27 Comments

Summary:

The bring-your-own-device trend may cause as many problems as it solves, according to IBM CIO Jeanette Horan. BYOD, in which companies let (even encourage) employees to use personal smartphones or tablets to access company applications, boosts productivity. It also causes big IT headaches.

5556853286_09066cac50_z

The whole bring-your-own-device trend may cause as many problems as it solves, according to IBM CIO Jeanette Horan.

BYOD, in which companies let (even encourage) employees to use their personal smartphone or other tablet of choice for work, was driven largely by the popularity of Apple’s iPhone and iPad devices and embraced by companies that saw it as a way to boost productivity and mobility of their workers. But it turns out that the same proliferation of cloud-based services that lets users access applications and data via mobile devices both enables BYOD and causes companies to question its use.

That’s the risk Horan pointed out in a new Technology Review article. IBM, according to the story, provides Blackberrys for about 40,000 of its 400,000 workers while 80,000 more use their own smartphones or tablets to access IBM networks. And that’s where the trouble began.

IBM soon realized that it had no grasp of which apps and services employees were using on their personal devices and set forth guidelines of proper use. It banned, for example, the use of such popular services as Dropbox cloud-based storage. The well-justified fear was that employees would put IBM-sensitive information in their personal Dropbox accounts and forward internal email to public Web mail services, or use their smartphones as mobile Wi-Fi hotspots. All of these scenarios constitute a CIO’s nightmare, as GigaOM has reported.

Said Horan: “We found a tremendous lack of awareness as to what constitutes a risk, [so now] we’re trying to make people aware.” These BYOD risks are not really new. What’s interesting is that a big tech company like IBM got bitten by this bug.

According to the story, before IBM will allow an employee to access its networks with his or her device, it must make adjustments.

The IT department configures it so that its memory can be erased remotely if it is lost or stolen. The IT crew also disables public file-transfer programs like Apple’s iCloud; instead, employees use an IBM-hosted version called MyMobileHub. IBM even turns off Siri, the voice-activated personal assistant, on employees’ iPhones. The company worries that the spoken queries might be stored somewhere.

Here’s the problem: If IBM (or any other company) is going to strip these devices of the very things that attracted users to begin with, chances are, those devices will stop being used for work at all.  Who wins then?

Photo courtesy of Flickr user saebaryo

You’re subscribed! If you like, you can update your settings

  1. It’s possible to address security concerns and still implement BYOD. Whats needed is to separate the Enterprise apps and data from the personal devices. This can be achieved with a solution like Ericom’s AccessNow, a pure HTML5 RDP client that enables remote users to securely connect from various devices (including iPads, iPhones, Android devices and Chromebooks) to any RDP host, including Terminal Server (RDS Session Host), physical desktops or VDI virtual desktops  and run their applications and desktops in a browser. This keeps the organization’s applications and data separate from the employee’s personal device. All thats needed is a HTML5 browser. No plug-ins or anything else required on the user device.

    1. Keith Townsend ag4it Monday, May 21, 2012

      In general I’m not a fan of VDI/RDP as a solution for BYOD but I’m not naive enough to think that VDI/RDP doesn’t have a huge place in any solution today. I have to take a look at this as when you talk about SSL based solutions the ability to create RDP sessions from non-Windows devices becomes a big issue. This product looks to solve that problem.

      Thanks for the recommendation.

  2. David Bressler Monday, May 21, 2012

    Your last paragraph is so glaringly obvious, I can’t believe I’ve never read it before. Brilliant articulation of exactly the point.

  3. If my employer were to pretend that he has control over *my* gear, he’d have to buy it for me…he doesn’t even have a username, much less admin password, on my laptop, nor access to my iPhone nor iPad…if he wants control, he gets to pay for the gear…company used to pay for my laptop and my phone, and back then I had no problem with them controlling it…but when I started BYODing…control moves over to my side.

    1. I don’t think they care about controlling your device. They care about controlling access to their network, including all the security that’s associated with that access.

  4. Why can’t manufacturers and carriers make it possible to have 2 separate accounts on one handset? I run into this issue all the time. I’m a student, employee, entrepreneur and a social person. These handhelds are amazing for entertainment but they are equally as great for work tools, until my pictures and docs get mixed up.. But I refuse to carry 2 iPhones. Give me at least 2 wireless accounts on one phone.

  5. Are there two flavors of BYOD going on?

    I have heard that some companies give employees a sum of money to be used towards purchasing a device that the employee “owns”. In that situation, then there might be something in the agreement that says IT can limit the functionality etc?

    If it’s a device that is owned by the employee, that they bring in and connect to the company’s network, then I doubt if the vast majority of users would be happy for IT to limit functionality, etc.

    In the pure BYOD scenario, how the device is used on the network and what type of data can be stored on the device to minimise data leakage will be huge issues for companies.

    The Ericom product looks like an interesting approach though.

  6. John Harrington, Jr. Monday, May 21, 2012

    BYOD is by no means an undertaking that goes without adequate preparation. Each business has a different makeup of employees, using different devices for different purposes. Here’s a good starting point for those looking for guidance: http://bit.ly/MoxLG1

    P.S., was your ‘a aapl’ reference from Dennis the Menace? “Whatcha eatin’ there sport?”

    1. sorry about the a aapl thing. it was actually supposed to be coding of the apple stock ticker but i typed wrong. fixed now.

  7. Sharona Meushar Monday, May 21, 2012

    Companies must realize that this is not a passing trend and be pro-active about accommodating employees devices. With the main concern being security, a company like Cellrox offers a multi-persona solution for BYOD where the personal and enterprise personas are separate.

  8. Michael W. Perry Monday, May 21, 2012

    My sympathies going out to IBM employees deprived of Dropbox. It’s a service I can’t see myself without.

    The developers at Dropbox are clever. They could market a product that’d let companies such as IBM set up an in-house version of Dropbox. It’d be maintained by corporations and run on their servers under their policies, giving them the security they need. DropBox would provide the upgrades and product support. It’s be a win-win for everyone involved.

    1. Michael, as an ex IBM employee, and a current Dell employee, I can’t see what an “internal” only dropbox would do that would be different from existing internal offerings. The point is to share information easily between employees, partners and customers, dropbox is great in so much as it has both free service, easy registration and a wide range of client support.

      Employees should remember that there employer is REQUIRED to keep certain legal records about what they do, say and access and this must be tracked. There are two ways you can remind them of this responsibility, one completely block and forbid accessing them, this is a pointless, finger in the dam approach; the other is to have an ongoing education program where from time to time there are these big visable reminders…

  9. Duane Toler Monday, May 21, 2012

    “The more you tighten your grip, the more star systems will slip through your fingers”. This is the wrong response to this situation. You can’t control every behavior of every employee. You have to cut out and replace the employee’s brain every time they cross the campus threshold to be completely certain all information is safe and secure. Better yet, just don’t hire people and use robots. Of course, those can be intercepted and dissected.

    Employees will just revolt again and not connect their device and leave it detached and in their pocket. Yay for unhappy workers. Again.

  10. and this is why I end up carrying a blackberry (from work) and an iphone (personal) with me. My company has similar policies for using personal devices, and I’m just not willing to give them the ability to control what goes on a device that I pay for.

    As an added bonus to this though, is that I generally don’t carry the blackberry on weekends, psychologically freeing me from the compulsion to continually check work email (read: work) during hours for which I’m not actually getting paid.

Comments have been disabled for this post