BYOD – What’s the damn fuss about?

Let’s be blunt here. If I sit through another presentation telling me that the world is going to end because the guys in accounts want to use their iPads, and that it’s a terrible risk and the worlds going to end, I’m going to puke. If I hear the phrases paradigm shift or Generation X, or hear another commentary on how people aren’t going to take jobs because they can’t use their smartphone, I may well get punchy.

Stop it, all of you. It’s utter rubbish. Marketing types and sales people from West Coast vendors along with people in ICT Departments, I’m looking at you. Shame on you. And I’m going to explain why right now.

Technology is by default, an enabler. Unless you actually sell the technology, you use technology to allow you to deliver stuff and services to people or meet business objectives. That is it. There are implications of doing something a certain technical way, and you can mitigate any issues with a bit more technology or some process.

Technology is in a constant state of change, and we in industry invent stuff, wrap it up in shiny shiny ribbons and then sell it to customers. And the technology that really sells is the stuff that allows customers to meet their objectives cheaper and faster. But this isn’t a stop-start process, it’s a constant flow. Rarely do you find a genuinely game-changing moment, a revolutionary technology. To my mind, I can think of 3 in the last 30 thirty years:

1. PC adoption by business (because it increased productivity and therefore reduced costs, making products or services cheaper for customers to buy/use)

2. Mass adoption of the internet (because it increased productivity, made customers easy to contact and reduced costs, making products or services cheaper for customers to buy/use)

3. Virtualisation (because it reduced costs of deploying servers, making products or services cheaper for customers to buy/use)

Reducing your cost of supplying/transacting means it’s more attractive/profitable to do that thing.

And BYOD is just a manifestation of this. Applications are delivered via browser, because it’s cheaper than having standalone apps. Browsers run on any device practically these days (I am waiting for Firefox for my fridge. It’s only a matter of time). Apples, HTCs and Samsungs are shiny and cute and have browsers. People want to use shiny and cute, and they like the idea of having their personal life and work life on one machine (apparently. Personally I think this is just plain weird). So they want to use their own devices. And here’s the IMPORTANT BIT: if there is a business case to do so, do it. If there isn’t, don’t. If it makes your business more productive, reduces transaction costs then just do it. If it doesn’t, don’t.

And here’s the next reality check. We’ve done this before. Yep. We are just rehashing the arguments of 15 years ago when we gave our staff laptops. They took these devices, with corporate data on, and roamed the streets. We fretted about the security of the data. We fretted about them losing the devices. We fretted about them misusing the devices, either by accident or maliciously. We fretted about them surfing naughtily on these devices. So we put in place remediations to those issues and we got on with it.

The fact that BYOD changes the construct of the relationship with the IT Department slightly is called… change. But it’s hardly a (shudder) paradigm shift. It’s hardly new. We’re going to make sure these devices are fit for business purpose, and then we are going to secure them appropriately.

Sound familiar?

Advertisements

About Graeme Stewart, McAfee

I work for McAfee as Director of Public Sector Strategy and Relations, UK&I
This entry was posted in Bring your Own Device, BYOD, Cloud, Cyber, Efficiency, Govt ICT Strategy, ICO, Information Security, InfoSec, Sophos and tagged , , . Bookmark the permalink.

4 Responses to BYOD – What’s the damn fuss about?

  1. Ellie Hurst says:

    I got to the penultimate paragraph and found myself chuckling. The fear we felt about issuing people with laptops…erm well that is because all these years on and organisations are still losing laptops, USBs etc on trains, in taxis. And they data they are losing is ours! Just ask the ICO about the NHS or better still read their website about the amount of patient records people feel the need to fill their laptop with then lose.
    NASA lose laptop http://bit.ly/z56yjj Nine NHS trusts here lost our data http://bit.ly/AvIkHj http://bit.ly/yB91e5 or http://bit.ly/tqkRdX or how about the ICO perspective http://bit.ly/yj6r4L. A cursory search on any engine will bring up a myriad of lost devices.

    You are right about remediative actions being required but you are working on the assumption that this all works perfectly well already and it doesn’t. If it did we wouldnt need the ICO, instead it is seeking to extend its powers, this is because data protection is not taken seriously enough and people do daft things with data they shouldn’t.

    Its a shame to hear you dismissing those who want a secure implementation of BYOD with their eyes open to all the risks, a tiny sample of which I have shown here.

    It isnt scare mongering to want to alert business to the Risks.

    • Hello Ellie

      It may well be that I perhaps have over egged certain things to generate discussion 🙂

      The truth of the matter is that BYOD is a struggle because the technology is not yet mature enough to work in the same way laptops do. People have a user experience relating to laptops, in terms of connectivity, usability and security, and expect the same on the tablet. The problem here is not the user or the process or the technology: its the expectations. In two years we cannot hope to expect a consumer device (TOY!!!!) to be in the same position as PC computing. As you rightly point out, people are still making mistakes – to err is to be human – in a mature environment. The damage in an immature environment is merely amplified, and therefore the furore is worse

      Graeme

  2. Ellie Hurst says:

    O my goodness we almost agree….discussion is good because then organisations go forward fully armed with a risk assessment and decide based on fact what the best course of action and policy is.
    Its not nice to feel like you are raining on someone’s BYOD parade, and whilst I agree that expectations are an issue ( – FM survey recently highlihgted the fact that young talent want flexibility as a perk from potential employers and it ranks almost as highly as pension!) but I also think that risks exist massivley in all the other areas you identify – user (HUGE) process and technology (Android apps scalping user data without permission, really robust policy and enforcement required to overcome that one).
    Anyway, delighted you repsonded to me and perhps the over-egging was what motivated me to join in!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s