Enterprises Haven’t Gotten a Handle on Mobile Security
What the chaos taught us was that business had to start taking mobile security seriously. Previously, many businesses had open WiFi access points. There were no real standards as to what could live on a phone and what couldnt. People were storing sensitive, work-related material on their iPods and nobody cared, because there were relatively few of them. But when the sales of the iPhone exploded, so did the security woes of the enterprise. Security managers finally figured out that company employees were walking around with tiny computers in their pocketscomputers that contained sensitive corporate data that could walk out the door and disappear.Now, everyone knows that BYOD is here, but far fewer have any clue what to do about it. How do you cope with all of those devices? The answer, it turns out, is that a company either embraces them in the name of employee productivity and morale (BYOD does not actually save any money and it might be more expensive than company-provided devices) or ban them entirely either in the name of security or the name of compliance. Some companies have no choice. I have a relative who carries a government-issued BlackBerry that hes required to use for his official communications. I know a number of people who work in financial services who must also carry BlackBerrys for business use. The rationale is that a BlackBerry under the control of a BlackBerry Enterprise Server environment is vastly more secure than anything else, and thats probably true. But that anything else part of the equation has changed. With the addition of third-party software from Good and others, many non-BlackBerry smartphones can be made to be very secure, at least in terms of email and enterprise apps. But beyond that, security varies depending on the user and the device. This keeps the IT department awake at night, especially when they dont own the phone and have only limited management ability. But like it or not, the iPhone, and the other phones from Google and Microsoft that it inspired, are here, and theyre here to stay. Apple started the whole thing with the iPhone, but Apple wont be alone in moving the trend forward.
And with many companies, thats where we are today. The IT department is still trying to grapple with the dozens of different smart devices that show up at work on any given day. Theyre coping with figuring out what devices can be made secure, what cant and what they dont know. But with the exception of a few organizations, such as the government and financial services, BYOD has arrived.