back to article BYOD is a PITA: Employee devices cost firms £61 a month

Companies are paying £61 a month for every device their workers bring into the office, but less than half of IT departments have any say in mobile strategy these days. The numbers come from biz Wi-Fi flogger iPass, which discovered that only 48 per cent of IT departments are still in control of the spending on mobile devices, …

COMMENTS

This topic is closed for new posts.
  1. pavsmith
    FAIL

    Pay for my own device, and have them lock it down???

    I have steadfastly refused to connect my personal mobile devices to work's network, despite internal websites imploring me to do it with pictures of happy, busy people rushing about being amazingly productive and on the move. Why? Well, it is my device, right? So why then do I have my device eviscerated functionally, apps disabled, more security and tracking tools than I cam imagine and having to sign up to conditions of use that effectively mean I am not in control of anything to do with my device. All I'd manage to do is turn my personal device into a useless corporate brick that only functions in a corporate context... but I would be more productive. I guess...

    1. Daniel Bower

      Re: Pay for my own device, and have them lock it down?? - Quite agree

      Completely agree. Further, my device is my device with my personal phone numbers on, texts etc and I steadfastly refuse to mix my personal life with work.

      Should for example my phone be confiscated by work as part of a disciplinary investigation for example they could have access to everything on it.

      I've not particularly got anything to hide but I still don't want them knowing about my personal life thank you very much...

      1. nexsphil

        Re: Pay for my own device, and have them lock it down?? - Quite agree

        They try to 'confiscate' my stuff, I'll 'confiscate' their teeth.

      2. Anonymous Coward
        Anonymous Coward

        Re: Pay for my own device, and have them lock it down?? - Quite agree

        Given your network provider often has the same level of access as corporate IT has, I'd recommend you assume everything on your phone is non-private anyway.

    2. Anonymous Coward
      Anonymous Coward

      Re: Pay for my own device, and have them lock it down???

      Under neo-fascist capitalism, citizen, it is your duty to align your needs and desires with those of the corporation.

    3. This post has been deleted by a moderator

      1. dogged

        Re: Pay for my own device, and have them lock it down???

        I'd happily have BYOD if it meant I could bring a Linux box to work

        Do you need a linux box in McDonalds these days?

        1. This post has been deleted by a moderator

      2. Anonymous Coward
        Anonymous Coward

        Re: Pay for my own device, and have them lock it down???

        That's how it works at my workplace, but then again, I'm a lone IT sysadmin... ;-)

      3. Daniel B.
        Boffin

        Re: Pay for my own device, and have them lock it down???

        BYOO (Bring Your Own OS) is something that is practiced in some companies. Consulting firms that don't have any OS dependencies with corporate crapware shat out with VB6 means that we don't really care about the OS, as long as productive work is being made.

        In our case, most stuff is either spec documents, reports, and such (PDF) or Java apps. Both of these can be made with any OS. Therefore, I use OSX & Linux, and others use Linux. There's the odd Windows user, but even then it is actually Windows under a VM running on Linux, or a dual-boot lappy. Oh, good times...

      4. Jamie Jones Silver badge
        Thumb Down

        Re: Pay for my own device, and have them lock it down???

        " I would agree with that. However I'd happily have BYOD if it meant I could bring a Linux box to work"

        How does such a Linux genius work in a place where he isn't able to build his work computers as he wishes?

    4. Velv Silver badge
      Go

      Re: Pay for my own device, and have them lock it down???

      Fine for your device, one that you bought with your own money. I'm with you - I wouldn't connect something I'd bought to the company network (I trust my security more that the IT department).

      But much of "byod" is in fact the company paying for the free choice of the staff member. Most byod schemes I've seen grant the employee a "budget" to pay for their choice of hardware. Where the company owns the asset, they should have the right to control it any way they like.

      I take my personal device to work. I use my device for everything that isn't work related - like reading and commenting on El Reg. That way I can't be mis-represented as the company :)

    5. 0laf Silver badge
      Facepalm

      Re: Pay for my own device, and have them lock it down???

      Unfortunately not everyone thinks like you. Many employees (many senior employees) see to think that BYOD is a way for them to play with their phones at work or somehow get hold of an iToy at someone elses expense.

      They get a bit upset that the business might actually still want to protect itself and not just buy toys for execs to watch porn on.

      BYOD is one of the worst phrases to have emerged from the puckered sphincters of suppliers.

    6. Dexy
      WTF?

      Re: Pay for my own device, and have them lock it down???

      Its not rocket science, just a bit of give and take.

      Security is not only important but often a legal requirement. In our IT dept we couldn't care less if the Queen brought her iPad in; shes not connecting anything to our network without security in place. The potential for data leaks from mobile devices is massive. Guess who's ass is on the line if data is leaked because of poor IT practices...

      You want the convenience of using a devices you're familiar with? Fine, however we need to ensure it meets standards.

      Don't want to use your own device? I doubt you're being forced to, quit moaning and use the provided device.

      1. John Smith 19 Gold badge
        Thumb Up

        Re: Pay for my own device, and have them lock it down???

        "Security is not only important but often a legal requirement. In our IT dept we couldn't care less if the Queen brought her iPad in; shes not connecting anything to our network without security in place. The potential for data leaks from mobile devices is massive. Guess who's ass is on the line if data is leaked because of poor IT practices...

        You want the convenience of using a devices you're familiar with? Fine, however we need to ensure it meets standards."

        Sadly I fear your employers policy is the exception rather than the rule.

        But thumbs up as this should be the way all such devices are treated.

        1. Will Godfrey Silver badge
          Unhappy

          Re: Pay for my own device, and have them lock it down???

          I think some of you are missing the hidden agenda here.

          There are companies that are actively encouraging people to bring their own kit to work, almost to the point of browbeating them into it. Soon it'll be like some cheapskate industrial concerns where you are obliged to bring your own tools.

          If this does happen in the IT world, you will be in the delightful position of being forced to buy something your employer effectively owns.

          1. Daniel B.
            Facepalm

            Re: Pay for my own device, and have them lock it down??? @Will Godfrey

            There's another article out there that mentions this. It even jokes that BYOD will eventually mean BUY your own device. And I agree.

            The iTard mobs getting their company to let them use their iShiny stuff are going to inflict suffering on those who don't have the $$$ to buy expensive smartphones but will be forced by their employer to buy one, as they need it for work but the IT budget is no longer covering that, thanks to BYOD.

    7. Naughtyhorse
      Trollface

      Re: Pay for my own device, and have them lock it down???

      "Well, it is my device, right? So why then do I have my device eviscerated functionally, apps disabled, more security and tracking tools than I cam imagine "

      so you dont have an apple phone then :-)

    8. dave 81
      Go

      Re: Pay for my own device, and have them lock it down???

      Agree, totally unacceptable. And imagine if the company wiped it.

      Luckily, the likes of GOOD and Checkpoint (and more I am sure) will just control and lock down an app on the device rather than the whole device.

    9. Irongut

      Re: Pay for my own device, and have them lock it down???

      And this is the problem with BYOD.

      If you want to use your device on my network then it should have the security software and settings that I stipulate. Otherwise we might as well forget security leave all the doors and windows open at night and write the company secrets on billboards in the street.

  2. Falanx
    Mushroom

    I'm unsurprised

    Staff purchase equipment that actually meets their needs and it costs more than the old tat corporate IT departments dumped on them, when ten years ago, it was five years out of date. Whodathunkit?

    1. nematoad Silver badge

      Re: I'm unsurprised

      "Staff purchase equipment that actually meets their needs"

      In what respect?

      Personal? That's fine,if you only use your own equipment for personal use, then of course you should be allowed to do and use what you want, it's no concern of your employer.

      If, on the other hand, you intend to use you own kit to do work which involves your employer's data, time and other resources such as broadband charges, then you must be able to demonstrate that what you are doing is safe and under the control of your company. After all, it is their money you are spending. And if that means that the IT department sets standards that must be met, then so be it. Or would you really like to assume the entire responsibility, i.e. the cost of when something goes wrong, like data accidentally deleted or that vital piece of future planning that's stolen along with your tablet and the putting it right.

      I always used to tell managers, when they complained about the cost of a visit from Desktop Support, to look on it as an insurance policy. "If you get something wrong and we have to fix it, then you'll pick up the entire bill, if we make a mistake and it has to be fixed then we pay, not you."

      So decide, do you want that responsibility?

      If I had to make the decision of whether to allow BYOD into a company I was running, I would first have to be assured that the costs to the company did not outweigh the increase in productivity and that includes risks to the integrity of the company's data and infrastructure, increased support costs and so on.

      1. AListair 6

        Re: I'm unsurprised

        I work for a large multi-national co, the problem I have with the supplied kit is that it's been bought in bulk as a one-siz-fits-all solution.

        I'm a pretty mobile worker, traveling a lot so my heavy ass laptop with shitty battery is a major pain in the back.. and shoulders.

        Any my piece of crap blackberry is just so old it's a joke. (and they've locked out tethering, so i end up spending £40 per month on hotel/train/airport wifi what i really dont need)

        BYOD is one way to solve this, having a user focussed IT strategy would be better.

        Also for our company, running google mail and web accessible intranet byod should be a lot easier to impliment. We still need access to one drive via vpn.. but I assime that'll move to a google drive -type-system at some point.

        1. James 51 Silver badge

          Re: I'm unsurprised

          "Also for our company, running google mail and web accessible intranet byod should be a lot easier to impliment. We still need access to one drive via vpn.. but I assime that'll move to a google drive -type-system at some point."

          I remember a joke in BOFH about this.

        2. Anonymous Coward
          Anonymous Coward

          Re: I'm unsurprised

          It sounds like your company have it right. Our blackberry/iphone policy is directed from another department and didn't lock down tethering. Enter from stage left one manager with his personal ipad tethered to his company blackberry, in Australia, with several hundred photos uploading to the icloud plus an update to iOS, at £8 per mb.

          Who should pay his £10k phone bill?

          AC because obvious.

        3. Irongut

          Re: I'm unsurprised (AListair 6)

          Maybe your company doesn't want all their data to be read by Google. Maybe they don't want all their data to be stored in the USA where it will be subject to the Patriot Act. Maybe your company doesn't want to break the Data Protection Act by storing all their data in a country with lower data protection safeguards than the EU.

          Maybe your company IT people understand their jobs and don't just assume that the latest shiny from Google must be good like you do.

      2. Anonymous Coward
        Anonymous Coward

        The security of my "employer's data"?

        I work for a big EU-owned multinational, and our IT department lost any respect I had for their regard for data security when six months ago they moved our entire corporate email to Outlook 365. Given our EU government contracts, we now have the lawyers involved, trying to figure out if the decision violated EU law (storing EU government communication on US-controlled servers), as well as being a really dumb technical decision.

  3. Anonymous Coward
    Thumb Down

    "PCs eventually came under the sysadmin's thumb, so it might be safe to assume that mobile devices will eventually succumb in the same way".

    ***Dream on***

  4. Chris Miller

    If you must have BYOD

    You need to implement VDI. Users connect to a public wireless network and then VPN (securely!) to their desktop - all they need is a device that can run an appropriate thin client.

    Advantages:

    (a) No need to secure your internal network against people plugging in malware-infected rubbish.

    (b) No support issues: "You see that big black thing on your desk? That's a PC we've provided. Use that."

    (c) Will work just as well from a phone data network or an Internet cafe.

    Disadvantages:

    (d) Probably won't work if your job is CAD design for an aircraft wing. But then you probably can't run that on your iPad, either.

    (e) VDI up front costs may be higher than a straight PC. But total cost of ownership is nearly always lower - and most organisations will find it a satisfactory solution for the great majority of their users.

    1. Anonymous Coward
      Anonymous Coward

      Re: If you must have BYOD

      Further disadvantage of VDI is no access when offline or in an intermittent or crappy signal area. Many people's definition of work on the move** is email and file access or possible use of web apps (submitting or tracking orders etc) which will still be usable in such scenarios. I have to agree that the inherent separation that VDI delivers is the sort of thing BYODers should be looking to - which takes us to Mobile Application Management...

      ** And Angry Birds or Bridge Builder or whatever is popular right now.

      1. Chris Miller

        Re: If you must have BYOD

        I'm a bit confused. If you don't have Internet access, then you can't do much (except play Angry Birds), whether using VDI or not. If you're thinking of working offline on a spreadsheet (say), then VDI can allow you to download files for offline use, subject to constraints on the confidentiality level of the file(s) concerned.

        1. Anonymous Coward
          Anonymous Coward

          Re: If you must have BYOD

          "then VDI can allow you to download files for offline use"

          In which case VDI is (amongst other things) being used as a file transfer mechanism and you're back in the realms of data classification and control and data exiting the organisation (a la dropbox). VDI in its intended form of course keeps the data within the network.

          I think we'd agree that fundamentally it's all about the data, the container that said data resides in and how much control and authority the organisation in question has over that container. That container could be a server (VDI), an encrypted software container on a consumer device (Good Technology) or the consumer device itself in which case be prepared to have it degaussed and thrown in a pot of molten lead (or remote wiped at least).

          1. Chris Miller

            Re: If you must have BYOD

            I think we do agree, which is why I put in the line about 'depending on the confidentiality of the data'. Unless you work for MI5 or the military, I can't see much wrong with downloading your timesheet to work with offline, whether the mechanism used is VDI or Dropbox. The important thing is to have the granularity to block the sensitive stuff (and the classification system to know what's sensitive and what isn't) while enabling people to get on with their job - not all solutions provide such granularity, of course.

            1. Anonymous Coward
              Anonymous Coward

              Re: If you must have BYOD

              >> I can't see much wrong with downloading your timesheet to work with offline, whether the mechanism used is VDI or Dropbox.

              Yes - because nothing inappropriate ever got downloaded, then copied to a USB stick and left on a train...

  5. This post has been deleted by a moderator

    1. jake Silver badge

      @Eadon (was: Re: BYOD is a way of avoiding lockin)

      No. Just no. You are very confused.

      1. This post has been deleted by a moderator

        1. jake Silver badge

          My pleasure. (was: Re: @Eadon (was: BYOD is a way of avoiding lockin))

          See just below this post :-)

    2. EvilGav 1
      FAIL

      Re: BYOD is a way of avoiding lockin

      Where is the failure in your analysis? All the way through, but we'll start with the base assumption:

      BYOD will force enterprises to move to linux.

      No, just no. The entire IT infrastructure doesn't change because you brought in a BYOD policy, unless you have a competely incompetent person writing the policy. The policy will, like as not, be based on the idea that you *can* BYOD, but only if it is compatible with the existing infrastructure.

      We can then move on to the assertion that linux allows you to use less physical boxes. Which may, theoretically, be true, but enterprise level systems and infrastructure work on redundancy - the number of boxes is rarely due to total system load and far more to do with ensuring continuous uptime.

      In short, you're living in cloud cuckoo land.

      1. This post has been deleted by a moderator

        1. EvilGav 1
          FAIL

          @Eadon Re: BYOD is a way of avoiding lockin

          That is possibly the worst straw-man argument i've ever seen.

          1 linux box does the same work as 3 windows boxes. That's nice, any particular application we're talking about here? Those numbers are frankly pulled straight out of your arse and then arbitrarily doubled to make linux sound even better.

          Redundancy doesn't simply mean have two of everything, it means reduce the likelihood of single point of failure. If systems are running on 3 different windows servers, there will be a damn good reason, usually related to that self same single point of failure argument.

          In some cases we run systems across a dozen servers in multiple locations, as delays in financial transactions have a tendency to cost us money - we run enough redundancy to ensure that it's as unlikely as possible that we get a complete failure, switching to linux wouldn't change that outlook.

          1. This post has been deleted by a moderator

          2. Daniel B.
            Boffin

            Re: @Eadon BYOD is a way of avoiding lockin

            "1 linux box does the same work as 3 windows boxes. That's nice, any particular application we're talking about here?"

            Actually, I wouldn't go that far, but I do have a particular case in mind:

            2 Solaris boxes - 200k users.

            11 Windows boxes - 2000 users.

            The service is LDAP (on Solaris) vs. fugly Active Directory.

            There are linux boxen that equally have 2 or 4 box configurations and still curbstomp the Windows boxen in performance and redundancy. Also, AD sucks even with small loads (~2k entries), while true LDAP solutions running on Solaris, AIX or Linux can handle millions of entries...

            1. Anonymous Coward
              FAIL

              Re: @Eadon BYOD is a way of avoiding lockin

              That's some tasty FUD you're serving up there, Microsoft themselves would be proud.

              If you're struggling to support 2000 users with 11 Active Directory Domain Controllers, you're clearly doing something very badly wrong, in terms of planning, scaling, or implementation. Just saying. This is before pointing out that an Active Directory server makes use of LDAP - it is not 'just' an LDAP server. You neglect to mention what use the Solaris infrastructure was put to; an AD infrastructure may well have its schema extended to support other applications, such as Exchange and Lync.

              We have several domain controllers, but they're there for redundancy and bandwidth preservation, across several sites, not because they struggle to cope with user volume. Two LDAP servers implies a maximum of two sites, so your comparison is simplistic at best, disingenuous at worst. Finally, 200k users sounds really good, until you ask how many requests each user makes, how often? 1 request a day? 1 a second? There's a light year of difference without the details.

    3. 0laf Silver badge

      Re: BYOD is a way of avoiding lockin

      Cloud + Data Protection Act = No worky

      This is one of the places where the consumer world and the business world just don't work on the same rules.

      Yes it's convenient and free for you to shift your personal files into the Cloud so you can get them where you need it. No it's not ok for you to shift you business files with customer data into a Cloud with data-centres outside the EEA and a Safe-Harbour agreement isn't a get out of jail free card.

    4. Jamie Jones Silver badge

      Re: BYOD is a way of avoiding lockin

      > Of course existing Linux admins are already the gods of the sys admin world.

      Have you started up the church of Saint Linus yet?

  6. jake Silver badge

    Problem with article.

    Personal Computers (Pre-IBM PC through Compaq's clone BIOS and into the i386SX era) didn't really have connectivity. At all. Unless you understood the Hayes command-set and had access to a BBS or Fido node, or could dial into a Uni that offered Usenet, that is.

    The modern kit comes with connectivity pre-loaded. Connectivity that is out of the control of anyone other than the user of the device, who is probably completely clueless about security.

    Unless you're willing to actually teach all employees allowed to BTOD how to become a real-life, honest-to-gawd/ess sysadmin, allowing BYOD translates to "Break Your Own Defenses".

    But please, carry on all. I made ~US$45,000 last month, cleaning up after this madness :-)

  7. FanMan
    Mushroom

    Naff off

    I don't want my device managed thankyouverymuch

    1. Anonymous Coward
      Anonymous Coward

      Re: Naff off

      Don't use it for work then.

    2. This post has been deleted by a moderator

  8. DrXym Silver badge

    I don't see the issue

    If a company is worried for its security, the choice should be simple - If an employee does not have a company sanctioned phone they don't get on the network.

    They could always provide limited access via an external facing mail proxy or webmail ui for those who desire it which is probably what most people need anyway. This is a desirable thing to do even if smart phones didn't exist - so much more sensible than some companies which issue laptops with layers of encryption, antivirus, VPNs, wifi stacks etc. just so somebody can read a lousy email.

  9. This post has been deleted by a moderator

    1. dogged
      FAIL

      Re: Security issues

      Androids are more secure than windows laptops or tablets

      [citation needed]

      1. Chris Miller

        My prediction

        Sometime this year, a legitimate, but insecure, web site will be penetrated and rogue software installed that will infect any visiting Android device with malware. Hell, it's probably happened already. I've no doubt that the same could be done for iPhone/iPads, as well.

        1. jake Silver badge

          Re: My prediction

          Uh, Chris ... Isn't that what iFads & fAndroids do, by design? Enable marketards to view, compile, and act on the user's personal opinions & etc?

          I'll stick to my 12 year old Nokia, TYVM ... All I want a telephone to do is make and receive telephone calls.

        2. This post has been deleted by a moderator

    2. jake Silver badge

      Re: Security issues

      "A) Most technical security issues are caused by Microsoft security holes."

      Post proof, or retract.

      "B) An even greater number of security issues are caused by social engineering or by employees making mistakes or up to nefarious activities, either out of incompetence, disgruntlement or out of a desire to defraud."

      So "most" are caused by MS, but "an even greater number" are caused by stupid human tricks? It would seem that basic logic is not quite within your grasp ...

      Couple that with "BYOD is a security concern but generally not as bad as the above security concerns, the extra risk of BYOD is nowhere near as great as fixing the above would reduce risks."

      Uh, dude/tte, it's EASY to remove the BYOD issue from the picture. Ban personal devices from the workplace. Simple. No more issue.

      "In fact if BYOD meant fewer MS boxes, then it might improve security."

      "If" and "might" are not compelling security/business arguments.

      No wonder people look down their noses at Linux fanbois ... and that's speaking as someone who has used Slackware as his personal desktop for coming up on 20 years.

      1. vagabondo
        Coat

        Re: Security issues

        @jake

        Friend Eadon really doesn't know when to stop digging and look around before the horizon disappears does (s)he? Some people are so over-enthusiastic and naive that it's really embarrassing when they decide to join the party you just want to leave. So much "knowledge", so little wisdom.

        Sometimes you wonder just who is working for MS (double-agent?).

        ['nix and Internet admin >30years, Linux admin ~20years (= boring old fart). ]

        1. This post has been deleted by a moderator

          1. Ian Yates
            Thumb Down

            Re: Security issues

            "Industry is moving away from MS because MS systems are more insecure"

            I don't know what industry you work in, but I've never seen such a move on desktops or servers.

            Companies in general use whatever they want based on what the person spec'ing it (a) knew and (b) was told was available. If a company can buy Windows boxes/licences cheap and they have tools/people to manage, they will; if they can't, they'll look at whatever else their preferred suppliers have that fits the bill.

            Most reasonably sized companies don't build their own servers with Linux on; they pay a supplier (IBM, Red Hat, Oracle, etc.) for a fully supported system, regardless of how good their local sysad is, which cost (initially; not discussing TCO) very similar figures to the Windows based options.

            In my experience of working for a company with 250k+ employees, only the security of the public-facing servers were really a consideration, and those numbers were such a small amount compared to the internal-only ones. Internally, all employee access was logged and they relied on standard ACL to limit access. If someone was found to have hacked in to something they shouldn't, they'd be out on their ass.

            1. This post has been deleted by a moderator

              1. Ian Yates

                Re: Security issues

                "Note that windows desktop share and windows server share are both falling, so this isn't just anecdotal."

                That wasn't my point at all; you stated that it's because MS' systems are more insecure, but I don't believe that is much of a factor at all.

                The only factors I've ever seen in non-public-facing infrastructure is (a) cost, (b) existing licences, (c) existing knowledge. And pretty much in that order.

            2. Vic

              Re: Security issues

              > I've never seen such a move on desktops or servers.

              I'm starting to see it.

              It's a slow process, to be sure, but I've got customers now actively migrating desktop fleets to Linux[1].

              It's going to be many, many years before that becomes a majority, though.

              Vic.

              [1] My biggest customer is now rolling out an Ubuntu image, despite my best efforts to get them to look at an EL-based desktop :-(

              1. Anonymous Coward
                Anonymous Coward

                Re: Security issues

                We haven't quite shifted our Desktop to Linux (I am certainly going to allow the option soon, but I have begun that shift of Servers. It just makes more sense, in TOC, especially with Developers using opensource tools, and developing platform agnostic /Web Services.

                II would highly suggest if your 250+ in employees, its worth a glace to look into Linux (I'm specifically looking at RHEL, but I want the 24x7 support). If your Sysadmins are platform agnostic, it only makes sense to at least entertain the idea.

      2. Chris Miller

        @jake: "Ban personal devices from the workplace. Simple."

        Security is always a trade off against effectiveness/efficiency. If a client asks me to make their Internet connection '100% secure', I say: "No problem - give me 5 minutes with my snips in your machine room, and I guarantee it." After which statement, we can get down to a sensible discussion about the degree of security that's appropriate and affordable in their particular environment.

        No doubt there are some organisations where a total ban on personal devices in the workplace might be justified. But if the US military can't enforce such a ban, how likely is it that any other institution could?

        Your faithful old Nokia may meet your needs perfectly well. I prefer the flexibility of accessing my desktop from my phone when I'm travelling. I'm well aware that Google/Apple/Samsung/der gubernment could be viewing my data when I use it, and I factor that cost into my decision.

        1. This post has been deleted by a moderator

          1. PrivateCitizen
            Stop

            Re: @jake: "Ban personal devices from the workplace. Simple."

            If a system has security designed into it from the start then it will be more secure than another system that does not.

            You need to stick to Plan 9 from Bell Labs.

      3. Anonymous Coward
        Thumb Up

        Re: Security issues

        Jake,

        You hit the nail on the head with your post.

        Eadon does not do us any favours mouthing off as (s)he does.

        I also use Slackware for my personal desktop.

    3. Bluenose

      Re: Security issues

      "A) Most technical security issues are caused by Microsoft security holes."

      I think you mean that a lot of technical security issues can be attirbuted to software that runs on Windows machines including within the Windows software.

      "B) An even greater number of security issues are caused by social engineering or by employees making mistakes or up to nefarious activities, either out of incompetence, disgruntlement or out of a desire to defraud."

      And such security issues will continue to exist and become potentially more apparent in a BYOD world where users continue to do all of the above plus fail to implement the necessary controls that exist on laptops and desktops which have anti-virus, firewall and malware software installed to minise those risks.

      "BYOD is a security concern but generally not as bad as the above security concerns, the extra risk of BYOD is nowhere near as great as fixing the above would reduce risks."

      Just not true, the issues in your point B continue to apply in the BYOD world.

      "In fact if BYOD meant fewer MS boxes, then it might improve security. iPads and Androids are more secure than windows laptops or tablets "

      The problem is that there is no evidence that fewer MS boxes would result. Data still needs to be stored, applications still need to be run, web servers and proxies are still required so why would someone running round with a fancy device they brought in impact on the number of MS boxes? Even in the device area Windows phones are available as is Surface, chances are that like the XBox these products will become more used rather than remaining at their low levels simply because companies will see them as easier to integrate and will therefore incentivise their use as BYOD rather than Apple or Android devices.

      BYOD is a complex issue for companies and trying to make it an "easy" decision will simply create more problems down the line

  10. Financegozu

    The connectivity costs $61 ...

    ... and what would an IT-provided device cost? My guess is: about the same.

    On another note: It's revealing that IT is still measured only as cost because other factors such as productivity or revenue contributions are so hard to figure . Nothimg changed in the las 40 years ...

  11. RonWheeler
    FAIL

    The underlying premise is wrong

    People here are businly babbling about the techncal issues when the entire underlying premise is wrong. It is like drivers at a freight company wanting to bring their own Mini Coopers in.

  12. Ol'Peculier
    Meh

    Are "stationary" supplies ones that don't move very much?

  13. Anonymous Coward
    Anonymous Coward

    A never ending game.

    My company laptop was so a celeron, 160Gb HDD and a stupid 1400x768 (or thereabouts) screen. They expected me to build trial build a system that uses 8 different servers thus at least 8 VM. The level of lockdown was also something behold.

    Thankfully my manager saw the light and I now have a decently spec'd laptop with 32Gb ram. The company machine is now a VM.

    Sadly the network gestapo are threatening to block my MAC address from the network unless is my machine is 'locked down'. The war continues.

    1. RonWheeler

      Re: A never ending game.

      I might feel sympathy, but what you don't tell us is part of the equation. Do they already have a bunch of dedicated virtualisation hosts that you're meant to be using, but you want it all on your own machine for convenience? And do you have a docking station? I take it you have local admin rights to your machine and object to not having those any more - why 'should' you have them?

      Not prejudging - it could be anyting from a genuinely overzealous bunch of traffic-wardens in your IT dept to you simply being a dangerous maverick, to something in-between.

      .

      1. Anonymous Coward
        Anonymous Coward

        Re: A never ending game.

        There are some ancient servers around but these are all test builds for customers. I then go to various parts of the world and setup the real thing for them. I can setup all those horrid things called group policies and test them before I get anywhere near the customer kit. A few SQLServer and ORacle Databases are also in the mix plus that nightmare of administration MSMQ (er? where's me message gone today folks).

        I can also get most of the documentation done beforehand.

        Besides, it reduces the time needed on site and not every site is the same. Lots of the static content db's is specific for that site as are the business app rules.

        Ok?

    2. Anonymous Coward
      Anonymous Coward

      Re: A never ending game.

      32Gb? Do you mean 4GiB? Perhaps you mean 32GiB?

      32Gb (gigabits) would be 4 gigabytes.

  14. P. Lee Silver badge
    Joke

    The next big thing?

    A windows installation on a flash device which doesn't throw a fit when you plug it into a different computer, allowing you to run on any handy (at least x86) device.

    Hahaha, I've just had my funny-bone license activated for this instance of joke.

    Bother, I'm not allowed to repost.

    1. dogged
      Meh

      Re: The next big thing?

      yeah, truly unthinkable

  15. Mike Taylor

    Stationery

    You get it from a stationers. While you're there, get a dictionary. And a sub.

  16. volsano

    Connection costs are a fixed overhead?

    So I purchase my own device, and my management pony up £61pcm for the network connection.

    One desk over (back in the day when we had desks) my colleague has a company-sourced device, and our management pony up £61pcm for the network connection.

    If there is a news story here it is that employee connectivity costs £61pcm for the network connection, not including the costs of the end-user device.

  17. jason 7
    WTF?

    What happend to the company providing kit to do their dirty work with?

    Why are we all wanting to let the company off their duty to provide the tools to do the work?

    I would never use my kit for company use. They want me to do the work, they provide the kit.

    If this carries on soon you'll find a electricity meter sitting beside your desk that you'll have to fill with your own 50p pieces.

    1. feanor

      Re: What happend to the company providing kit to do their dirty work with?

      Mmmmm, the downside to this is that you get supplied the cheapest crap possible with which to do your work. It will be slow, so loaded down with "management" services that you can just about run notepad if your lucky, takes an age to boot, is tied to the network with some desperately unreliable synchronization software that means you have to reboot your hideously slow to boot POC just to get undocked.

      All the while the IT desk pilots have supplied themselves with the latest all singing all dancing hardware because they have spreadsheets to full in.

      I'd pay to use my own laptop just to remove the stress related to struggling along with a POC laptop. I could run a corporate image as a VM and it would still be twice as fast as the poxy abacus they gave me.

      I'm field based and work mostly on customer sites and this is universal in my experience. IT bods and managers get the decent kit because they don't need it. Power users get crap.

      1. jason 7
        Facepalm

        Re: What happend to the company providing kit to do their dirty work with?

        And most average joe's home hardware is any better?

        I service normal computing folks gear for a living. I have to antibac it before touching most of it let alone have it connect up to a corporate network.

        I have to say that laptops costing more than £400 are pretty rare. Not to mention most don't have a working copy of Office or legit software on them.

        BYOD was thought up by an small elitist bunch of gadgeteers that didn't want to be part of the herd. However, as usual didn't bother to think how the rest, that really don't give a crap about their computer hardware and showing off how much disposable income they have would fare.

        1. John Smith 19 Gold badge
          Facepalm

          Re: What happend to the company providing kit to do their dirty work with?

          "BYOD was thought up by an small elitist bunch of gadgeteers that didn't want to be part of the herd. However, as usual didn't bother to think how the rest, that really don't give a crap about their computer hardware and showing off how much disposable income they have would fare."

          That sounds a more accurate idea of how it came about than most of the bo**cks talked about this.

          Either they wanted to show off their new shiny in the office or they wanted the office to buy their new shiny for them.

          Dumb for any company that falls for this solely on that justification.

          1. feanor

            Re: What happend to the company providing kit to do their dirty work with?

            "Either they wanted to show off their new shiny in the office or they wanted the office to buy their new shiny for them."

            No, what we want is a machine that is spec'd to allow us to actually do our jobs. Without crashing, without the sync hanging, without the hard-disk paging constantly etc etc.

            The problem with IT is they spec themselve the latest and greatest kit blowing all the budget on themselves, then foist junk onto everyone else, as if it wasn't everyone else that kept them in a job!

            1. jason 7
              FAIL

              Re: What happend to the company providing kit to do their dirty work with?

              Yeah but that might work for the gadgeteers that know how to configure a pagefile etc. but what about the rest of the staff that dont have a clue about how to setup a laptop properly?

              Again BYOD only works for the tech smartarses and gadget showoffs.

              Office Willy waving of the next generation. It's just another way to create a pecking order.

              As an aside the IBM Thinkpads and Dell lattitudes our corp issued us with worked fine. Maybe some firms just need to find better build teams.

        2. feanor

          Re: What happend to the company providing kit to do their dirty work with?

          @ Jason 7,

          Every single member of the department I am currently contracting in owns a laptop that is at least twice as well spec's as the Toys R Us "my first computer"s that the IT bods allow us. Mine must be 4 times as good and mines isn't even the best!

      2. IBM3270

        Re: What happend to the company providing kit to do their dirty work with?

        You may be willing to provide your own laptop, but what about your co-workers? I've worked within a couple of companies where management put pressure on an individual to change their way of working, take on more work, etc. and then, when they had been coerced, set it as some kind of precedent for everyone else. With BYOD this could have all sorts of implications for other workers.

        1. feanor

          Re: What happend to the company providing kit to do their dirty work with?

          With BYOD this could have all sorts of implications for other workers.

          That is a fair point. It would be so much better if the IT guys just stopped keeping the good shit for themselves.

      3. PrivateCitizen

        Re: What happend to the company providing kit to do their dirty work with?

        Mmmmm, the downside to this is that you get supplied the cheapest crap possible with which to do your work. It will be slow, so loaded down with "management" services that you can just about run notepad if your lucky, takes an age to boot, is tied to the network with some desperately unreliable synchronization software that means you have to reboot your hideously slow to boot POC just to get undocked.

        Frequent complaint about company supplied hardware, however I dont think BYOD is the solution.

        If you are wasting an hour a day because the device is slow, then you company needs to be made aware of this (1 hour per day per employee = lots of new hardware) so management can make a decision.

        If your time is profitable to the company, then this wasted time is costing them (not you) so they really should cough up and get you a better device to work on. Anything else is losing them money.

        It may be that your time isnt as valuable to management as you think, in which case it isnt cheaper for them to improve your hardware - if this is the case, then make the most of the enforced breaks and enjoy the more relaxed pace of work.

  18. John Sanders
    Linux

    "PCs eventually came under the sysadmin's thumb, so it might be safe to assume that mobile devices will eventually succumb in the same way."

    No one will touch a key of "My Device(TM)", if a company wants control over my equipment they will have to provide it.

  19. Carl
    FAIL

    Im good with either scenario.

    If my employer want to provide me with a mobile device then they can give me whatever they want.

    If they don't want me to use my device for work then that's cool too.

    Once they decide which approach they want to use then all they need to do is give me a heads up.

    But then there was that one firm where the PM ordered me to buy and pay for my own mobile phone so they could reach me wherever and whenever. I am no longer with that firm. Although, to be fair, neither is the PM.

  20. Jeff Green
    Happy

    Horses for courses

    I have been a "sys-admin" for part of the time since the mid 1980s, and a system user for all of the time since the late 1970s. In all that time I have never come across a company IT department (including ones I was running) that got the right kit to make all the workers as productive as they could be, never come across one that got the best possible deal on the hardware they did buy, nor one that did a halfway decent job on security.

    The trouble is that IT departments know about IT for IT departments, and a bit about IT for other departments, and damn all about the jobs other departments do.

    People in other departments no about their jobs and a bit about IT for their jobs and damn all about IT in general.

    There is no one size fits all solution, some people and some jobs fit a stalinist IT policy, and some are better in a free for all. Most are better somewhere in between. BYOD has always existed, either officially or via the "pump-controller"/"stationery supplies" route, it always will. and corporate lock downs have always and will always exist, to varying degrees.

    Reports that one or other approach is bad are certain to be wrong and are almost always written on behalf of people who want to sell something. Then followed up by journalists who want to fill column inches. They will then be commented on by ill-informed zealots (like me). The world will continue spinning and people will continue working, some security breaches will happen (in both stalinist and anarchic organisations). Get over it.

    http://www.theregister.co.uk/Design/graphics/icons/comment/happy_32.png

  21. Frumious Bandersnatch Silver badge

    LOL

    Gotta love the unintended (I guess) hilarity of seeing the "Illicit phone rings in Sri Lankan inmate's back crack" article cheek by jowl with the "BYOD is a PITA" one ... or are the Reg editors having a bit of fun today?

  22. Herby Silver badge

    Be careful for what you ask for, you might get it!

    Just a note about BYOD stuff. Here in the USA we just had a court case that indicated that workers who did company work "on the own time" were entitled to compensation and (possibly) overtime. If one does BYOD, then there is the opposite effect of having workers actually do work on it "away form the workplace". So, it runs both ways. Would you allow "work" stuff to run on your home network (tracking, etc.) and would you actually trust it to keep ALL of your personal stuff private.

    So, it may be doubly costly to have workers BYOD. Then again, some places (like where I am) allow "work from home". Joy Joy Happy Happy.

  23. John Smith 19 Gold badge
    Happy

    I sometimes think that Eadon is unfairly downvoted...

    But then I think of the experience base of those doing the downvoting.

    And it does not seem so unfair. after all.

    I'll think up a more serious comment about this later.

  24. kain preacher Silver badge

    Question

    So you bring your own laptop to work. Loaded it with company apps and data. What happens if that employee is fired or quits ?

  25. Mr. Chuck
    Go

    Evolution in action

    Let's just imagine that BYOD extended to desktops. Every morning you'd lug in your PC or mac or linux box, loaded with all the crap programs, malware and illegal downloads you and your kiddies have put on it. Somehow your 'fat and old' IT department has to work out a system by which random operating systems at arbitrary revision levels, with random mixes of applications, unknown open and unfixed or badly fixed bugs, can be secured and made compliant with business policy and legal requirements, and by the way perform in a way which you find acceptable.

    Now what exactly is the difference between this and a modern mobe, which is no different to a PC you can stick in your pocket?

    While you people are happily stuffing around with your phone (the new smoking) in blissful ignorance, your company is well on the way going broke either because of increased costs or decreased security or both, and you will soon be out of a job, and all in pursuit of largely illusory productivity gains. So your problem will soon go away and so will you. Ta ta.

  26. John Smith 19 Gold badge
    Meh

    BYOD seems to be about 2 things

    1) People who want to use their UI as they can't get the company provided software to do what they want.

    2) The hardware they've been issued is not good enough to do the job.

    Both are reasons to investigate further what is really needed. They are effects, not causes.

    Better hardware. "too heavy" is not an issue from the company PoV. Too slow (in for example a financial services app) is an issue if it takes too long for a rep to demonstrate what-if scenarios to a client. Likewise a slowish processor is not too important for a field service engineer, but flaky comms can make it difficult to order parts and over time be very annoying.

    Better software. Any software that helps people do their job (rather than allows them to) is complex because it incorporates deep knowledge of that job (the "business rules" part of a system). You've got to wonder how people are saying they can't use the current UI (but they can use their pad/phone/PMP/whatever) if they've been doing the job for a while.

    The question is how well they've been trained to use it and wheather the UI handles the tasks you need to do as well as it could. The former is a training issue (and boy do companies hate doing that) the latter depends on wheather its an in house app or a product. If bought in can it be better configured? If so does anyone in house know how to re-configure it?

    If the company buys your hardware it's their dime. But expect to play by their rules if they do. Personally I like my work/life balance to keep my work at work and my life outside my work. BYOD -> PITA (for in house IT).

    Incidentally the House of Commons has rather a BYOD policy with all the MP's devices.

    Have they got their virus re-infections contained yet?

  27. regdl

    I just don't get why anyone would want to have the expense and risk of having to supply their own kit for work. If it fails or gets broken or lost you have to provide a replacement. If i drop my blackberry down the toilet by accident my company gets me a new one, when my laptop hard disk dies my company gets me a new one all with the added bonus of knowing that everything I do is secure either connected of disconnected.

    maybe I am just lucky as I get 2 monitors on my desk, a core i5 laptop with 8gb ram and SSD running windows 7, plus a blackberry, plus access to outlook and sharepoint and lync on the web. all of these devices work seamlessly with my company services. This is standard issue stuff and I wouldn't say my company is exactly cutting edge.

    There are some who insist on bring their ipads which have basic mail and calender access provided although in most meetings my paper based notepad is far more productive and not so tempting to constantly pick up and play with instead of paying attention to what is going on.

    p.s , i have no particular allegiance to any platform, i just choose what works best for the job in hand , I run systems on Linux, AIX , Z/OS, Solaris and Windows all of which work well when looked after and engineered properly.

  28. PragatiChaplotJain

    While promoting BYOD programs, IT must look at mobile solutions that respect user privacy and allow users the flexibility to turn off the location as and when needed.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019