Many IT Managers Still Resisting The BYO Device Trend

Yesterday we discussed some of the challenges that BYO phones face in the workplace. New survey data confirms that for many IT managers, the easiest way to deal with that challenge is still not letting people choose their own device.

According to the ISACA Risk-Reward barometer, 31% of ANZ IT managers think the benefits of letting workers choose their own device outweigh the risks, but 52% believe that anyone employee-owned mobile device represents a major threat to security. The data is based on 131 responses, so it should be treated with some degree of caution, but it does suggest the battle to let people choose their own phones will go on for a while.

ISACA


Comments

    It's hard when you're a privately owned company with 30+ equity holders who all think they're the boss ;)

    We have 100% BYO phones here (160 staff, about 40 of whom get their corporate email delivered to their handset).
    We don't allow wifi access for any staff devices, so that risk is mitigated at least...

    Being an IT Manager, I dont let any device, corporately or privately owned have any sort of access to the network, be it VPN, Terminal Server, mapped drives, email etc, unless a domain enforced password or PIN is in place on the device. But of course when you try to lay down the law suddenly you are the Data-Nazi and constantly get "now my iPhone is asking for a PIN, wahhhhh". Its just a simple fact. You dont leave your personal car unlocked when there are company folders on the front seat, so why would you leave your laptop or phone unlocked?

    Generally speaking, its a lot easier to just tell staff to leave their personal devices as ...well, personal devices.

    At my workplace (a three campus school) we've just moved to netbooks that are student owned. The majority of my day as helpdesk manager, is spent with students who begin a sentence with "So last night I installed" or "My Internet doesn't work" and ending with me spending an hour re-ghosting their machine because they've bogged down the device with so many viruses, it's better to wipe it.

    Reducing the number of variables on a system greatly reduces your (my) workload. So it's little wonder that companies are hesitant to have BYO devices. Especially when IT get blamed for not supporting command line linux or something.

    Email - Force PIN and remote wipe. (user doesn't like it? Don't get work email).
    Wifi - Setup a secondary SSID in a DMZ with blacklists for "social" websites and allow phones to connect through this to the internet. They will stop using it soon enough once they realised they can't access facebook on it either.
    Support - Let it be known only company issued handsets are supported.

    It's not that difficult to tell users that you can't fix their personal phone because your too busy fixing work related issues.

      As an IT guy 'A Men to that'

Join the discussion!

Trending Stories Right Now