IBM Bans Apple's Siri on Big Blue Networks for Security Reasons

IBM has banned Apple's Siri digital assistant--along with other apps and services--from its networks out of concern for security and privacy. Big Blue realizes the move to enable workers to bring their own devices to work offers both benefits and challenges.

As well-mannered and well-intentioned as she may be, Apple€™s Siri is not welcome at IBM€”at least not on the company€™s networks.

According to an MIT Technology Review report, IBM has banned the use of Apple€™s Siri digital assistant on its networks because of security and privacy concerns.

€œThe company worries that the spoken queries might be stored somewhere,€ IBM CIO Jeanette Horan told MIT Technology Review.

And, indeed, Wired Enterprise explained:

"It turns out that Horan is right to worry. In fact, Apple€™s iPhone Software License Agreement spells this out: €œWhen you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text,€ Apple says. Siri collects a bunch of other information€”names of people from your address book and other unspecified user data, all to help Siri do a better job."

More and more enterprises are moving to adopt bring-your-own-device (BYOD) strategies, which tend to enhance employee productivity and job satisfaction as employees can use their own devices to get work done. Yet BYOD is fraught with challenges such as that posed by Siri.

Not only is security a concern, but as much as BYOD can promote productivity, it also can possibly draw from it if employees want to access media or play their Angry Birds or Words With Friends during working hours.

Of course, like Siri at IBM, many types of media, apps and games are suppressed or banned on company networks under BYOD policies and acceptable-use agreements. These agreements tend to include clauses in which employees have to agree to allow the company to remotely wipe or delete data on their devices in the event it is lost or stolen.

Enterprises employ various methods of controlling or managing how employees use their personal devices on the companies€™ systems. For instance, many use geo-fencing, which is the practice of limiting mobile employees€™ access to certain apps and data when they are within the company€™s premises. And when they leave the premises, depending on their role, they may no longer have access to sensitive company information€“so their neighbor on the train home can€™t peer over and see sales figures, revenue forecasts or whatnot.

In addition to banning Apple€™s Siri, IBM also disallows the use of public file-transfer services such as Dropbox, Horan said.

Companies have to monitor and control devices in the corporate enterprise€”both those provided by the company as well as personal devices brought in by employees under a BYOD program.

Speaking on a panel at IBM€™s Impact 2012 conference in Las Vegas on May 1, Bob Sutor, vice president of the IBM Mobile Platform, said: €œPeople lose mobile devices far more often than you think.€ So IBM employs a policy of being able to remotely wipe devices. €œBut we try to differentiate and say these are the general security infrastructure items we have to include. And for people who do want to leave something on the phone, we did encryption.€

Dale Potter, CIO at The Ottawa Hospital in Ottawa, Canada, said the hospital is so aggressive with mobile and BYOD that he gets calls from the Information and Privacy Commissioner of Ontario about keeping sensitive data secure.

Potter said the hospital gives iPads to a growing number of its staff, mostly physicians, but others as well. The hospital also provides iPhones to some staff and allows workers to use their own iPads and iPhones on the hospital network in a BYOD environment.

€œWhat I like about the iOS devices is they have hardware encryption,€ Potter said. €œWe also have Android devices and other mobile devices in our supply and that€™s more of a worry. There€™s potentially more of a problem with Android because of its software encryption.€

Potter added that the move to more mobile devices has meant a decrease in PCs at the hospital. €œThe world is changing; my PC requests have dropped 50 percent,€ he said. €œWe€™re ripping out PCs because everybody€™s carrying an iPad.€ The hospital has 3,000 iPads, he noted.

IBM€™s Sutor said demand for BYOD is growing at IBM. €œOf course, IBM has its own corporate rules,€ he said. €œIBM has 440,000 employees. Of those, 120,000 access the network via mobile devices€”and 80,000 come from employee-owned smartphones and tablets.€

So the move to empower employees with smart mobile devices that enable them to work remotely and access key systems from wherever they may be is clearly growing. For most, it is a function of enhancing productivity. But for Potter and his environment, it could be an issue of life and death.

€œIf I tried to remove the mobile devices out of our environment, not only would it be life-threatening for me, it would have safety issues for our patients,€ he said.