Michele Chubirka, writing for Dark Reading, thinks that most technologists haven’t blinked an eye at recent scandalous tech stories, like the US ambassador to Kenya using his Nairobi bathroom to run his own Internet connection. It’s just another instance of shadow IT in motion. And so when it comes to BYOD, she finds that the discussion really has little to do with technology and more to do with security, politics, and psychology. This has implications across IT.
Two Sides, One Experience
On one hand, IT wants to maintain standards for ease of management and to secure the assets of the organization. Of course, users just want the familiar and the accessible:
…if neurophilosopher Andy Clark’s concept of extended mind is accurate, they’re potentially identifying with a personal mobile device as an extension of their cognitive toolset. If both parties continue to be intractable, the result is a full-blown policy war, with information security as the victim.
A Force of Nature
The presence of a BYOD policy does not necessarily solve the problem, because the problem does not originate with a lack of policy. With consumerization of IT, BYOD is just bound to happen. It’s a force of nature. That is why good BYOD policy acknowledges the needs of users. It includes data classification for handling standards and a user classification with identity management. A sound use policy replete with end-user agreement is also applicable for managing BYOD.
Implementing security controls without underlying policies and standards is an exercise in futility. An inconvenience, a mere hurdle to be got around by a user community and subject to the whims of an operations team or yearly budget cuts.
In the end, says Chubirka, the network perimeter is just no longer the network perimeter. BYOD is not the enemy, because it is BYOD that will ultimately bring cost savings, not the obstructionist security policies of a reluctant IT.
Read the original article at: http://www.darkreading.com/operations/the-good-and-bad-of-byod/a/d-id/1319742