BYOD and the Balance between Security and Privacy

BYOD and the Balance between Security and Privacy

One of the fastest growing enterprise technology trends in the past year is the policy of BYOD - "bring your own device." With a BYOD policy, employees are not required to use a corporate-issued mobile device, but can instead use their personal tablet or smartphone to access company files, emails, and applications.

From the employee standpoint, BYOD is an appealing concept: you can use the mobile device you like for everything, and you don't have to worry about carrying around two phones in your pocket. In reality, the process of implementing the policy has resulted in some serious confusion and anxiety for many businesses. IT administrators are faced with the daunting task of minimizing the security risks posed by giving several different devices access to the company server, ensuring endpoint security, software updates, and tracking inventory.

In an effort to gain control of the BYOD environment, some IT businesses are relying on mobile device management (MDM) software. When installed on a device, it is not unusual for this type of software to enable the company to remotely manage the phone, collect personal data, add/remove apps, restrict use and erase data. Of course, this has resulted in consumer concern over privacy: is my employer viewing my private information, tracking where I go, what websites I visit, and what applications I'm using?

BYOD 2.0

The BYOD security-privacy balance has proven difficult for enterprise - especially when high numbers of employees are involved and when the devices being used are constantly changing. As a result, many businesses have rejected BYOD altogether, while others seek help from telecom consultants and MDM specialists. Indeed, just about every tech company right now is touting their BYOD solution, though the vast majority of these solutions focus squarely on helping businesses gain control of devices and protect security.

While the first generation of BYOD solutions wrestles with security and control, it is becoming clear that the next generation of BYOD solutions will need to address both security and employee privacy. Employees will want assurance that personal content is protected, that restrictions will only be in place when the device is being used for work, and that web activity outside of work will be kept private.

To this end, we may very well begin seeing mobile devices that are marketed as "enterprise-ready" and are built to prevent security and privacy issues. Another tactic that we are already seeing is the dual-persona phone, using one OS for work and another for personal use. As this technology continues to evolve and we get closer to achieving the security-privacy balance, BYOD will become more of a win-win.

Until next time-

Charlie Nadler
Switchfast Technologies
Managed Services and IT Consulting