Whisper it. The techies have lost control. Partially at least. The rise of the smartphone, slate/tablet/whatever you want to call it, means that more and more unqualified devices are creeping onto the corporate network. In our recent broadcast, Many Devices, One Policy, Tim Phillips, Andy Buss and Sasi Myrthy explored how this …
It's Bring Your Own DRINKS !!!
While I believe the whole BYOD thing is really risky & expensive I also think it is the next step in developing a worldwide standard for devices.
Right now everyone has loyalties to certain companies or devices & BYOD is a step towards making that go away.
I would prefer the idea of a Star Trek style world where all devices & data were truly interchangable & just worked.
I know that day is a LOOOOONG way off but maybe making techies get standards established will help get us there.
If you want to control it, surely VLANs are your friend.
Registered devices connect to internal VLAN.
Unregistered devices connect to "external" VLAN, and are thereby treated the same way as the rest of the internet. If you have VPN etc. arrangements for working from home, exactly the same procedure will then work with the home computer brought into the office.
Yep. Same here. It's mad. We have secretaries wanting iPhones, HR execs iPads? Don't they work? Don't they at least want to maintain the illusion of work?
Access is not the problem. The problem is too much access.
For instance, you connect to your VLAN, and you want to access files. Now we have issues with viruses (if I break your phone you'll sue me, if you break my network I'll kill you), data protection, data retention, etc. etc.
But because you *DON'T* control those external devices there's no way to say that you're legally in charge of them (even if the users "agree", you're still failing in your duty as a data retainer, and CANNOT make the employee submit those devices to your whims without a lot more hassle - e.g. "we need to show a court that file you deleted from the network last week shortly after copying it to your phone"). You have no right to enter, seize or otherwise control a user device EVEN IF they did give you permission once. And it would be your fault if something goes wrong and gets out (because someone's phone is nicked, say, and sensitive pages are recovered from the browser history of an insecure browser that THE USER chose because you did not lock down what apps they can use) because your policy, despite forbidding the action, will be pretty much blamed because it allowed it to happen anyway.
Yes, there are workarounds but everything BYOD creates extra hassle in this area. You can VLAN everything off, open up only external access to verified users over secure connections with certified-clean devices, push everything through a centrally-controlled and logged web-based interface with zero permissions. But they can still run off with data that you, as a company, can be required to provide by law and/or not allow distribution of. And do so accidentally, automatically, and unrecoverably.
We're not seeing a lot of BYOD what we are seeing is Buy Me A Device. Staff getting bought a shiny new tablet device because of some "business need" and then expecting to use that as a personal device to connect to facebook, play angry birds, show off to their friends etc.
That stuff is what most corporate PC's are used for anyway. Why not make it mobile.
That's exactly what's going on.
More expensive in the long run, less secure, and a world of pain. Bring your own disaster.
Whatever you do with them you have to treat them with the assumption that they are already compromised which means the growth area will be in networking kit. As suddenly businesses network architecture will need to look like an ISP. They've been letting people bring their own device to their network for, mmm - pretty much forever.
I suspect that the BYOD trend will probably be offset eventually by the trend towards putting everything in the Cloud - OS, apps, data - so that YOD becomes little more than a dumb terminal into the system.
Since IT's going to be decimated by the move to the Cloud, the BYOD headaches may be replaced by other, FMAJ* problems.
* Find Me Another Job
Dear El Reg
Please stop it. I don't know who is paying you for this constant barrage of posts but have some decency and say no. It's not happening except in the narrow sense described by Nigel 11. Few people have these privileges.
This isn't a question of being nice to the employees, its about not further eroding the ability of a company to comply with the law. Making it easy for people to copy corporate and personal data on to private devices is not going to happen and it seems a bit reckless of this organ to promote that expectation.
Sure most employees will not actively arrange to breach their obligations as employees. But then most hacks are the result of people on the inside doing things, probably unwittingly, which supports hacking. And that this on top of the personal data already left lying around on laptops and the like for which companies are liable. Can you imagine the volume of personal data that would be exposed if private devices were attached to corporate service with even a degree of trust?