Security Think Tank: BYOD – a challenge and an opportunity
With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?
As we are looking to enable a diverse workforce to be productive from anywhere using any platform they deem the most suited for the task at hand, IT challenges pop up like mushrooms after the rain, writes Wim Remes.
Over the past decade we have built infrastructures and processes to control the versions of operating systems and applications our businesses rely on, as well as to address the challenge in updating them.
While we made progress in both areas, it might feel like we are back to square one as we enter the “bring your own anything” era.
Mobile phones, tablets, laptops and anything in between will soon be used to process work emails, store and edit confidential data and to communicate with clients. There is no purpose in trying to avoid this new reality.
The question now is how IT departments should handle this? Can anybody and everybody bring in the device they want and to what extent should an organisation support it? Should all applications and data be made available, regardless of the device or environment it will be handled in?
Read more on BYOD and MDM from the Security Think Tank
- Governance should determine strategy for BYOD
- Embrace BYOD, but be wary of the risks
- BYOD security: policy, control, containment, and management
- MDM is no BYOD silver bullet
- BYOD – key tenets and best practices
- BYOD means the map is no longer the territory
- MDM just one way to lower the risk of BYOD
- Management is key to secure BYOD
- Cloud, BYOD and security – lock your doors
Mobile device management MDM suppliers have gone to great lengths to define the problem space which, conveniently, is always on a full overlap with the feature set of their products.
Delving deeper into the technical features of mobile platforms it also becomes very clear that all MDM products rely on the exposed Application Programming Interfaces (APIs) from the mobile platforms (iOS and Android in this case). One would wonder what the key differentiator is of each product. Almost without exception it concerns a feature that is unique in its ability to reduce the risk posture with .01%.
It is my firm belief that bring your own device (BYOD) offers IT departments an opportunity to return to its core business: providing access to applications and data.
Where our natural reaction is to control the platform we need to find peace with the fact that we are not able to control this. We are in the business of securing critical data assets no matter where they are located or used.
MDM is only one part of the technologies we need to execute on that mission but I would argue not the most important one.
Wim Remes is a member of the global board of directors of (ISC)2
