BYOD the Next Generation: More Devices, Deeper Data Access, New Thinking

By Michelle Maisto  |  Posted 2013-02-06

BYOD the Next Generation: More Devices, Deeper Data Access, New Thinking

The numbers of mobile touch points in our lives are increasing—dramatically—and are only expected to rise. Verizon Wireless and AT&T offered evidence of this last summer when each introduced plans that changed the carriers' basic business plans, focusing on deep pools of data from which multiple devices can sip, instead of the needs of individual devices.

The latest news reports provide further evidence on a daily basis of how pervasive mobile technology is becoming in our lives. Tablet shipments are expected to reach 258 million units by 2016, according to Gartner. By that same year, IDC expects smartphone shipments to reach 1.4 billion units.

SBC believes that by 2015 assembly lines will turn out more than 30 million cars with wireless connectivity capabilities—cars that will be able to email the office, acknowledge the devices in our pockets and bags when we sit down, and even recognize us as we pull into our driveways to turn on specific lights, adjust the thermostat and activate many other functions.

Our televisions will connect to the Internet. More than 122 million of them are expected to ship with Internet connectivity by 2014, according to Display Search. We will even connect our homes to the Internet, enabling us to check from the office that the back door is locked, while the refrigerator orders more milk.

Faced with this onslaught of mobile connectivity, businesses of all sizes have been confronted with the question of how to make productive use of the technology without taxing their available IT resources or compromising the security of corporate data.

Their response—bring your own device (BYOD) policies—resulted from personal smartphones becoming ubiquitous. But as each of us becomes connected to more mobile devices, does it signal the need to rethink BYOD? It is time for the next-generation of mobile-device-management (MDM) policies for dealing with an onslaught of mobile touch points? The experts say, not exactly.

"IT basically has three choices—layer on new MDM solutions on top of old ones, switch over to new MDM solutions that encompass existing and future devices, or turn to a cloud-based solution," Ken Hyers, an analyst with Technology Business Research, told eWEEK.

"The problem with just continuing to add new MDM solutions on top of old is that expenses for licensing and administering multiple solutions pile up, as does complexity," Hyers continued. "They could throw out all of their old systems and switch to a new one that covers all devices, but most enterprise IT departments are loath to get rid of existing solutions because the effort of untangling them from their internal systems is too difficult, and eventually the new systems will become outdated."

That leaves one option.

Cloud-based MDM systems "seem to be the direction enterprises are moving in to manage BYOD," Hyers concluded, "so I expect cloud-based mobile-device management and security will become the new norm in the coming months and years.

BYOD the Next Generation: More Devices, Deeper Data Access, New Thinking

Shifting Focus From Devices to Data

"It's about how you can protect information, not the device," Jaspreet Singh, CEO of Druva, an integrated endpoint backup solutions company, told eWEEK.

"What enterprises are trying to standardize on is data access, rather than managing devices, which are most likely iPhones and iPads, anyway. If you can standardize how data is accessed, the device won't matter," Singh continued. "If you're hung up on devices, you're fighting the wrong war."

According to Singh, the majority of data leaks are caused, often unintentionally, by insiders—an issue that won't be solved with mobile-device management (MDM).

"MDM is a basis," he said. "It will maybe provide a sort of initial obstacle and help to manage devices a little better. But the real problem is how to protect enterprise data at the document level."

The avenues along which a security violation might occur are seemingly endless, whether it's Facebook, Windows 8, Dropbox or a USB stick, Singh continued. "Information rights management [IRM] is the future of protecting data—that's my view."

Microsoft, which includes IRM in its Office 2013 and Windows Phone 8 software, describes it as a way of specifying access permissions to various content and preventing sensitive information from being printed, forwarded or copied by unauthorized people. If, for example, a sensitive email is forwarded to someone who hasn't been approved, he or she won't be able to read it.

"After permission for a file has been restricted by using IRM," Microsoft explains on its site, "the access and usage restrictions are enforced regardless of where the information is, because the permission to a file is stored in the document, workbook or presentation file itself."

Steve Bulmer, a principal consultant and strategist with data center solutions and services company Datalink, said he hears people shying away from the term "virtual desktop" in favor of "end-user computing."

"Whatever you call it, you have to manage getting the content to the end point, whatever that is," said Bulmer. A lot of that is likely to take place at the network-authentication policy level, he said. Companies will need to set up access criteria or a way to detect if a device is a trusted one.

Eventually, Bulmer told eWEEK, "I think people are going to use a master password to unlock individual passwords."

In the consumer space, Verizon, with Criterion Systems and other online identity and technology companies, is currently testing the feasibility of a single, highly secure user-password combination. The companies were recently awarded a government grant to test whether consumers would trust such a system.

"Our philosophy is to think about centralizing information. We think about it from a security perspective, from a content-delivery perspective and from a BYOD perspective. We don't want users saving information on their personal devices and taking it with them—we want them saving it to a secure space," Bulmer continued.

"Another challenge of BYOD is when you have a knowledge worker using his favorite device. How can I guarantee that person is taking care of the device? What if that person's kid spills Pepsi into the laptop? ... You need to centralize the data at the data center or in the cloud, not on the device."

BYOD the Next Generation: More Devices, Deeper Data Access, New Thinking

More Personas on the Ground, More Data in the Clouds

AT&T is leading the charge to embed communications technologies into increasing aspects of our lives. From the living room to the car, the office and where we unwind, "there are embedded solutions or they're coming soon," said Mobeen Khan, executive director of Mobility Marketing at AT&T.

AT&T's approach to this, Khan told eWEEK, is "personas."

"All of us have multiple personas, as we go about our lives. We're workers; we're at home, communicating; we're the coaches of our kids' basketball teams and all of these different personas require us to use different apps and different data," Khan explained.

"The way we are structuring the solution is that it's not Mobeen or Michelle logging in, but that persona logging in. What that means is when you come into work, if you log into your tablet it gives you access to your work apps. But when you're watching your TV, you can also access social networks. But perhaps someday on your home TV there will be a container for work content, too."

Making this approach possible, of course, is the cloud.

"It's all tied to the cloud, because it's less about the device than the software," said Khan. "The data or the cloud or the apps know the capabilities, or non-capabilities of the device you're accessing it from."

How an increasing number of touch points will change, or already is changing, businesses and our lives probably depends on whom you ask, said Charles King, principal analyst with PundIT.

"It's one of those, 'If all you have is a hammer, everything looks like a nail' instances, where vendors define a problem according to the solutions they're good at building," King told eWEEK. "But while the overarching issue is increasing complexity due to the increasing number of touch points of an essentially heterogeneous nature [hardware, OSes, apps, etc., that are different, often radically so, from what IT is used to], its effects are neither constant nor common to every organization."

Technology simply isn't at a point yet where a single approach, the cloud—a sort of 21st century equivalent of the single drawbridge leading to a castle—is viable for every organization or situation, said King.

"Connecting to work via the cloud is certainly viable in many instances, but what about employees utilizing notoriously porous public WiFi networks in coffee shops and restaurants to access corporate data? Any company that offers workers cloud access without providing high-quality authentication tools is, quite frankly, nuts," he continued.

"At the end of the day, supporting BYOD is really about companies attempting to enhance the efficiency of their employees," King added. "But working in new ways requires nearly everyone to rethink and often revise the way they approach those processes."

Follow Michelle Maisto on Twitter.

Rocket Fuel