Essential Guide

Consumerize This: Supporting consumer devices and cloud

A comprehensive collection of articles, videos and more, hand-picked by our editors

Walking the line between enterprise security and consumer freedom

It's not easy, but sometimes IT just needs to let go and allow some consumer freedom when employees bring in devices and access certain apps.

In an increasingly mobile world, sometimes you just have to go with the flow. IT administrators have to deal with more devices and more enterprise security risks, but in some cases it's better to give users their freedom rather than lock everything down out of fear.

Steve Damadeo Steve Damadeo

That's because users are going to find ways around IT's rules if they really want to, said Steve Damadeo, an IT operations manager at Festo Corp., a global industrial automation and pneumatics manufacturer based in Long Island, N.Y. His organization runs what he calls a "controlled" consumerized environment, where users have some restrictions around enterprise application access and the use of cloud services but aren't slapped with too many limitations.

Damadeo shared his thoughts about allowing for consumer freedom while supporting bring your own device (BYOD) and how all those tech-savvy users have affected his environment.

Do you think the consumerization of IT is positive or negative, and for your company, what's been the hardest part to handle?

Steve Damadeo: Both. The positive is, it's brought more educated users to the table. That's very helpful, because one of the old IT doctrines is the idea of there being an education gap between individuals [regarding] how to use technology. The negative of it, and this is the hardest part that we've dealt with, is the idea that now the company has 15,000 IT experts. What works in a consumer environment may not always be the most appropriate for an enterprise environment, particularly when you deal with management, security, things like that.

How do you support consumerization in your organization and your mobile workers' needs?

Damadeo: We've maintained two separate policies: one for personally-owned devices and one for corporate-owned devices. The reason for that is that we offer certain things for certain types of devices. For example, we don't just allow anyone to bring in any laptop or any device; we do a controlled consumerization. We're selective in what we do and do not allow, but we're always having a conversation about why we're doing certain things, as we open it up to more and more alternatives.

What are the support policies and restrictions for users that bring in personal devices?

I think people need to focus on the user needs.

Steve Damadeo,
IT operations manager, Festo

Damadeo: We don't allow personal laptops. We will hook [smartphones and tablets] up to our corporate environment, in terms of being able to get email and basic messaging attachments, and some VPN connections as well. What we don't allow is our entire enterprise application suite on those devices.

We have a personal device use policy; we call it that because we want to avoid acronyms, whether it be BYOD or whatever it's called the next day. BYOD is just a purchasing mechanism. Our policy is outlined like I mentioned, with what we do and do not allow, and also what some of the expectations are from an IT and from a company perspective. So, for example, in order to connect your device, we do at least mandate a password. And we have the ability to selectively wipe information if necessary. But we keep those requirements very basic because we don't want to lock down devices, which would basically turn it into a glorified brick.

What about cloud services for storage or collaboration?

Damadeo: We aren't naïve enough to believe that people aren't using them, but we don't overtly support it. But if people want to find their away around something they always will. So the way we've approached it is trying to explain what would be considered good or bad behaviors and why or why not to do something.

We block some consumer cloud services like Dropbox for example; right now in our corporate firewall we do have them turned off, so you can't get to them through the corporate network. But I can't stop somebody when they're working from home from disconnecting from the VPN, putting something on their device and reconnecting. It's not possible to block everything; anybody who says that they block [an application] completely, I would question that.

How else has consumerization affected your environment?

Damadeo: I wouldn't say that it's affected us that much. The people are still the same, the technology and what physical device you bring is a little bit different. So I wouldn't say too much has changed; I haven't had to rearchitect our support structures or anything surrounding this. I think people need to focus on the user needs. If you focus on the people -- more so than the technology -- and what the real business impact is and [what] you are trying to accomplish, I think people will find it's a lot easier to manage. 

This was first published in April 2014

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchEnterpriseDesktop

SearchVirtualDesktop

SearchVMware

SearchCIO

SearchSecurity

Close