Mobile industry hasn’t stressed dangers of BYOD enough
The fact that a prominent UK journalist, the BBC’s Nick Robinson, lost a mobile device containing the UK Prime Minister’s mobile phone number has failed to ring alarm bells. His quasi-governmental employer has been negligent in allowing extremely sensitive data to be stored unprotected on a personal communications device. As GoMo News pointed out previously – a hostile government (Gadaffi’s Libya) has the capability of tracking mobile phones to within 200 feet. An effective BYOD implementation at the BBC would have ensured Robinson’s phone was wiped. GoMo asked Proven Legal Technologies‘ md, Phil Beckett, and Ping Identity‘s Hans Zandbelt, their views on the current state of play with BYOD.
Hans Zandbelt, a senior technical architect with Ping Identity, observed, “With more and more employees working remotely and storing sensitive data on personal devices, it’s vital organisations [like the BBC] implement BYOD policies to protect themselves against the rising number of cyber hacks”
He added, “Enterprises must architect an environment that is secure and scalable without compromising security.”
“This is where identity management plays its part- the linchpin to a successful BYOD transition.”
An identity management system provides a measure of mobility and offers improved security for both digital resources and users’ personal information.
Proven Legal Technologies’ Phil Beckett commented, “Bring Your Own Device (BYOD) is fraught with dangers for organisations. Allowing people to use their own devices to penetrate into corporate systems, not only increases the IT-security risk, but also the potential for intellectual property (IPR) to be extracted.”
He continued, “When deploying BYOD, organisations need to ensure that they tick all the boxes from a compliance perspective, for example allowing for the right to delete or audit amongst other things.”
Beckett observed, “The recent acquisition of Divide by Google allows for devices to be logically split, thus maintaining a degree of separation between the personal and business universe.”
Divide is a start-up that lets users securely separate their work and personal data on smartphones and tablets.
Beckett continued, “Although Divide addresses some of the risks, it is by no means the complete package.”
Zandbelt concluded, “As the BYOD trend continues to accelerate, organisations need successful identity strategies in place to protect individuals, applications and data across the whole entity.”
In the USA, DataXoom’s enterprise BYOD programme for businesses provides data-only SIM cards to customers (particularly those with tablets), who can immediately begin service by simply inserting the cards into their devices. See our previous story here.