By Dan Lohrmann
A radical change is sweeping across the global workplace: mobile technology is redefining the boundaries between work, home life and play.
According to IT analyst firm Gartner, the rise of bring your own device (BYOD) programs is the single most radical shift in the economics of client computing since the introduction of the personal computer in the workplace.
Bringing your own mobile device offers many benefits. Employees are comfortable with the various features and functionality of their preferred—and often beloved—smartphone. Also, using personally-owned mobile technology can eliminate the need for carrying two devices—one for personal use and the other for work.
How are you responding to this new trend? No doubt, there are significant challenges to securely and effectively implementing BYOD – as an enterprise or as an individual. Still, are you a leader, a follower, or are you part of the loyal opposition when it comes to radical shifts in the workplace?
My Journey to BYOD
Over the past 25 years, I’ve often been a naysayer when new technology emerged at the office. In fact, in my early days as a chief information technology officer in 2003, I almost lost my job fighting WiFi adoption.
Armed with plenty of stories of hackers and security white papers from three-letter agencies, I fought the initial implementation of wireless LANs in state and local government enterprises. Who would have thought that fast food restaurants and coffee shops would offer free WiFi around the world a decade later?
With the help of mentors, I learned important lessons that helped me to put cybersecurity into its proper role as a business enabler. When cloud computing challenges emerged a few years ago, Michigan became one of the first states to offer secure cloud alternatives.
Today, I believe that BYOD is the new WiFi. Security and privacy leaders need to engage and lead BYOD planning efforts in order to ensure that the needed protections are in place.
Where to Start?
In BYOD for You: The Guide to Bring Your Own Device to Work, I attempt to answer the question: How can end users be smart with BYOD?
The journey starts by categorizing your current situation which should be based on your employer’s approach to items such as company policies, security, reimbursement, and the planning and use of mobile device management (MDM) software. I describe three common BYOD workplace scenarios as Gold (the strongest, most in-depth policy), Silver (some policy) and Bronze (limited or no policy) and use these categories to describe other factors affecting your BYOD experience.
For example, if your company has a strong BYOD policy, you are fully reimbursed for bringing your own device to work and your company deploys MDM software, you will probably use the Gold advice. On the other hand, if you do not receive any stipend for bringing your own device, your company has no BYOD policy and no MDM software is deployed, you should follow the Bronze advice.
Not all of you will fit perfectly into one of these three levels; in fact, you may fit into multiple categories. Still, try to determine your BYOD level as Gold, Silver or Bronze.
Defining Gold, Silver, Bronze
Consider these examples to help determine which category suits your situation:
- Work Policy: BYOD policy
- Security Policy Enforcement: Strong
- Mobile Device Management (MDM): Yes
- Smartphone Monthly Cost Reimbursement: Good
- Use of Own Device for Daily Work: Extensive (most online activities)
- Work Policy: Some policy applies
- Security Policy Enforcement: Varies
- Mobile Device Management (MDM): Minimal, may sync w/ Microsoft Exchange
- Smartphone Monthly Cost Reimbursement: Partial, sometimes
- Use of Own Device for Daily Work: Mixed (email, browsing, several apps
- Work Policy: No BYOD policy
- Security Policy Enforcement: Varies
- Mobile Device Management (MDM): None for personal devices
- Smartphone Monthly Cost Reimbursement: None
- Use of Own Device for Daily Work: Generally light (email only)
Evolving BYOD Landscape
Regardless of current limitations, the good news is that technical capabilities and innovative solutions will constantly change your environment and options. So, just because you are in the Bronze category now, doesn’t mean you’ll be there next year, or even next month.
Don’t be hesitant to suggest to management that the company needs a BYOD policy update. The goal is to maximize your BYOD benefits within the boundaries of your company’s rules, but understand that your suggestions to move to a higher level (Silver or Gold) could benefit both parties.
Bottom line – well-meaning professionals are taking risks by ignoring this trend. You can be an enabler of BYOD solutions and benefit your career at the same time. Learn more at byod4u.com
Dan J. Lohrmann is an internationally recognized security leader, technologist and author. He is best known for his refreshingly practical commentary on technology and clear advice on computer security and ethics for home and work.
As Michigan CSO & Deputy Director for Cybersecurity & Infrastructure Protection (CIP), he leads the Michigan Cyber Initiative, which was launched by Governor Snyder at the 2011 Michigan Cyber Summit. Dan is also a lead on several federal Department of Homeland Security (DHS) committees and National Governors Association (NGA) efforts in cybersecurity.