Click here to close now.




















Welcome!

Related Topics: Containers Expo Blog, Mobile IoT, Microservices Expo, Agile Computing

Containers Expo Blog: Blog Feed Post

BYOD – The Hottest Trend or Just the Hottest Term

It goes by many names: ‘Bring Your Own Danger’, ‘Bring Your Own Disaster’

It goes by many names: ‘Bring Your Own Danger’, ‘Bring Your Own Disaster’ and what most people call ‘Bring Your Own Device’ and everyone it seems is writing, talking and surveying about BYOD.  What used to be inconceivable, using your own personal mobile device/smartphone for work, is now one of the hottest trends or at least, one of the hottest topics being discussed throughout the IT industry.  The idea of using a personal smartphone at work sprouted, I think, when many executives got their first iPhone back in 2007 and wanted access to corporate resources.  As more smartphones made their way into employee’s hands, the requests for corporate access only grew.  Initially resistant to the idea due to security concerns, IT seems to be slowly adopting the concept based on the many blogs, articles and surveys that have littered the internet of late.  But, it is a true trend that will transform IT or simply a trending term getting a lot of attention?  We’ll be right back after these important messages.

Just Kidding.  Most likely the former.

While many of the cautionary articles talk about potentially grim disasters, they do acknowledge that BYOD is not going away and in fact, is gaining ground.  Greater productivity and cost savings seem to be the driving factors.  Let’s take a quick look at the smattering of articles surrounding this offshoot of IT consumerization.

The Mobile Device Threat: Shocking Mobile Security Stats:  A nice slide show featuring highlights from a recent Ponemon Institute and Websense survey.  Right out of the gate they talk about how mobile devices are a double-edge sword for enterprises.  77 % of the 4640 responses said that the use of mobile devices in the workplace is important to achieving business objectives but almost the same percentage – 76% -  believe that these tools introduce a "serious" set of risks.  While organizations understand the risks, the survey showed that only 39% have security controls in place to mitigate them.  As a result, 59% of respondents said they’ve seen a jump in malware infections over the past 12 months due, specifically, to insecure mobile devices including laptops, smartphones, and tablets while 51% said their organization has experienced a data breach due to insecure devices.  While 45% do have a corporate use policy, less than half of those actually enforce it.  In terms of recommendations based on their findings they said, be sure to understand the risk that mobile devices create in the workplace; educate employees about the importance of safeguarding their devices; create a mobile device corporate policy and leverage mobile device management solutions, security access controls, and even cloud services to keep confidential data out of the eyes of unauthorized viewers.

10 myths of BYOD in the enterprise: A nice top 10 from TechRepublic primarily pulling data from a recent Avanade survey of more than 600 IT and business leaders.  The notion of IT resistance to BYOD is somewhat squashed here with nine out of 10 respondents (according to the results) saying their employees are using their own tech at work.  They found that more Androids are encroaching the workplace; that employees are actually using it for work rather than playing games and that nearly 80% of enterprises will make investments this year to manage consumer technologies.  There’s 7 more myths along with a couple nice graphics to go along with the list.  Interesting and quick read.

When Business and Personal Combine: This Wall Street Journal article talks specifically about the conundrum companies and employees face when a remote wipe comes into play.  What happens, or really, how to deal with situations when there is a fear of a data breach yet wiping the device also deletes all the employee’s personal data, like family pictures.  Policies, use agreements and mobile device management (MDM) solutions are potential solutions.

The new BYOD: Businesses are now driving adoption: Rather than the perils of BYOD, this InfoWorld article talks about how enterprises are starting to actively encourage BYOD, not just passively accept it.  Reporting on Good Technology’s recent BYOD survey, they found that organizations are jumping on the phenomenon sine they see real ROI from encouraging BYOD.  The ability to keep employees connected (to information) day and night can ultimately lead to increased productivity and better customer service.  They also found that two of the most highly regulated industries – financial services and health care – are most likely to support BYOD.  This shows that the security issues IT folks often raise as objections are manageable and there’s major value in supporting BYOD.  Another ROI discovered through the survey is that since employees are using their own devices, half of Good’s customers don’t pay anything for the employees’ BYOD devices – essentially, according to Good, getting employees to pay for the productivity boost at work.

BYOD Is The Challenge Of The Decade:  Europe is also seeing the BYOD trend.  This TechWeek Europe article talks about the familiar threats of malware, spyware, worms and other malicious software but also says that BYOD success depends on both people and technology.  That it’s important to involve management early, consider the legal and financial ramifications along with risks to the business to then make an informed decision about a BYOD plan.  Not sure if it’s the challenge of the decade but it’s a great headline and will continue to fluster IT in the coming years.

IT Security’s Scariest Acronym: BYOD, Bring Your Own Device: This PCWorld article uses Nemertes Research data to cover the discrepancies between how companies treat laptops (which can be mobile) and mobile devices themselves.  They both have VPN capabilities and device encryption available but stray in different directions after that commonality.  The obvious difference is laptops are usually IT owned and smartphones are personally owned.  They suggest that it’s a good idea to re-evaluate the difference between security controls on different types of end-user devices and ask, "Is this difference based on valid reasons or a result of legacy thinking?"

BYOD Challenge: How IT Can Keep User-Owned iPhones And iPads Secure In Enterprise: This article looks at both the technical and personal challenges to securing employee-owned devices along with suggestions like user education, cost sharing, purchase assistance, tiered access, reward for enrollment and reward for good behavior.  I like the last one since much of our challenges and much of what I write about is human behavior, the human condition and why we do the risky things we do.

BYOD: Manage the Risks and Opportunities: Bankinfosecurity.com is one of my weekly stops on the internet circuit.  While this article is more a primer for an upcoming webinar, it does offer a number a good questions to ask while considering a BYOD strategy.  They also say that it’s no longer a question of whether to allow employees to use their own devices – the questions are now about inventory, security, privacy, compliance, policy and opportunity.

Some BYOD thoughts based on all of the above, in no particular order:

  • Have a BYOD policy or forbid the use all together. Two things can happen if not: personal devices are being blocked and organizations are losing productivity OR the personal devices are accessing the network (with or without an organization’s consent) and nothing is being done pertaining to security or compliance.
  • Ensure employees understand what can and cannot be accessed with personal devices along with understanding the risks (both users and IT) associated with such access. What’s the written policy and how is it enforced.  Acceptable use.
  • Ensure procedures are in place (and understood) in cases of an employee leaving the company; what happens when a device is lost or stolen (ramifications of remote wiping a personal device); what types/strength of passwords are required; record retention and destruction; the allowed types of devices; what types of encryption is used.
  • Organizations need to balance the acceptance of consumer-focused smartphones/tablets with control of those devices to protect their networks.
  • Organizations need to have a complete inventory of employee’s personal devices – at least the one’s requesting access.
  • Organizations need the ability to enforce mobile policies.  Securing the devices.
  • Organizations need to balance the company’s security with the employee’s privacy like, off-hours browsing activity on a personal device.
  • Personally, I do find that if I’m playing a game at 9pm and an email comes in, I typically read it.

F5 has a number of solutions to help organizations conquer their BYOD fears.  From the Edge Client, to our BIG-IP Global Access Solutions  (BIG-IP APM and BIG-IP Edge Gateway) to the recent MDM partnership announcements, we can help ensure secure and fast application performance for mobile users.

ps

Related or, …and the Rest:

Technorati Tags: F5, smartphone, integration, byod, Pete Silva, security, business, education, technology, application delivery, ipad, mobile device, context-aware,android, iPhone, web, internet, security

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]


Read the original blog entry...

More Stories By Peter Silva

Peter Silva covers security for F5’s Technical Marketing Team. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Bringing the slightly theatrical and fairly technical together, he covers training, writing, speaking, along with overall product evangelism for F5’s security line. He's also produced over 200 F5 videos and recorded over 50 audio whitepapers. Prior to joining F5, he was the Business Development Manager with Pacific Wireless Communications. He’s also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others. He earned his B.S. from Marquette University, and is a certified instructor in the Wisconsin System of Vocational, Technical & Adult Education.

Latest Stories
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, will provide the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This “Live Hack” uses open source attack tools that are free and available for download by anybody. Attendees will learn where to find and how to operate these tools for the purpose of testing their own IT infrastructu...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, answered that question citing examples, showing how to create opportunities for ...
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, will discuss how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a prac...
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and a...
Red Hat is investing in Tesora, the number one contributor to OpenStack Trove Database as a Service (DBaaS) also ranked among the top 20 companies contributing to OpenStack overall. Tesora, the company bringing OpenStack Trove Database as a Service (DBaaS) to the enterprise, has announced that Red Hat and others have invested in the company as a part of Tesora's latest funding round. The funding agreement expands on the ongoing collaboration between Tesora and Red Hat, which dates back to Febr...
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of I...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
A producer of the first smartphones and tablets, presenter Lee M. Williams will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. In his session at @ThingsExpo, Lee Williams, COO of ETwater, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ET...
Cloud and datacenter migration innovator AppZero has joined the Microsoft Enterprise Cloud Alliance Program. AppZero is a fast, flexible way to move Windows Server applications from any source machine – physical or virtual – to any destination server, in any cloud or datacenter, using its patented container technology. AppZero’s container is also called a Virtual Application Appliance (VAA). To facilitate Microsoft Azure onboarding, AppZero has two purpose-built offerings: AppZero SP for Azure,...
WSM International, the pioneer and leader in server migration services, has announced an agreement with WHOA.com, a leader in providing secure public, private and hybrid cloud computing services. Under terms of the agreement, WSM will provide migration services to WHOA.com customers to relocate some or all of their applications, digital assets, and other computing workloads to WHOA.com enterprise-class, secure cloud infrastructure. The migration services include detailed evaluation and planning...
This Enterprise Strategy Group lab validation report of the NEC Express5800/R320 server with Intel® Xeon® processor presents the benefits of 99.999% uptime NEC fault-tolerant servers that lower overall virtualized server total cost of ownership. This report also includes survey data on the significant costs associated with system outages impacting enterprise and web applications. Click Here to Download Report Now!
IBM’s Blue Box Cloud, powered by OpenStack, is now available in any of IBM’s globally integrated cloud data centers running SoftLayer infrastructure. Less than 90 days after its acquisition of Blue Box, IBM has integrated its Blue Box Cloud Dedicated private-cloud-as-a-service into its broader portfolio of OpenStack® based solutions. The announcement, made today at the OpenStack Silicon Valley event, further highlights IBM’s continued support to deliver OpenStack solutions across all cloud depl...