Using personal devices at work gets more secure
SEATTLE: So you don’t mind paying for the latest, greatest mobile deviceand dedicating it to both home and work tasks. Join the crowd.
BYOD (Bring Your Own Device to work) is a trend that’s been on the rise for a few years. Companies save, employees enjoy greater flexibility, and both reap productivity gains.
Companies in 2012 generally conceded that BYOD is unstoppable. That said, workers who opt to join the BYOD craze this year won’t have the same free-wheeling experiences that characterized the trend in its earlier stages.
This year, BYOD participants can expect to relinquish control of their devices — and forgo a level of privacy — as companies impose much tighter security, mobile industry analysts say.
“If workers want more BYOD, they will need to give up something in return,” says Jack Gold, researcher at J. Gold Associates. “That’s the abilityfor enterprises to enact policies and control their access and actions.”
As the BYOD craze heated up in 2012, tensions mounted. Information-technology departments used to micromanaging the use of company-supplied equipment discovered that locking down employee-owned devices — without stifling new-found productivity gains — was anything but simple.
In response, a new category of tech systems, referred to as mobile-device management, or MDM, tools and services, took root. “Organizations will continue to grapple with BYOD security and usage issues in 2013,” predicts Christian Kane, enterprise-mobility analyst at research firm Forrester.
The beginnings of BYOD trace back a few years, when consumers began gobbling up cool new social-networking, gaming and mapping apps delivered via state-of-the-art mobile devices. Initially, workers looking for an edge began to tap hot new consumer apps for work-related networking and collaborating on iPads, iPhones and Android smartphones. Then, app-happy senior executives began to demand access to company e-mail and databases via their new smartphones and touch tablets.
“Employees sought the ability to mix work during personal time and personal activities during work hours,” says Chad Bacher, chief product officer at Webroot, a supplier of mobile-security services.
Corporate information technology departments couldn’t resist the consumer-driven BYOD tide. Forrester estimates 37% of organizations let employees connect personal smart-phones to company networks, and 34% allow hook-ups for personally owned touch tablets, up from 34% and 30%, respectively, in 2011.
The impetus for more companies to jump on the BYOD bandwagon seems certain to intensify this year as Microsoft continues a major push to bring Windows 8 smartphones on par, in consumers’ eyes, with iPhone and Android handsets.
“Technology devices are now a form of self-expression,” says Bim Parmar, vice president of marketing at networking software firm Faronics. “Why settle for a corporate black brick when your mobile device can become an extension of your personalimage?”
Smaller organizations continue to lead the way. Dowling Aaron, a midsize law firm in Fresno, Calif., embraced BYOD three years ago. Its 50 attorneys use an array of iPhones, iPads and Android smartphones as personal communicators that double as tools to access corporate e-mail, client files and work apps.
Recently, after leaving his iPhone 5 in his Lexus to attend a funeral, one of the law firm’s attorneys returned to find his vehicle window smashed and his new smartphone missing. He reported the theft to Dowling Aaron’s IT director Darin Adcock.
Using a mobile device management (MDM) service from AirWatch, Adcock was able to quickly locate the missing phone and zap its memory card clean. “We have the ability to ensure that our data is not out in the wild and out of our care,” Adcock says. “I was able to do a remote wipe as soon as the attorney told me about the incident.”
Dowling Aaron is among early-adopter firms that have grown comfortable leveraging the smorgasbordof BYOD tie-ins and security services, while also winning the cooperation and enthusiasm of its employees.
“Companies that actively support BYOD create a more flexible, agile workplace, lower employee-related costs and increase employee satisfaction,” says Kurt Roemer, chief security strategist at virtualization firm Citrix. “BYOD allows workers to better manage their complex lives by interspersing work and home activities.”
Even so, the vast majority of large companies have only dipped their toes into BYOD. Some 83% of 350 large companies surveyed by security firm Blue Coat permitted access to email from employee-owned devices.Yet, only 24% allowed access to sales force automation programs and 19% to supply chain management apps.
“This really shows that organizations are in the process of trying to understand and resolve what their strategy should be for engaging mobile users,” says Sasi Murthy, Blue Coat’s senior director of product marketing.
One challenge companies face is distilling marketing pitches from a suddenly burgeoning field of tech vendors offering powerful tools and services designed to help companies take more intricate control of employee-owneddevices.
Dozens of MDM start-ups such as AirWatch, MobileIron and Zenprise have entered the field. Tech stalwarts such as Microsoft, Cisco, IBM and SAP are jumping on board to help companies implement and enforce new mobile device usage policies.
Sales of MDM systems rose to $790 million in 2012, up from $445 million in 2011. MDM sales are on a hockey stick curve, projected to climb 36% annually for the next few years — to $1.8 billion by 2016, according to tech research firm IDC.
Security is the big driver. “There are tons of security concerns,” says Centrify CEO Tom Kemp. “Phones getting lost or stolen can lead to someone outside the company accessing corporate information. Or malware installed on a phone brought into the corporate network can begin spreading throughout the network. These are just a few of the concerns folks have.”
New MDM systems let companies implement and enforce policies that restrict access to company business apps and data bases. If the employerchooses, MDM can be used to monitor which apps and games an employee has downloaded to his device, as well as how much time the worker is spending on games and social apps.
The employer can even block access to apps stores, disable phone cameras or use the device’s GPS function to monitor where an employee spends work and personal hours, says Giri Sreenivas, mobile manager at security firm Rapid7.
“Just because you bought your device and bring it into work doesn’t mean you can do everything youwant with it,” Sreenivas says.
This year, many companies will be faced with a balancing act between protecting company data and not trampling BYOD users’ privacy.
The early pattern has been to require employees to permit the company to control any functions that could affect company data, as well as reserving the right to track the phone, and wipe it clean, should it become lost or stolen.
“Companies are holding on to control right now because they’re uncertain how to make this work,” says Forrester analyst Kane. “But this is not as much about controls as it is putting up guardrails.”
Mobile industry analysts anticipate rising employee backlash in 2013 — and big companies gradually relaxing their historical need to control everything.
Employees, after all, have leverage, too. They can continue using the latest consumer apps on their personally owned devices for work chores, without signing any company usage policies, as many currently do.
“Organizations have to fundamentally change the way that they think about security,” says Rapid7’s Sreenivas. “They have to think about what makes up an acceptable use policy, one that employees can believe in and agree to.”
As this plays out, employees who use their personal smartphones or touch tablets for work should take the time to read and understand company BYOD policies. And back up any data, including contacts, messages and apps, you care to preserve.
Darin Adcock oversees and maintains the technology for more than 50 attorneys at Dowling Aaron in Fresno, Calif.
JUSTIN KASE CONDER FOR USA TODAY
JUSTIN KASE CONDER FOR USA TODAY
Dowling Aaron attorney Matt Besmer uses his personal mobile device to maintain contact with clients.
Learn how to integrate devices into the Enterprise, attend the MCSA: Windows 2012 Server Course and Certification
CED Solutions is a Microsoft Gold Learning Partner and the #1 location for Microsoft Certifications in North America. CED Solutions is a Platinum CompTIA Partner and is one of the largest providers of training in North America. The Atlanta facility provides training for up to 490 students per day, with three buildings dedicated to training. CED Solutions provides training for up to 10,000 students per year and students take up to 800 certification exams every two weeks.
CED Solutions provides training and certification for Microsoft MCSA: Windows 2012 Server; MCSA: Windows 2008 Server; MCSA: SQL 2012 Server; MCSE: Business Intelligence SQL 2012 Server; MCSE: Data Platform SQL 2012 Server; MCSE: Desktop Infrastructure Windows 2012 Server; MCSE: Server Infrastructure Windows 2012 Server; MCPD: 6 Cert Visual Studio Developer; MCSD: Windows Store Apps C#; MCSD: Windows Store Apps HTML5; IT Healthcare Technician and many more.
www.cedsolutions.com, email@example.com, (800) 611-1840