Bring Your Own Device (BYOD) – Friend or Foe to Businesses?

IT consumerization has increased the ‘Bring Your Own Device’ momentum recently but, there is an on-going debate on whether it should be an organisations best friend or worst enemy.

In a recent survey, it has been found 92% of the companies interviewed, reported certain employees were already using non-company issued devices for work but, it is not the company norm which is reflected by the findings that only a small number of companies have introduced a BYOD policy.

With these results the BYOD trend definitely have room to grow, especially when it can offer a number of benefits to an organisation like; mobile workforce enablement, reducing costs, workforce empowerment and improve productivity.

On the other hand, many consider it as an enemy as an employee personal device can be seen as a foreign object on an IT infrastructure; with an unknown history, unknown level of security measures on the device and no control over the level of access = business risk!! Worrying about the level of business risk that BYOD entails is a norm, as it has been found more than ¾ of CIO interviewed had this type of concerns.

It is true, business risks can be caused when a non-structured approach is taken; it can potentially weaken a company data security barrier, cause compliance issues and increase vulnerability to cybercrimes.

However it is not a trend we can ignore as IT consumerization will continue to fuel this trend; although you cannot completely eliminate certain issues and risks by introducing a BYOD policy, with a policy in place at least employees know the organisation is flexible and open to new trends, can feel empowered so, when and if they bring their own device they will inform the IT department…in theory.

BYOD is certainly not a case for see no evil, hear no evil… Yes, BYOD offers a wide range of benefits but, policies and a structured approach is required to protect your business.

Advertisements

Advent IM

The new EU General Data Protection Regulation, to provide greater harmonization of data protection rules across Europe,  will be published on 26 January.  So what? 

Well, rather than being something radically different or new for organisations and data controllers to get to grips with, the new Regulation trumpets compliance with two of our existing data protection principles; Personal data shall not be kept for longer than is necessary, and Personal data shall not be transferred to a country or territory outside the European Economic Area (EEA).

For example, the much-heralded ‘le droit à l’oubli’ clause (‘the right to be forgotten’ apparently, although my school boy French was limited to ordering half a kilo of sausages with predictably hilarious results) will require person’s internet histories to be deleted after use (e.g. cookies) has incited some rather inflammatory statements in some areas.  Data protection compliance has been likened to some onerous kill-joy…

View original post 366 more words