis of 440 CEOs and IT executives revealed that 78 allow BYOD. "Nearly all" of them, according to the IT World Canada story on the survey, require security software on the devices. Almost half, however, experienced breaches. These were followed by protocol changes. Forty-five percent restricted data access. An earlier Check Point survey also revealed dangers in untended implementation of BYOD.

Of course, such a challenge provides a tremendous opportunity for vendors. Bitzer Mobile today introduced the Bitzer Mobile Access Accelerator (BMAX), which, the press release says, uses an AppTunnel to extend the corporate intranet to mobile users. A version of the product, BMAX-SA, is available for companies that use smart cards and digital certificates.

McAfee also is in on the act. At the Mobile World Congress in Barcelona last week, the company released version 10 of its Enterprise Mobility Management (EMM) platform. SC Magazine noted how the update addresses BYOD:

McAfee said that the EMM software allows enterprises to offer their employees mobile device choice while delivering secure and easy access to mobile corporate applications. New features and functionality also include sandboxing for email on iOS, blocking of iCloud backup and application blacklisting for Android and iOS.

The story adds that a version that upgrades BYOD protection for Android will become available next month.

A third product, MaaS360, is a mobile device management platform designed to keep corporate and personal information separate. Available from Fiberlink, it is a software-as-a-service (SaaS) platform that the company says protects both the company - which for legal reasons doesn't want access to employee data - and the firm's data.

It is clear that security and privacy are key challenges to the burgeoning BYOD trend. If the issue is handled by Bitzer, McAfee, Fiberlink and the other vendors rushing to create a security and privacy infrastructure, these platforms will thrive. If suitable answers aren't found, BYOD will peak and fall back. The smart money? It's on the vendors.

Add Comment      Leave a comment on this blog post
Apr 3, 2012 7:40 AM Chris Halcon Chris Halcon  says:

On the SMB front, I'd add that small businesses need to not only develop strong security policies around the use of mobile devices that are connected to your networks, but also enforce them.  It is important to enforce policies related to acceptable use, screen lock, passwords, and application downloads for all users. Also consider implementing policies around reporting the loss or theft of a mobile device.

Chris Halcon



Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.