back to article BYOD is a PITA: Employee devices cost firms £61 a month

Companies are paying £61 a month for every device their workers bring into the office, but less than half of IT departments have any say in mobile strategy these days. The numbers come from biz Wi-Fi flogger iPass, which discovered that only 48 per cent of IT departments are still in control of the spending on mobile devices, …

COMMENTS

This topic is closed for new posts.

Page:

FAIL

Pay for my own device, and have them lock it down???

I have steadfastly refused to connect my personal mobile devices to work's network, despite internal websites imploring me to do it with pictures of happy, busy people rushing about being amazingly productive and on the move. Why? Well, it is my device, right? So why then do I have my device eviscerated functionally, apps disabled, more security and tracking tools than I cam imagine and having to sign up to conditions of use that effectively mean I am not in control of anything to do with my device. All I'd manage to do is turn my personal device into a useless corporate brick that only functions in a corporate context... but I would be more productive. I guess...

41
5

Re: Pay for my own device, and have them lock it down?? - Quite agree

Completely agree. Further, my device is my device with my personal phone numbers on, texts etc and I steadfastly refuse to mix my personal life with work.

Should for example my phone be confiscated by work as part of a disciplinary investigation for example they could have access to everything on it.

I've not particularly got anything to hide but I still don't want them knowing about my personal life thank you very much...

20
0
Anonymous Coward

Re: Pay for my own device, and have them lock it down???

Under neo-fascist capitalism, citizen, it is your duty to align your needs and desires with those of the corporation.

9
2

This post has been deleted by a moderator

Re: Pay for my own device, and have them lock it down?? - Quite agree

They try to 'confiscate' my stuff, I'll 'confiscate' their teeth.

3
2
Silver badge
Go

Re: Pay for my own device, and have them lock it down???

Fine for your device, one that you bought with your own money. I'm with you - I wouldn't connect something I'd bought to the company network (I trust my security more that the IT department).

But much of "byod" is in fact the company paying for the free choice of the staff member. Most byod schemes I've seen grant the employee a "budget" to pay for their choice of hardware. Where the company owns the asset, they should have the right to control it any way they like.

I take my personal device to work. I use my device for everything that isn't work related - like reading and commenting on El Reg. That way I can't be mis-represented as the company :)

9
1
Silver badge

Re: Pay for my own device, and have them lock it down???

I'd happily have BYOD if it meant I could bring a Linux box to work

Do you need a linux box in McDonalds these days?

20
9
Facepalm

Re: Pay for my own device, and have them lock it down???

Unfortunately not everyone thinks like you. Many employees (many senior employees) see to think that BYOD is a way for them to play with their phones at work or somehow get hold of an iToy at someone elses expense.

They get a bit upset that the business might actually still want to protect itself and not just buy toys for execs to watch porn on.

BYOD is one of the worst phrases to have emerged from the puckered sphincters of suppliers.

5
2
WTF?

Re: Pay for my own device, and have them lock it down???

Its not rocket science, just a bit of give and take.

Security is not only important but often a legal requirement. In our IT dept we couldn't care less if the Queen brought her iPad in; shes not connecting anything to our network without security in place. The potential for data leaks from mobile devices is massive. Guess who's ass is on the line if data is leaked because of poor IT practices...

You want the convenience of using a devices you're familiar with? Fine, however we need to ensure it meets standards.

Don't want to use your own device? I doubt you're being forced to, quit moaning and use the provided device.

7
0
Silver badge
Trollface

Re: Pay for my own device, and have them lock it down???

"Well, it is my device, right? So why then do I have my device eviscerated functionally, apps disabled, more security and tracking tools than I cam imagine "

so you dont have an apple phone then :-)

6
0
Go

Re: Pay for my own device, and have them lock it down???

Agree, totally unacceptable. And imagine if the company wiped it.

Luckily, the likes of GOOD and Checkpoint (and more I am sure) will just control and lock down an app on the device rather than the whole device.

0
0
Silver badge

Re: Pay for my own device, and have them lock it down???

And this is the problem with BYOD.

If you want to use your device on my network then it should have the security software and settings that I stipulate. Otherwise we might as well forget security leave all the doors and windows open at night and write the company secrets on billboards in the street.

7
1

This post has been deleted by a moderator

Re: Pay for my own device, and have them lock it down?? - Quite agree

Given your network provider often has the same level of access as corporate IT has, I'd recommend you assume everything on your phone is non-private anyway.

2
0

Re: Pay for my own device, and have them lock it down???

That's how it works at my workplace, but then again, I'm a lone IT sysadmin... ;-)

0
0
Gold badge
Thumb Up

Re: Pay for my own device, and have them lock it down???

"Security is not only important but often a legal requirement. In our IT dept we couldn't care less if the Queen brought her iPad in; shes not connecting anything to our network without security in place. The potential for data leaks from mobile devices is massive. Guess who's ass is on the line if data is leaked because of poor IT practices...

You want the convenience of using a devices you're familiar with? Fine, however we need to ensure it meets standards."

Sadly I fear your employers policy is the exception rather than the rule.

But thumbs up as this should be the way all such devices are treated.

0
0
Silver badge
Unhappy

Re: Pay for my own device, and have them lock it down???

I think some of you are missing the hidden agenda here.

There are companies that are actively encouraging people to bring their own kit to work, almost to the point of browbeating them into it. Soon it'll be like some cheapskate industrial concerns where you are obliged to bring your own tools.

If this does happen in the IT world, you will be in the delightful position of being forced to buy something your employer effectively owns.

1
0
Silver badge
Boffin

Re: Pay for my own device, and have them lock it down???

BYOO (Bring Your Own OS) is something that is practiced in some companies. Consulting firms that don't have any OS dependencies with corporate crapware shat out with VB6 means that we don't really care about the OS, as long as productive work is being made.

In our case, most stuff is either spec documents, reports, and such (PDF) or Java apps. Both of these can be made with any OS. Therefore, I use OSX & Linux, and others use Linux. There's the odd Windows user, but even then it is actually Windows under a VM running on Linux, or a dual-boot lappy. Oh, good times...

0
2
Silver badge
Thumb Down

Re: Pay for my own device, and have them lock it down???

" I would agree with that. However I'd happily have BYOD if it meant I could bring a Linux box to work"

How does such a Linux genius work in a place where he isn't able to build his work computers as he wishes?

1
1
Silver badge
Facepalm

Re: Pay for my own device, and have them lock it down??? @Will Godfrey

There's another article out there that mentions this. It even jokes that BYOD will eventually mean BUY your own device. And I agree.

The iTard mobs getting their company to let them use their iShiny stuff are going to inflict suffering on those who don't have the $$$ to buy expensive smartphones but will be forced by their employer to buy one, as they need it for work but the IT budget is no longer covering that, thanks to BYOD.

0
0
Mushroom

I'm unsurprised

Staff purchase equipment that actually meets their needs and it costs more than the old tat corporate IT departments dumped on them, when ten years ago, it was five years out of date. Whodathunkit?

2
7
Silver badge

Re: I'm unsurprised

"Staff purchase equipment that actually meets their needs"

In what respect?

Personal? That's fine,if you only use your own equipment for personal use, then of course you should be allowed to do and use what you want, it's no concern of your employer.

If, on the other hand, you intend to use you own kit to do work which involves your employer's data, time and other resources such as broadband charges, then you must be able to demonstrate that what you are doing is safe and under the control of your company. After all, it is their money you are spending. And if that means that the IT department sets standards that must be met, then so be it. Or would you really like to assume the entire responsibility, i.e. the cost of when something goes wrong, like data accidentally deleted or that vital piece of future planning that's stolen along with your tablet and the putting it right.

I always used to tell managers, when they complained about the cost of a visit from Desktop Support, to look on it as an insurance policy. "If you get something wrong and we have to fix it, then you'll pick up the entire bill, if we make a mistake and it has to be fixed then we pay, not you."

So decide, do you want that responsibility?

If I had to make the decision of whether to allow BYOD into a company I was running, I would first have to be assured that the costs to the company did not outweigh the increase in productivity and that includes risks to the integrity of the company's data and infrastructure, increased support costs and so on.

6
0

Re: I'm unsurprised

I work for a large multi-national co, the problem I have with the supplied kit is that it's been bought in bulk as a one-siz-fits-all solution.

I'm a pretty mobile worker, traveling a lot so my heavy ass laptop with shitty battery is a major pain in the back.. and shoulders.

Any my piece of crap blackberry is just so old it's a joke. (and they've locked out tethering, so i end up spending £40 per month on hotel/train/airport wifi what i really dont need)

BYOD is one way to solve this, having a user focussed IT strategy would be better.

Also for our company, running google mail and web accessible intranet byod should be a lot easier to impliment. We still need access to one drive via vpn.. but I assime that'll move to a google drive -type-system at some point.

1
3
Silver badge

Re: I'm unsurprised

"Also for our company, running google mail and web accessible intranet byod should be a lot easier to impliment. We still need access to one drive via vpn.. but I assime that'll move to a google drive -type-system at some point."

I remember a joke in BOFH about this.

4
0
Anonymous Coward

Re: I'm unsurprised

It sounds like your company have it right. Our blackberry/iphone policy is directed from another department and didn't lock down tethering. Enter from stage left one manager with his personal ipad tethered to his company blackberry, in Australia, with several hundred photos uploading to the icloud plus an update to iOS, at £8 per mb.

Who should pay his £10k phone bill?

AC because obvious.

7
0
Silver badge

Re: I'm unsurprised (AListair 6)

Maybe your company doesn't want all their data to be read by Google. Maybe they don't want all their data to be stored in the USA where it will be subject to the Patriot Act. Maybe your company doesn't want to break the Data Protection Act by storing all their data in a country with lower data protection safeguards than the EU.

Maybe your company IT people understand their jobs and don't just assume that the latest shiny from Google must be good like you do.

6
0
Anonymous Coward

The security of my "employer's data"?

I work for a big EU-owned multinational, and our IT department lost any respect I had for their regard for data security when six months ago they moved our entire corporate email to Outlook 365. Given our EU government contracts, we now have the lawyers involved, trying to figure out if the decision violated EU law (storing EU government communication on US-controlled servers), as well as being a really dumb technical decision.

3
0
Thumb Down

"PCs eventually came under the sysadmin's thumb, so it might be safe to assume that mobile devices will eventually succumb in the same way".

***Dream on***

1
5
Silver badge

If you must have BYOD

You need to implement VDI. Users connect to a public wireless network and then VPN (securely!) to their desktop - all they need is a device that can run an appropriate thin client.

Advantages:

(a) No need to secure your internal network against people plugging in malware-infected rubbish.

(b) No support issues: "You see that big black thing on your desk? That's a PC we've provided. Use that."

(c) Will work just as well from a phone data network or an Internet cafe.

Disadvantages:

(d) Probably won't work if your job is CAD design for an aircraft wing. But then you probably can't run that on your iPad, either.

(e) VDI up front costs may be higher than a straight PC. But total cost of ownership is nearly always lower - and most organisations will find it a satisfactory solution for the great majority of their users.

5
2
Anonymous Coward

Re: If you must have BYOD

Further disadvantage of VDI is no access when offline or in an intermittent or crappy signal area. Many people's definition of work on the move** is email and file access or possible use of web apps (submitting or tracking orders etc) which will still be usable in such scenarios. I have to agree that the inherent separation that VDI delivers is the sort of thing BYODers should be looking to - which takes us to Mobile Application Management...

** And Angry Birds or Bridge Builder or whatever is popular right now.

0
0
Silver badge

Re: If you must have BYOD

I'm a bit confused. If you don't have Internet access, then you can't do much (except play Angry Birds), whether using VDI or not. If you're thinking of working offline on a spreadsheet (say), then VDI can allow you to download files for offline use, subject to constraints on the confidentiality level of the file(s) concerned.

1
1
Anonymous Coward

Re: If you must have BYOD

"then VDI can allow you to download files for offline use"

In which case VDI is (amongst other things) being used as a file transfer mechanism and you're back in the realms of data classification and control and data exiting the organisation (a la dropbox). VDI in its intended form of course keeps the data within the network.

I think we'd agree that fundamentally it's all about the data, the container that said data resides in and how much control and authority the organisation in question has over that container. That container could be a server (VDI), an encrypted software container on a consumer device (Good Technology) or the consumer device itself in which case be prepared to have it degaussed and thrown in a pot of molten lead (or remote wiped at least).

1
0
Silver badge

Re: If you must have BYOD

I think we do agree, which is why I put in the line about 'depending on the confidentiality of the data'. Unless you work for MI5 or the military, I can't see much wrong with downloading your timesheet to work with offline, whether the mechanism used is VDI or Dropbox. The important thing is to have the granularity to block the sensitive stuff (and the classification system to know what's sensitive and what isn't) while enabling people to get on with their job - not all solutions provide such granularity, of course.

1
1
Anonymous Coward

Re: If you must have BYOD

>> I can't see much wrong with downloading your timesheet to work with offline, whether the mechanism used is VDI or Dropbox.

Yes - because nothing inappropriate ever got downloaded, then copied to a USB stick and left on a train...

0
0

This post has been deleted by a moderator

Silver badge

@Eadon (was: Re: BYOD is a way of avoiding lockin)

No. Just no. You are very confused.

13
2

This post has been deleted by a moderator

Silver badge

My pleasure. (was: Re: @Eadon (was: BYOD is a way of avoiding lockin))

See just below this post :-)

0
0
FAIL

Re: BYOD is a way of avoiding lockin

Where is the failure in your analysis? All the way through, but we'll start with the base assumption:

BYOD will force enterprises to move to linux.

No, just no. The entire IT infrastructure doesn't change because you brought in a BYOD policy, unless you have a competely incompetent person writing the policy. The policy will, like as not, be based on the idea that you *can* BYOD, but only if it is compatible with the existing infrastructure.

We can then move on to the assertion that linux allows you to use less physical boxes. Which may, theoretically, be true, but enterprise level systems and infrastructure work on redundancy - the number of boxes is rarely due to total system load and far more to do with ensuring continuous uptime.

In short, you're living in cloud cuckoo land.

7
1

Re: BYOD is a way of avoiding lockin

Cloud + Data Protection Act = No worky

This is one of the places where the consumer world and the business world just don't work on the same rules.

Yes it's convenient and free for you to shift your personal files into the Cloud so you can get them where you need it. No it's not ok for you to shift you business files with customer data into a Cloud with data-centres outside the EEA and a Safe-Harbour agreement isn't a get out of jail free card.

3
0

This post has been deleted by a moderator

FAIL

@Eadon Re: BYOD is a way of avoiding lockin

That is possibly the worst straw-man argument i've ever seen.

1 linux box does the same work as 3 windows boxes. That's nice, any particular application we're talking about here? Those numbers are frankly pulled straight out of your arse and then arbitrarily doubled to make linux sound even better.

Redundancy doesn't simply mean have two of everything, it means reduce the likelihood of single point of failure. If systems are running on 3 different windows servers, there will be a damn good reason, usually related to that self same single point of failure argument.

In some cases we run systems across a dozen servers in multiple locations, as delays in financial transactions have a tendency to cost us money - we run enough redundancy to ensure that it's as unlikely as possible that we get a complete failure, switching to linux wouldn't change that outlook.

4
0

This post has been deleted by a moderator

Silver badge
Boffin

Re: @Eadon BYOD is a way of avoiding lockin

"1 linux box does the same work as 3 windows boxes. That's nice, any particular application we're talking about here?"

Actually, I wouldn't go that far, but I do have a particular case in mind:

2 Solaris boxes - 200k users.

11 Windows boxes - 2000 users.

The service is LDAP (on Solaris) vs. fugly Active Directory.

There are linux boxen that equally have 2 or 4 box configurations and still curbstomp the Windows boxen in performance and redundancy. Also, AD sucks even with small loads (~2k entries), while true LDAP solutions running on Solaris, AIX or Linux can handle millions of entries...

2
0
Silver badge

Re: BYOD is a way of avoiding lockin

> Of course existing Linux admins are already the gods of the sys admin world.

Have you started up the church of Saint Linus yet?

0
0
FAIL

Re: @Eadon BYOD is a way of avoiding lockin

That's some tasty FUD you're serving up there, Microsoft themselves would be proud.

If you're struggling to support 2000 users with 11 Active Directory Domain Controllers, you're clearly doing something very badly wrong, in terms of planning, scaling, or implementation. Just saying. This is before pointing out that an Active Directory server makes use of LDAP - it is not 'just' an LDAP server. You neglect to mention what use the Solaris infrastructure was put to; an AD infrastructure may well have its schema extended to support other applications, such as Exchange and Lync.

We have several domain controllers, but they're there for redundancy and bandwidth preservation, across several sites, not because they struggle to cope with user volume. Two LDAP servers implies a maximum of two sites, so your comparison is simplistic at best, disingenuous at worst. Finally, 200k users sounds really good, until you ask how many requests each user makes, how often? 1 request a day? 1 a second? There's a light year of difference without the details.

0
0
Silver badge

Problem with article.

Personal Computers (Pre-IBM PC through Compaq's clone BIOS and into the i386SX era) didn't really have connectivity. At all. Unless you understood the Hayes command-set and had access to a BBS or Fido node, or could dial into a Uni that offered Usenet, that is.

The modern kit comes with connectivity pre-loaded. Connectivity that is out of the control of anyone other than the user of the device, who is probably completely clueless about security.

Unless you're willing to actually teach all employees allowed to BTOD how to become a real-life, honest-to-gawd/ess sysadmin, allowing BYOD translates to "Break Your Own Defenses".

But please, carry on all. I made ~US$45,000 last month, cleaning up after this madness :-)

5
1
Mushroom

Naff off

I don't want my device managed thankyouverymuch

0
1
Anonymous Coward

Re: Naff off

Don't use it for work then.

1
0

This post has been deleted by a moderator

Page:

This topic is closed for new posts.

Forums