Ad Here  
More Smartphones to surface! 2012 – year of the DDOS PM favours GM technology Tablets for all... A heavyweight in space tech Steering technology through SMS Sholinganallur to Siruseri Living with it... In the age of technological disruption... Voyage to the red planet India Innovates Why this anti-science stance? Untapped segments... Android app to help paralysed people Clipping the butterfly’s wings Financial transactions of the future… … and they are back again… Wave 3 ICT – crystal ball gazing Explosive expansion... Riding the Data Wave The real hero in India’s battle against black money Sustainability and technology – the Grundfos thrust When the setting itself becomes the protagonist “PhoneSat”, successfully launched The case of Insider Fraud Who bit Whom? Your privacy – Government’s business! Shop with a click Maintaining Data Privacy Net access through balloons... In a connected world... Take a bite of Google’s KitKat Moving towards BYOT… Free the NET... Money in a minute! Cost effective services and better network control
Moving towards BYOT…
Bring Your Own Device-BYOD has been a contentious issue among information workers. Security practitioners frowned on it as a sure gateway for malware and other causes for infractions on the information network.
THE SECURITY CAMP appeared to be winning their cause when we found a general acceptance of the stand that BYOD is bad security practice. Policies were quickly changed to add a clause barring or severely restricting BYOD. This found its due place in almost all awareness programmes. As the security camps in organisations were busy frowning over those who were attempting to violate no-BYOD stand, another trend was slowly but steadily coming through –information workers started to move away from bringing in their own devices and moved towards bringing their own technologies (BYOT), either via their own devices or via the cloud. The trend is well brought out in a survey covering 9912 information workers covering seventeen counties. In the words of Connie Moore of Forrester, the principal author of the report: “it illuminates the bring-your-own-technology (BYOT) phenomenon, an inexorable shift from centralised procurement and control of IT devices to stewardship of technologies that are largely self-provisioned by employees. Insights into which technologies employees choose and buy with personal or corporate funds will help CIOs determine staffing levels and competencies, better allocate corporate IT budgets, and develop new policies and governance.”

Traditionally, any of these “bring-your-own” was generally found in the domain of those who like to use typical do-it-yourself sets and build devices and applications. However the findings of Forrester Forrsight’s Workforce Employee Survey point to a greater interest in BYOT than merely that of gadget nerds. The survey results published a few months ago estimates that 53 per cent of workforce employees bring their own technology for work purposes; 43 per cent leveraged their own personal devices, 16 per cent installed unsupported software, and 19 per cent used unsupported Internet-based services in their jobs. This trend is in striking contrast to what many would like to see in workplace since proliferation of BYOTs are regarded as vulnerabilities seriously impacting the risks associated with the systems where these BYOTs are deployed.

A new trend...

Another interesting trend that demonstrates the growing importance of BYOT is that 55 per cent of the information workers surveyed are paying out of their personal funds to procure at least one device used for their work purposes. This is a rather new trend when employees are generally known to seek reimbursement of expenses incurred by them for matters relating to their work and in some cases even when the expenses obliquely relates to their work! This trend of information workers spending personal funds for BYOT is not uniform across the regions with 74 per cent of respondents in emerging economies resorting to this practice compared to 44 per cent in developed economies. Another interesting finding relates to the organisational hierarchy of those who demonstrate this phenomenon, cutting across geographical boundaries. 77 per cent of those who have a designation of Director or equivalent and above are involved in the purchase of their personal technologies for use in their workplace. This is understandable given their higher disposable income. What this also points to is that those who have a greater ability to influence IT policies are those who are spending their personal resources to bring their own technologies to workplace. This could lead to a potentially unenviable situation where the sheer volumes of BYOT brought into the system by information workers may be too overwhelming to be controlled through a policy preventing the use of BYOT. Another possible fall out is that these decision influencers will move to make policies that may favor BYOT use.

If we were to stop looking at BYOT from a purely security perspective, it promises to hold some significant business benefits– both in the short term and in the long term. The rapid proliferation of convenience-driven technologies available both in gadget forms and as applications are bound to catch the attention of business users of IT.

BYOT is today in the realm of tech-savvy business users of information technology systems. However it will soon become ubiquitous, driven by the increasing acceptance of cloud computing. Organisation will then be asked to stay current, accepting BYOT or face technological obsolescence that can threaten the organisation’s strategic competitive advantage.  

Security issues to be addressed

The frequently mentioned risk in letting BYOT come its full cycle is that employees will store official information on personal devices using non-standard technologies. This has a few security issues that require to be addressed – firstly that the personal device or technology or application or a combination of these may not be configured to meet the security stance of the organisation. The idea of attending to each of these devices and configuring them to meet enterprise security standards is clearly not workable.

Secondly, there is no process to ensure that the users of personal devices carrying their personally preferred technologies do not connect it to third party networks resulting in being infected with spiders or crawlers capable of penetrating and extracting information while leaving virtually no forensic trace. Thirdly, the possibility of physically losing devices on which enterprise information is stored remains real. Fourthly, in most of the cases where enterprises support, albeit in a rather restricted manner, the non-standard technologies, they often deploy methods to remotely wipe off data stored on devices reportedly lost or compromised. While this will ensure that no confidential data falls into unauthorised hands, the danger of such remote wipes removing personal data cannot be ruled out.

Other challenges...

If business pressures make BYOT an acceptable process, there are other challenges for the IT manager that is not necessarily related to security concerns. By its very definition, BYOT is all about managing a large number of technologies and devices that are non-standard. The mushrooming of SMEs in the application development space and the large scale adaptation of these third party applications by device manufacturers will challenge the IT manager when it comes to supporting these diverse devices and applications.

The IT Manager runs the risk of not being able to support devices or applications that interact with enterprise data. In those cases, the information worker will opt for third party support which will increase the risk of unauthorised disclosure or compromise of enterprise data. These risks are to be balanced against the growing demand for BYOT. At this point in time, it is not very clear if the security lobby will thwart the BYOT surge or will the user-convenience lobby have its way and ask security professionals to build controls given that BYOT is here to stay.

Author :
Reported On :
Sector :
IE, the business magazine from south was launched in 1968 and pioneered business journalism in south. Through the 45 years IE has been focusing on well-presented and well-researched articles. When giants in the industry stumbled to keep pace with the digital revolution, IE stayed affixed embracing technology.
Read more
Economist Communications Ltd is committed to ensuring that your privacy is protected.
Read more
You agree that your use of this Website and the purchase of the magazine will be governed by these terms and conditions.
Read more
S-15, Industrial Estate,
Chennai - 600 032.
PHONE: +91 44 22501236