Interesting story today about the failure of employers to come to terms with the way employees are connecting to corporate networks with their own mobile devices. According to Tom DeLaughter, CEO of Mformation Technologies (and no, he's not joking), 76% of CIOs are worried about the security issues posed by employee-owned mobile devices but 78% don't know which devices are connecting to the network.
DeLaughter argues smart devices, such as iPads and iPhones, are going to be a fact of life with the consumerisation of IT and corporates need to acknowledge that fact and adapt accordingly. He warns that if employers try to lock them out, determined employees will find 'backdoors' and create security risks in the process.
It says something about employees' attachment to their own smart devices that they are prepared to go to the length of compromising corporate security to be able to use them for work. But it also says something about the quality of IT products provided to them by their employers that they try so hard to use their own smart devices.
Common sense would dictate it makes more sense to concentrate on incorporating employee-owned devices into the workplace than shutting them out and forcing people to use devices they don't want. Sadly, common sense and corporate networks don't always go together, especially if it costs more than the option of doing nothing.
There is little doubt that employees using their own IT devices for work can be beneficial to a business, as it can support an ‘always on’ culture which is flexible to time and location, as well as potentially reducing the IT department’s spend on otherwise equipping mobile members of staff. This is indeed a question of balance, however, as senior management must make clear strategic decisions if the true benefits are to be realised.
A procedural agreement must be put in place which ensures that employees understand where the line is drawn on security measures and the company’s approach to both accessing and synchronising data. A rigorous process to ensure that disparate data sources are stored and backed up on a central system is also vital. This will undoubtedly involve a cultural shift for many employees, who may require training to understand how data must be shared and centralised, rather than being stored remotely on individual devices. Employees must also agree that these devices will need to be regularly checked and sanctioned by the IT department to avoid compromising the network security.
Vitally, this is a case in point where the ‘consumerisation’ of IT can offer great benefits to an organisation, but where senior management must work to be at the helm of decision-making to ensure that IT remains a servant of the business.
Richard Barker
CEO
Sovereign Business Integration
www.sovereign-plc.co.uk