BYOD security issues do exist, but IT teams shouldn’t fear the trend

IT teams might be nervous about BYOD security issues, but there’s no need to be, according to Brian Madden. Securing devices isn’t any different from what IT has been doing for years.

Brian MaddenA lot of people are talking about BYOD, or the “bring your own device” trend. We know users want BYOD, and we know that we’re nervous about it.

The reality is that BYOD is here whether you acknowledge it or not. Your lack of support doesn’t keep iPads and home computers out of your office. So it’s time to embrace it.

The Trust Hang-up

Companies have many valid concerns, including questions like, “How will I support users on XYZ device?” or “What about my liability?” or “How will I secure these things?” But, fortunately, the fears of BYOD are more perceived than real; BYOD isn’t fundamentally different from what you already do today.

End-user support is already tricky (and in place). BYOD doesn’t change that. And security concerns about users’ devices? Come on! We all know that “physical access” is the Achilles’ heel of any security system, and your users already have physical access to the devices they take home.

Enterprise IT pros talk of two issues around security and BYOD: They wonder if they can trust corporate data and apps on personal devices, and they’re worried that the influx of personal untrusted devices will compromise the security of their enterprise networks.

But neither of these worries has been introduced by BYOD.

For those who say, “I will never trust my enterprise apps and data on non-company devices,” I remind them that they already have users who work from home on their own computers. Does the company buy them desktops which IT can fully manage and join to the domain? No. Instead, the company provides things like SSL virtual private networks (VPNs) with two-factor authentication and client-side vulnerability scanning. The company uses encrypted file syncing or Citrix-based application delivery to deliver a secure-yet-usable experience. So supporting “nontrusted” devices is something companies have been doing for years. If we called this “HAPC” (home access PC), instead of “BYOD,” then it wouldn’t be an issue.

“But,” some might argue, “this is different because they’re now bringing their own computers into the office! Just one rogue user or virus could take down the whole network.” Again, this is a knee-jerk security reaction that’s not really an issue. If sports arenas, hotels, and Starbucks can figure out how to offer Wi-Fi to networks full of anonymous public users connecting who-knows-what devices, why can’t you? Sure, you’re going to have to upgrade your decade-old wireless infrastructure with stuff built on high-gain directional antennas that can handle four devices per employee. But you’d have to make that change even without an official BYOD program.

Once you shift your mentality about how to support BYOD users, the next step is to realize that you don’t need two different support models. It doesn’t make sense to support users who use company-owned devices differently from those who use their own devices. Instead, pick one device-access paradigm and go with it. If you use an awesome VPN with centrally delivered apps for your BYOD users, do that for everyone. Then you can even allow your users with corporate-owned devices to install whatever they want and use the devices in the way that makes them happiest.

At the end of the day, it’s when, not if, for BYOD. But if you look at what’s happening in your enterprise, you just might find that the when has already happened.

About the author:
Brian Madden is an opinionated, supertechnical, fiercely independent desktop virtualization and consumerization expert. Write to him at bmadden@techtarget.com.

This was first published in November 2012

Dig deeper on Mobile policy and enforcement for consumerization

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchEnterpriseDesktop

SearchVirtualDesktop

SearchVMware

SearchCIO

SearchSecurity

Close