The ‚Bring Your Own Device‚ idea is not old, nor is it science fiction. But, according to BARRY GILL of Mimecast, CIOs need to adjust their internal security policies to accommodate these devices instead of ignoring them and exposing a company to any hazards they may bring.
The concept of ‚Bring Your Own Device’ has been with us for many years, it’s just the interpretation of it that varies.
For decades, the realm of science fiction has portrayed inconceivable concepts and technologies as innovations just within our grasp.
From Jules Verne’s musings on lunar travel, a century prior to Neil Armstrong’s first steps on the moon, to Arthur C. Clarke’s orbital satellites in 1945: fanciful and fantastic literature has helped to prepare us for the technological revolutions we are currently experiencing.
Today, this notion has particular relevance to the consumerisation of technology.
For years, we imagined a world in which we could communicate with friends and family by video, access information wirelessly or instantly connect with thousands of likeminded individuals across the globe.
Smartphones and tablet PCs were developed to meet these desires and have subsequently resonated with every age, gender and culture group to a degree we could not have predicted.
Naturally, corporate employees are beginning to request access to enterprise services on the devices they feel will help them to carry out their jobs more effectively.
In response, many high level executives are juggling with the benefits and drawbacks related to allowing employees access to internal networks and applications using technology which exists outside of approved risk policies and security models.
The reality is that the concept of ‚Bring Your Own Device’ has been present for some time already. Tablet PCs and smartphones are as equally disruptive as Lazlow Biro’s ballpoint pen was to the corporate environment in the early 20th century, the only significant dissimilarity is the volume of requests and the technology associated with them.
Instead of choosing to ignore the workforce’s desire to use new and intuitive devices to drive process efficiency, CIOs should instead focus on updating internal security profiles and corporate governance to accommodate the demand.
Key to this is basic understanding. Any organisation considering the empowerment of its staff through an open hardware policy should take the time to understand these new innovations and the hazards they may carry.
Furthermore, executives should ensure that this strategy allows for the education of staff with regards to the risks they could potentially be exposed to when using a mobile device to access corporate information. This includes scheduling regular user feedback sessions during which employees are able to communicate their concerns and desires.
In doing so, an organisation can ensure that its workforce is aware of risk areas and device trends while proactively responding to changes in behaviour and need.
Finally, it is vital that IT decision makers implement security policy which profiles employees and awards them the use of their own devices according to the sensitivity of the material that they access.
If an employee regularly interfaces with business process and financial information that is essential to the continued success of the organisation then it is acceptable to require them to meet certain criteria, such as remote access and an encrypted application environment before granting admission.
When coupled with a security policy that integrates security features such as location based positioning and remote wipe, the concept of ‚Bring Your Own Device’ becomes far less foreign and more centrally controlled. With these factors in place, IT executives can rest assured that the organisation’s risk profile has been minimised.
In the same way science fiction has inspired thought and openness toward new ideas, so the consumerisation of IT and ‚Bring Your Own Device’ have the potential to act as indications of what to expect in years to come.
‚Disruptive’ innovations are far less unsettling when organisations adopt a flexible attitude towards technology.
As the great science fiction novelist and thinker, Isaac Asimov, once noted:
‚If knowledge can create problems, it is not through ignorance that we can solve them.‚