BYOD seems like an easy way for enterprises to save money and keep users happy, but security issues can create problems that far outweigh the benefits.
Users want BYOD. Theyíre eager to access corporate files with the same device they use for Angry Birds, and some users are even ashamed to tote BlackBerry devices.
But there are plenty of perils that can befall a userís shiny iPhone beyond dropping it in the toilet. A rise in smartphone theft means that, despite the enterpriseís and userís best intentions, the trendy phone could still end up in the wrong hands, chock-full of sensitive corporate data.
An employee could quit or be terminated, with downloaded data still on the phone or tablet that, technically, the ex-employee owns. Or, the employee could trade in his or her old phone without wiping it, leaving sensitive data just waiting for whoever purchases the refurbished phone.
The first instinct for most companies is to treat BYOD devices like company-issued BlackBerrys: Wipe them remotely. Thatís fine if the device isnít used for anything personal, like cute kid pics and (legally) downloaded music, but the vast majority of employees support BYOD because it allows them to carry just one device for business and pleasure. If the phone ends up just being misplaced, regardless of the legal ramifications, and regardless of what the employee signed agreeing to remote wipes, thatís going to be one angry employee waving a shiny, bricked smartphone at IT.
Then thereís the possibility of data breaches. According to a recent survey by Decisive Analytics of over 400 CEOs and senior IT executives, almost half of all companies with BYOD had security breaches as a direct result of employee devices accessing the corporate network. Despite most of these companies (83 percent) requiring security software, they still experienced breaches. Thatís worth noting, because the smartphones that employees choose, typically iOS and Android devices, are not as secure as BlackBerrys.
Companies also need to make sure that users arenít downloading malware. Just this past summer, malware masquerading as Android anti-virus software caught some users flat-footed. Third-party app stores teem with malware that can expose companies to security breaches and other threats.
The Decisive Analytics survey also pointed to an increase of 41 percent in costs for some companies that introduce BYOD, mainly around tech support. It makes sense -Ė someone canít access his email on his new iPhone, and he calls IT. Itís an easy enough fix, but it takes time that IT could better spend proactively managing company assets.
BYOD isnít making life easier in the enterprise for IT managers. In response to a recent survey, almost half (48 percent) of IT managers want to standardize their mobile platforms with Windows Phone and Windows RT, Microsoftís OS for smartphones and tablets, respectively.
IT managers believe that it will be easier for employees to use the Microsoft Office productivity suite on a Windows OS device -Ė but they may also be hoping to eliminate some of the BYOD security concerns with devices that canít access as many apps, as Microsoft has a very small share of the mobile market.
However, Windows OS devices came in fourth, security-wise, in the Decisive Analytics survey. That may end up backfiring on IT managers who are looking for security and standardization. (Whether or not Windows devices really are less secure remains to be seen.)
Itís likely that thoughts of a company-wide standard for mobile devices is a pipedream concocted by IT managers who donít want to worry about mobile device security, or who are tired of supporting multiple mobile platforms.
Is it too late to stop the BYOD wave, or can IT managers make a case for a single, employer-provided platform that leaves no question as to who really owns the device?
— Christine Parizo is a freelance writer specializing in business and technology.