Terry Hartmann and Barton Hetrick recently sat down with Bloor Research’s Nigel Stanley to discuss the growing practice of bringing personal devices into the workplace. Nigel shares his wisdom on the subject below.
A bring-your-own-device strategy (BYOD) challenge that always shines through is the required change in mindset for the IT and security folk.
In the past, a centrally managed command and control strategy ensured that, in many businesses, only pre-approved PCs with specific software builds were issued to employees and only on a very strict refresh cycle.
As an organisation moves to a more relaxed BYOD policy, this is turned on its head as employees start to dictate what devices can and can’t be used at work. Achieving a balance of supporting BYOD, but at the same time ensuring security is very difficult. It is a problem that many businesses are struggling to get to grips with.
The good news is that with decent planning, policies and technical controls these issues can usually be addressed to everyone’s satisfaction.
Certainly for a BYOD project to be successful, both in the eyes of the business users and the technical folk, lots of elements need to be addressed and the devil is in the detail. A holistic solution is the silver bullet that everyone looks for, but will often face technical and political resistance as it will, by definition, touch on many areas across the business including incumbent suppliers and technologies.
Winning the hearts and minds of the various technology owners and stakeholders is arguably the biggest challenge, and one I have personally faced up to many times with varying success.
Over the next 12 months I see more and more businesses having to shift their systems and processes to accommodate mobility – whether they like it or not.
Increased use of mobile devices means that customers and clients demand access to businesses at all times of the day and night via channels other than a traditional phone call, such as via social media feeds. If a business fails to support and resource these additional communication channels they will be in danger of losing revenue and sales opportunities. This will place stresses on business processes geared up for single channel communication and, in some cases, businesses may need to reengineer the way things are done.
New security threats will emerge to target these channels and unless a business remains constantly vigilant and up to date with new and emerging attacks, their new found communication channels could be the source of a major security breach.
Technology changes in the mobility space are breathtaking, and the next 12 months will see more changes than ever.
The dominance of BlackBerry is now under significant threat, something that would have been unthinkable a few years ago. This is despite the superior security posture of Blackberry devices as users demand to make use of Android devices and Apple iPhones. Unfortunately, security comes a poor second when challenged by the latest consumer device with fashionable new features. Windows Phone is starting to turn heads and Microsoft’s marketing muscle should never be underestimated, especially with Redmond’s need to push Windows 8 across devices in the next 12 months. I expect to see new devices emerging over the next year that are better, smarter and cooler than ever before. Hopefully these devices will be more secure as vendors update their operating systems based on their experience of dealing with hackers targeting these devices.
Network operators will continue to address the technical challenge faced by their networks as data volumes increase exponentially and the race to LTE/4G networks should be firmly underway as network performance will increasingly become a selling point. New and more innovative apps are emerging that make use of innate mobile device capabilities and the imagination that app developers have is astounding.
Over the next 12 months, one thing is certain; consumers will rush in their hundreds of thousands for the latest and greatest mobile device. The combination of technology advancement, sleek design and cool factor will ensure that consumers race for the latest device to show their friends. As mobile devices become further embedded into consumers’ lives, businesses that are not mobile device friendly will start to lose out in various areas. This includes in the “best places to work” awards as a new generation of workers demand to use their devices in the workplace. Implementing a well thought through and robust BYOD plan to accommodate these consumer shifts safely and securely needs to become a priority for most businesses over the next year.
Nigel Stanley heads up the Security Practice for Bloor Research, and is CEO of Incoming Thought Limited, a Bloor partner company specialising in security consultancy and education.
He has written three books on database and development technologies including Microsoft .NET and is working on a number of security related assignments. Nigel has significant expertise in the field of cyber warfare, cyber terrorism and cybercrime. His current research interests include the use of smartphone and mobile devices as a threat vector to organisational security and he is able to bring his technical knowledge together with practical experience of security work into his analyst work, offering unique insights from the front line.
Nigel is a member of the Institution of Engineering and Technology, the British Computer Society and the Institute of Directors. Nigel has an MSc in Information Security from Royal Holloway, University of London where he was awarded the Royal Holloway Information Security Group – Smart Card Centre Crisp Telecom Prize for his dissertation “Experimental Analysis of the Security Features of Google Android and Windows Phone 7.0”.
To read more from Nigel, please have a look at his blog on the Bloor Research web site.