TECHnalysis Research Blog Extra

January 15, 2015
Mobile Security: The Key to a Successful BYOD Implementation

By Bob O'Donnell

A great deal has been said and written about BYOD (Bring Your Own Device) programs and their real-world impact on today’s businesses, employees and IT departments. Regardless of your feelings on that matter, there’s no doubt that BYOD has and will continue to influence the conversation around how IT departments need to adapt to the changing world around them.

For most companies, BYOD is seen as a positive move forward. But it does have challenges. Last year, my firm, TECHnalysis Research, fielded a survey with over 300 US-based IT professionals split evenly across small, medium and large businesses. One particularly interesting data point from this BYOD report is that 20% of overall respondents and nearly 30% of mid-sized companies said that, while they dove into BYOD headfirst early on, they’ve started to pull back a bit recently. A key driver for those pullbacks, in many situations, is bound to be security-related issues.

©2014, TECHnalysis Research

Virtually every week we hear and read stories about critical corporate data being compromised because an individual employee’s device was lost or stolen. Given these security concerns, it’s probably not surprising to hear that, according to that same survey, 43% of all companies with BYOD programs have a policy to wipe corporate data from a lost or stolen device. But what is surprising is that a larger 46% of that group wipe out all data on the impacted device—both corporate and personal. Given the increasingly important role that personal mobile devices play in people’s lives—they’ve become the primary camera and digital photo storage device among many other things—completely wiping all that data is clearly an unacceptable solution. Plus, only 26% of employees thought their company wiped all data on a lost device, demonstrating a huge (and potentially litigiously dangerous) gap in understanding between the two groups.

In order to address these concerns, IT clearly needs to develop policies that honor the company’s right to safeguard its own data, while at the same time respecting the individual employee’s desire to not lose their precious data. (Plus, if we’ve learned anything from BYOD, it’s that IT needs to develop win/win solutions for both themselves and employees, otherwise employees will find ways around whatever perceived restrictions IT puts into place.)

One key answer to these challenges is the use of containers, which can separate personal data from work data. Solutions that enable containers allow IT to continue managing access to corporate data and applications, while leaving personal data intact. Not all container solutions are created equally, however.

IT managers need to consider all aspects of a container solution as they do evaluations. How does it work with user authentication and identity? What mobile and desktop platforms does it support? Is it a complete solution or only a partial one that needs to be cobbled together with several other products from several other vendors?

By deploying a robust container solution, IT can feel free to impose very strict, very secure policies around corporate data, while still giving employees access to their own data. In doing so, they can enable all the potential benefits of BYOD, without falling prey to its potential pitfalls.

Here's a link to the original column: https://techpinions.com/mobile-security-the-key-to-a-successful-byod-implementation/38037