The steady stream of personal devices making their way into the enterprise is showing no signs of slowing. Employees are hailing the efficiency benefits and advanced functionality of their increasingly sophisticated personal devices, preferring to use them in place of enterprise provisioned IT.
There are obvious advantages to this for the enterprise. Using their own devices, with which they are more familiar, can give employee productivity a boost, whilst reducing the costs to the enterprise of provisioning new devices. There is also a perceived opportunity to reduce ongoing support costs, as some of this responsibility can be transferred to the employee and their chosen service provider.
However, as end users begin to make their own decisions for IT provision, there is a risk that the ICT department could begin to lose the level of control and visibility into the corporate network that was previously possible. It is also unclear whether the transfer of responsibility for IT support will actually reduce costs in the long-term, or if there will be hidden pitfalls and associated costs. It came as no surprise then, when our own research found that the majority of IT directors admit to experiencing more sleepless nights through their security concerns over the BYOD trend.
Storm Clouds Ahead
Although some organisations have started to take steps to implement an official BYOD policy, there are still many that are being slow to react; either ignoring or seeking to prevent the use of personal devices in the workplace. Although it may seem the sensible option, those who seek to prevent the use of employee devices in the workplace risk being caught in a storm, as studies from Check Point and Software AG have already shown that unauthorised devices are creeping onto the corporate network regardless.
Whatever their approach to dealing with the issue, it is inevitable that a multiplatform environment will soon become the norm for enterprise IT. In addition to the emerging divide between personal and corporate ownership of end-user devices, the time when IT infrastructures were required to support standardised corporate issue models is rapidly becoming a thing of the past. The IT environment has to evolve rapidly in order to securely and effectively support a range of device types, models and their various operating systems.
Fogging the Visibility
With the potential for employee mobile devices to bypass corporate security measures, maintaining a clear view of all devices on the network is essential. With sensitive corporate data being stored on employee devices, there is also the concern that it could fall into malicious hands if the device becomes lost or stolen, or is not wiped before being sold on.
With responsibility for maintaining devices with the latest version of software and security updates now in the hands of the end user, software upgrade cycles are becoming increasingly inconsistent. This leaves IT in the situation where it has to manage many different devices running varying software versions, with each offering its own level of protection.
What’s more; even though they’re provisioning their own devices, end users will still turn to the IT department to fix their technical problems. Whether they’re having difficulty accessing their work emails or running business applications, it’s a safe bet that the ICT department will be expected to rectify the problem.
The problems associated with BYOD are clear; as control over mobile devices moves outside of the enterprise, the ICT department begins to lose visibility over the network, leaving it more vulnerable to potentially costly data breaches. The transfer of responsibility to end users is a cause of serious concern for IT directors, who rank lack of employee awareness about security policies as having the greatest impact on the security of mobile data. In addition to these problems, the ICT department is also less able to provide end users with the support and assistance that is expected of them.
The Umbrella Solution
With the combination of these challenges, the need to have corporate compliance policies and suitable management systems in place to enforce them has never been greater. Mobile Device Management (MDM) is one such system, as well as providing data encryption and more control over mobile device access to the corporate network, these systems can also provide the ICT department with the ability to remotely access and wipe an employee device if it becomes lost or stolen; reducing the risk of sensitive data falling into the wrong hands.
MDM solutions also enable IT directors to deliver ‘over the air’ updates to employee mobile devices on the network, putting the control back into the hands of the ICT department and leaving them better placed to provide end user support.
The bottom line is that the volume of employees’ personal devices raining down onto the enterprise is only going to increase as they become increasingly sophisticated and continue to offer more advanced functionality. It is therefore vital that ICT departments take control now. Rather than fighting a losing battle by trying to prevent their use in the enterprise, they should embrace the productivity benefits these devices bring, by adapting the IT infrastructure and implementing an effective management solution.