Bring Your Own Anxiety (or: BYOD’s not as bad as some articles make it seem, plus some BYOD advice)
Recently, while sitting in the Air Canada lounge and waiting for my flight, one of the stories on the cover of Backbone magazine caught my attention. Although the actual title of the article within the magazine was The BYOD Trend Has its Pros and Cons, the cover said BYOD: You Have No Choice Anyway…
That’s rather fatalistic, I thought.
Since then, I’ve seen a number of articles on BYOD that have the same vibe as the cover of Backbone. Looking at these titles, you’d think that BYOD was the great disaster that the Mayans were talking about:
- ZDNet: The Hidden Danger to Companies with BYOD
- eWeek: BYOD, Social Media Among Top Security Threats of 2013
- eWeek: Cloud-Based Apps, BYOD Pose Security Threat to Businesses
- CenterBeam: With Lax Security, Breaches Waiting to Happen in BYOD
- CMSWire: BYOD Inviting Hackers from All Sides, Will Get Worse as More Devices Connect to the Cloud
- Business Insider: BYOD is the Bane of Corporate Information Security
- Computer Business Review: Are Companies Who Embrace BYOD Heading for a Fall?
For the most part, these titles are alarmist linkbait. It’s a click-driven economy out there on the web, and BYOD is a hot topic. Couple it with the fear and uncertainty that tech decision-makers and IT departments are feeling now that employees are clamoring to bring their personal mobiel devices and use them at work, and you’ve got a simple formula for pageviews.
Look past the sensational headlines, and you’ll find that these articles have at least some solid, sane and sound facts and advice for organizations looking to implement a BYOD policy. If BYOD is making you anxious, consider these bits of information, culled from BYOD articles with scary titles:
- BYOD isn’t new: like cloud computing, it’s been around for some time. From personal PCs and laptops to media devices and USB keys, people have been bringing their own devices to the office since those devices have existed. It’s just that these days, BYOD is a catchy term and a hot topic. (from Are Companies Who Embrace BYOD Heading for a Fall?)
- The most common cause of breaches were not from hacking or malware, but from loss or theft of devices and employee errors. This comes from a recent report by the Health Information Trust Alliance (HITRUST), who report that only 8% of breaches were causes by hacking or malware. (from With Lax Security, Breaches Waiting to Happen in BYOD)
- BYOD is an opportunity to review your organization’s security policies. Many security policies were written before the smartphone/tablet boom and don’t account for those devices. The ideas behind many security policies are still sound; it’s likely that yours may simply need to be adjusted rather than rewritten from scratch. (from Are Companies Who Embrace BYOD Heading for a Fall?)
- “Companies with BYOD programs should regularly sit down with workers using their own gear and discuss what they are using and why. Find out what apps are being used on each platform and how they are being leveraged to best get the work done. This should be done on a public basis so the information is shared with the workforce as well as with the IT folk keeping track of it all.” (from The Hidden Danger to Companies with BYOD)
- In the end, it’s not so much about mobile devices as it is about available-anywhere, anytime data. This was brought up at the recent Dell World conference, and it’s a big-picture view. After all, mobile devices are simply end points for data that are being added to desktop computers, laptops, and the web. If you take this view, BYOD is no longer just an issue about locking up mobile devices, but securing the data and the infrastructure that provides it: the data center at one end, the applications on the other, and in between, the network (which is what our friends at BlueCat Networks have been talking about for some time now). (from Are Companies Who Embrace BYOD Heading for a Fall?)