Click here to close now.

Welcome!

Security Authors: Elizabeth White, Liz McMillan, Vormetric Blog, Pat Romanski, Brad Thies

Related Topics: Security, Java, Wireless, Web 2.0

Security: Article

Defining BYOD Policies

In 2013, analysts say there was an 81% growth of mobile devices worldwide.

The rise of mobile is still going strong and it shows no signs of stopping!, In 2013, analysts say there was an 81% growth of mobile devices worldwide.

Actually, according to the new Cisco report - "Mobile Data Traffic Forecast Update" - the mobile traffic in 2013 was 18 times the size of the entire internet in 2000. The study reports that in 2013 the internet traffic per user averaged 356MB of data a month. Even more amazing, is that the trend expects it to increase to 3GB per user in 2018.

All of these changes - the use of mobile data, the internet of things - all have real world applications on our businesses. Now, if you've been getting comfortable with BYOD so far, be careful with the expected twists and turns. More and more devices are being introduced to the market, new services and apps as well. Despite the turbulent start, everyone seems to be jumping on the BYOD wagon; but some companies, who are not planning ahead, should really start looking forward for those upcoming pot holes. CIOs can expect real security threats to emerge, hidden costs, legal affairs with employees and many other issues... The solution? An effective policy covering all angles of the BYOD practice from all its perspectives and of course an MDM tool.

Over the last months organizations' employees have embraced the BYOD practices, CIOs are concerned about security issues, lawyers have given their advice, and MDM vendors have taken their message to the companies. But while CIOs try to come up with the best solution to police this practice, users continue to buy more products and increase the type of devices.

Aberdeen considers that understanding what is going on is a must. They ran a survey this January to find out that 3 of 4 responders have a BYOD program in place; yet two thirds of these plans are not enforcing compliance, security, or legal policies.

Mark Charleton from Blue Solutions told us that CIOs are concerned and thankful with the MDM vendors for pushing their messages of compliance and security to the business managers. This helps them to take this topic to the management table in order to become a BYOD enabler together with the other operational areas including HR, Sales, Marketing, Operations and Legal.

However, all these concerns about hidden costs and hard-to-measure worker productivity don't matter to the employees as their convenience to have business and personal lives blended in one single device. Somehow the tables have turned, the employees are in the driver's seat!

The Dirty Little Secret

Horror... horror!

When it comes to BYOD expense reporting, employee's behavior isn't exactly criminal, but it is cheating. The temptation to submit a huge expense report for the personal smartphone that might have been used for work purposes could be too high to resist.

According to the mobile consultancy "Network Sourcing Advisors," even when the BYOD policies clearly state otherwise employees include their family plans, upgraded phones and termination fees to their BYOD expense plans. Executive globe-trotters would rack up huge international charges and float them past the inattentive eyes of finance.

Companies often counter this abuse by putting a monthly stipend or cap on reimbursement. But let's be honest, most people will ask for the highest stipend and sign up for the biggest data plan so that they won't be hit with overage charges.

The fact is that employees don't really want to pay for their smartphones, tablets, and laptops. They just want an easy-to-use device for their work and their personal life, and of course it is better if the company pays the bill.

This trend is racing towards chaos in the 2014. The number of smartphones, tables and even Laptops under the BYOD umbrella is increasing by day. Complications and confusions are forcing changes to BYOD policies.

Can you COPE?

Some few companies have enabled a hybrid approach called COPE - Company Owned, Personal Enabled - model. COPE is the opposite of BYOD. Businesses using a COPE strategy provide their employees with IT devices and gadgets to be used and managed by them; the companies maintain ownership of such devices, so they can monitor and control their activity to a complete degree. Besides business purposes, employees can use their devices for their personal activities. COPE may be a less expensive option that BYOD, in which employees are often reimbursed for all or part of the cost of the devices they buy. This is because if the company buys devices, it can generally get them for less than retail price. COPE also gives the company more power in terms of policing and protecting devices, thus reducing many of the BYOD risks.

In 2014 and 2015 companies not using COPE will put practical BYOD programs and policies in place. Both mobile models imply the need to accelerate the businesses and move to SaaS. To those that can't COPE, modernize their core applications and become mobile friendly will become a must.

More Strict BYOD Policies

Let's face it, not all companies have budget enough to COPE; so BYOD will yet continue to be a growing trend. Sooner or later, these companies will need to develop effective BYOD policies. Policies should be defined in each area according to the employees activities and needs, to then be detailed and defined mainly by the Finance, Human Resources, and Legal departments that will be in charge of the available budgets and the legal implications that follow.

Once these policies are set up, they can be merged with an MDM tool, this way all the devices would be safely managed and controlled by the responsible areas.

BYOD Lawsuits Loom as Work Gets Personal

Will BYOD lead to a rash of lawsuits from employees who feel violated? Or maybe a headline-grabbing, class-action lawsuit? Companies better make sure they have an explicit terms-of-use BYOD agreement.

Like most tragic love stories, the BYOD affair may end up abruptly. In the early days of BYOD, say, 2013, employees fell madly in love with the idea of using their own iPhones, Android smartphones and new tablets for work. They could finally ditch corporate-issued and boring cell phones.

In a beginning BYOD promised that employees and employers would live happily ever after. But the BYOD romance suddenly turned sour. Employees are now questioning the intrusion of corporate eyes on their personal devices. Why did the Internal IT turn their beloved smartphone into a spy that tracks their whereabouts? Employees are beginning to sense companies taking advantage of BYOD by intruding on personal time to get free work time.

If CIOs have hourly employees with BYOD smartphones, they might want to leverage MDM to control the company's email security and delivery rules to those devices; meaning, they can set a business rule that won't allow delivery of corporate email to a subset of users during off-hours. This rule should be also addressed in the BYOD terms-of-use agreement. This is just an example, and the tip of the iceberg.

John Timko, Marketing Director in LabTec Software explained that MDM software has thankfully advanced quickly and has come up with a fix. Now companies can control only corporate apps from a BYOD smartphone or tablet, leaving personal apps untouched. While this helps tremendously, it doesn't completely solve the problem.

Let's say a company buys the popular productivity app, Evernote, for employees to put on their BYOD smartphones. Since the company paid for the app, the company can remove it at any time regardless of the personal data the employee may have added such as a shopping list, recipes, vacation plans, or perhaps something more critical to their job.

In conclusion, companies need to have better protections against employee's lawsuits regarding the BYOD practice, a well developed terms-of-use agreement, and leverage MDM to ensure this agreement is followed. Truth is, employees tend to get a bit emotional when their privacy is being violated or their location is being tracked via a mobile device that they personally own. They don't like their personal data to be seen or wiped, either. When these things happen, companies can expect the wrath of a scorned employee.

More Stories By Monica Paul

Monica Paul is a marketer with 20 years experience in local, regional, and global marketing strategies. In 2001, after 8 years working as an employee for several IT companies such as Micrografx and Visio; Monica founded Marcomtec, marketing firm giving services initially to the IT industry that then diversified to other industries. In 2013 Monica launched, Magic MasterMinds (www.magicmasterminds.com), a marketing platform to help writers all over the world to market their books leveraging this way reading as a daily activity.

@ThingsExpo Stories
In the consumer IoT, everything is new, and the IT world of bits and bytes holds sway. But industrial and commercial realms encompass operational technology (OT) that has been around for 25 or 50 years. This grittier, pre-IP, more hands-on world has much to gain from Industrial IoT (IIoT) applications and principles. But adding sensors and wireless connectivity won’t work in environments that demand unwavering reliability and performance. In his session at @ThingsExpo, Ron Sege, CEO of Echelon, will discuss how as enterprise IT embraces other IoT-related technology trends, enterprises with i...
When it comes to the Internet of Things, hooking up will get you only so far. If you want customers to commit, you need to go beyond simply connecting products. You need to use the devices themselves to transform how you engage with every customer and how you manage the entire product lifecycle. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, will show how “product relationship management” can help you leverage your connected devices and the data they generate about customer usage and product performance to deliver extremely compelling and reliabl...
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to make sense of it all.
With several hundred implementations of IoT-enabled solutions in the past 12 months alone, this session will focus on experience over the art of the possible. Many can only imagine the most advanced telematics platform ever deployed, supporting millions of customers, producing tens of thousands events or GBs per trip, and hundreds of TBs per month. With the ability to support a billion sensor events per second, over 30PB of warm data for analytics, and hundreds of PBs for an data analytics archive, in his session at @ThingsExpo, Jim Kaskade, Vice President and General Manager, Big Data & Ana...
One of the biggest impacts of the Internet of Things is and will continue to be on data; specifically data volume, management and usage. Companies are scrambling to adapt to this new and unpredictable data reality with legacy infrastructure that cannot handle the speed and volume of data. In his session at @ThingsExpo, Don DeLoach, CEO and president of Infobright, will discuss how companies need to rethink their data infrastructure to participate in the IoT, including: Data storage: Understanding the kinds of data: structured, unstructured, big/small? Analytics: What kinds and how responsiv...
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing demand and the rapidly changing workspace model.
Since 2008 and for the first time in history, more than half of humans live in urban areas, urging cities to become “smart.” Today, cities can leverage the wide availability of smartphones combined with new technologies such as Beacons or NFC to connect their urban furniture and environment to create citizen-first services that improve transportation, way-finding and information delivery. In her session at @ThingsExpo, Laetitia Gazel-Anthoine, CEO of Connecthings, will focus on successful use cases.
Sensor-enabled things are becoming more commonplace, precursors to a larger and more complex framework that most consider the ultimate promise of the IoT: things connecting, interacting, sharing, storing, and over time perhaps learning and predicting based on habits, behaviors, location, preferences, purchases and more. In his session at @ThingsExpo, Tom Wesselman, Director of Communications Ecosystem Architecture at Plantronics, will examine the still nascent IoT as it is coalescing, including what it is today, what it might ultimately be, the role of wearable tech, and technology gaps stil...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. He discussed opportunities and challenges ahead for the IoT from a market and technical point of vie...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS solutions that provide a Hadoop flavor either make choices for customers very flexible in the name of opti...
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and expertise to guard against those threats. But will that be enough? In the foreseeable future attacks w...
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize supplier management. Learn about enterprise architecture strategies for designing connected systems tha...
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science from the University of California, Berkeley.
Wearable devices have come of age. The primary applications of wearables so far have been "the Quantified Self" or the tracking of one's fitness and health status. We propose the evolution of wearables into social and emotional communication devices. Our BE(tm) sensor uses light to visualize the skin conductance response. Our sensors are very inexpensive and can be massively distributed to audiences or groups of any size, in order to gauge reactions to performances, video, or any kind of presentation. In her session at @ThingsExpo, Jocelyn Scheirer, CEO & Founder of Bionolux, will discuss ho...
The cloud is now a fact of life but generating recurring revenues that are driven by solutions and services on a consumption model have been hard to implement, until now. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, will discuss how a top European telco has leveraged the innovative recurring revenue generating capability of the consumption cloud to enable a unique cloud monetization model to drive results.
As organizations shift toward IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection &E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 16th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships, will discuss how to cut costs, scale easily, and unleash insight with CommVault Simpana software, the only si...
Analytics is the foundation of smart data and now, with the ability to run Hadoop directly on smart storage systems like Cloudian HyperStore, enterprises will gain huge business advantages in terms of scalability, efficiency and cost savings as they move closer to realizing the potential of the Internet of Things. In his session at 16th Cloud Expo, Paul Turner, technology evangelist and CMO at Cloudian, Inc., will discuss the revolutionary notion that the storage world is transitioning from mere Big Data to smart data. He will argue that today’s hybrid cloud storage solutions, with commodity...