Six BYOD Questions Users Should Ask IT Recently, I had an email conversation with Brian Tokuyoshi, senior product marketing manager for Palo Alto Networks, about BYOD security in general and about the challenges of using a multi-layered security approach in specific. BYOD security is a much-discussed topic, but I also believe it is a constantly […]
Six BYOD Questions Users Should Ask IT
Recently, I had an email conversation with Brian Tokuyoshi, senior product marketing manager for Palo Alto Networks, about BYOD security in general and about the challenges of using a multi-layered security approach in specific.
BYOD security is a much-discussed topic, but I also believe it is a constantly evolving issue. Regularly, new technologies enter the market that access the company network or store corporate data. Operating systems are regularly upgraded. Even the number of devices used for business purposes is constantly in flux.
So it isn’t surprising that Tokuyoshi said the hallmark of a good BYOD security plan is its flexibility:
Any solution that requires all-or-nothing approach to either what the business needs or what the user wants is doomed to fail. Neither is likely to deliver a BYOD policy that everyone can live with. You’re either telling everyone what they can do with their own personal mobile device (great for the company’s needs, but not great for the employee) or you’re letting the employee do whatever they want with company applications and data (great for the employee’s freedom of choice, but not good for the company’s ability to control risk). The challenge comes from deciding just how to balance the scale between security and employee freedom on a device the company doesn’t own.
This balance may be found by providing choices for BYOD participation, but, Tokuyoshi pointed out, these choices have to present a fair exchange.
At one end of the spectrum, yes I can understand why I can’t access an application if the company doesn’t know how safe my device is. So in order to participate and get greater access, I have to accept that I need to accept the security the organization needs. Employees, when presented with a fair choice, feel empowered to get the access they want rather than prevented from doing their job. I believe a lot of BYOD programs fail on this point. Companies that try to force their will upon the user end up with unhappy users that still have unmet needs—they still want to use mobile devices, and they’ll often find very creative ways to do it.
Tokuyoshi added that some of the biggest challenges that organizations face with security involve applying granular security using contextual information about specific applications, users, content and devices. This can be tough to do because many of the security products on the market and in the network don’t speak this language. For example, policy engines can’t make a decision on criteria they can’t evaluate.
In a future post, I will continue my coverage of the conversation with Tokuyoshi and discuss his opinions on the need for and challenges involved with developing the multi-layered approach to BYOD security.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
