by Ben Mendoza, CEO of MDSL
Having been in IT now for almost 20 years I can’t help but look up to the IBM brand. No matter what you think about the company which we all know as Big Blue, it has come up with some fantastic ideas, concepts, solutions and downright great technology. It is therefore with a mixture of worry and trepidation that I read recently about IBM’s problems implementing BYOD.At first I was just amazed that Big Blue couldn’t handle what seems like a fairly simple enterprise conundrum.
However, having looked into the story in more depth I have been given significant food for thought.
The article details what happened when IBM loosened its previously rigorous constrictions on the smartphones and tablets its employees use for work.
In other words, IBM adopted a ‘Bring Your Own Device’ (BYOD) policy, meaning that employees who wanted to work out of the office didn’t have to use a smartphone provided by the company.
Although IBM provides BlackBerries to about 40,000 of its 400,000 employees, 80,000 other workers access internal IBM networks via their own smartphones and tablets.
That’s a few more than most BYOD systems will have to integrate.
Some companies do this to save money. I’m not sure whether this was IBM’s rationale but it certainly hasn’t saved them any money – and this comes from Jeanette Horan, IBM’s Chief Information Officer and the person responsible for all the company’s internal use of IT.
She says the problem is that employee’s devices are full of software that IBM doesn’t control or support, which has resulted in massive new challenges for her department of 5,000 people.
Now, where I come from, that means it’s is also cost them a shed-full of money in staff-time, additional hardware and other hidden costs.
Which is not what BYOD promised – it was supposed to save the company money, on all those expensive handsets for which it no longer had to pay as part of its mobile contract.
I don’t know about you, but if I had 5,000 people to help me implement a BYOD policy I wouldn’t be too upset.
The fact that Ms Moran is anything but happy should worry us all.
Ms Moran says that when IBM surveyed several hundred employees using mobile devices, many were “blissfully unaware” of which popular apps could be security risks.
In the field of IT security this is a lesson companies have to learn time and time again: the average user has no idea of how to keep themselves secure within the IT environment, and this is just a fact we have to accept.
On IBM’s list of banned apps are public file transfer services such as Dropbox, which has itself recently suffered a massive security outage due to a breach of password protocol.
Meanwhile, it turned out other employees were violating IBM’s own protocol by automatically forwarding all of their work email to public webmail services, and using their smartphones to create open Wi-Fi hotspots (which open up the data contained on those devices to a whole range of vulnerabilities).
IBM seems to have learned the lesson that its own employees have no idea about IT security, which makes you wonder what other security problems are lurking under the IBM hood.
This is not to single out IBM as an insecure user — I’m sure it’s actually in the Top-10 for general IT security — but an enterprise’s own employees are always the major weakness in IT security (ask Dropbox).
Whether or not an enterprise decided to apply a BYOD policy purely for financial reasons no longer matters, since – as Bill Bodin, IBM’s Chief Technology Officer for Mobility says – “…the genie is out of the bottle”.
Surveys have shown that more than half of large companies are catering to their employees’ desire to use their own smartphones, and as a result, the Mobile Device Management (MDM) market is booming.
A January 2012 report by Forrester Research counted more than 40 companies offering such services and the number is growing rapidly.
However, the problem is that an MDM application is only half the story.
Say what you like about RIM’s BlackBerries – and many people have been saying a lot, recently – but one area which Mike Lazaridis (RIM’s founder and now ex-CEO) did get right was the question of data consumption.
Mike frequently pointed out that BlackBerry handsets come with built-in tools for data compression, making them very economical in terms of bandwidth usage.
That didn’t matter in the days of unlimited data price plans but – as the Wall Street Journal pointed out recently those days are coming to an end.
As data consumption rockets on the back of all those smartphone users accessing videos over the web and downloading them to their devices for later viewing, any company who has deployed an MDM tool in isolation and omitted to provide some form of Telecom Expense Management – or, in this context, a Wireless Expense Management (WEM) – solution alongside it, is missing a serious trick.
It’s no use being able to switch off the 20 per cent of your users who account for 80 per cent of your mobile telecom costs, if you have no way of identifying who those users are in the first place.
IBM’s Bodin expects device management to get even more complex in the coming years.
The secret for every enterprise is to recognise it’s happening, carry out an audit of the current situation and put in place concrete guidelines for its IT department to police, supported not just by a good MDM tool but a WEM solution as well.
Failure to do so is not only reckless but will also prove very expensive – particularly as the mobile networks try to claw back money from the all-you-can-eat data packages they so generously gave away in the early years of smartphones – and realise that the upcoming 4G infrastructure is going to cost them (and not the government) a great deal of money.
Ben Mendoza founded MDSL in 1995 with a vision to provide financial trading organisations with the tools to improve the management of their market data services. Today the company remains a world leader in market data cost management with the MDM software system. Ben’s technology career began in 1974 and has included telecommunications engineering with British Telecom, applied electronics design with Marconi Space and Defence Systems, data network design with Timeplex, and North Sea oil platform systems implementations with Marathon Oil UK Ltd. Ben founded his first company in 1984 – Digital Networks International Limited (DNI) as an independent IT consultancy firm providing network design and implementation services.