×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Why Everyone Gets It Wrong About BYOD

Soulskill posted about a year ago | from the bring-your-own-device dept.

Cellphones 377

snydeq writes "Brian Katz offers a simple take on the buzz around BYOD in business organizations these days: 'BYOD is only an issue because people refuse to realize that it's just about ownership — nothing more and nothing less.' A 'hidden issue' hiding in plain view, BYOD's ownership issue boils down to money and control. 'BYOD is pretty clear: It's bringing your own device. It isn't the company's device or your best friend's device. It's your device, and you own it. Because you own the device, you have certain rights to what is on the device and what you can do with the device. This is the crux of every issue that comes with BYOD programs.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

377 comments

BYOD means I/T loses some control over it (5, Insightful)

Jailbrekr (73837) | about a year ago | (#43855429)

BYOD means you can no longer trust your own network because you no longer have the same level of control over the devices on it. And if you do not trust your own network, you need to increase your security costs substantially and provide other resources that you would otherwise not need to offer. So while you're saving around $1000 per year per user on hardware, you're spending more on licensing for NAC and VDI/RDP/ICA. You also need to amp up the local tier1/2 support because now without standards they're going to be spending more time dealing with more types of machines. Any gains made by standardization will be utterly destroyed.

BYOD is a short sighted, stupid idea thought up by someone who sure as hell has no experience with I/T support.

Re:BYOD means I/T loses some control over it (4, Insightful)

guruevi (827432) | about a year ago | (#43855517)

You shouldn't trust your own network to begin with. How do you make sure no-one plugs in whatever they want? BYOD is not just about cell phones or property. It's about people taking work laptops home and home phones to work.

If you want to make sure everything is and remains standardized, you're going to need to implement NAC and have everything on your network be a dumb terminal.

BYOD is not just about someone saving money. It's about people expecting to have their devices work and IT in organizations being too slow or not having enough funding to give everybody their device of choice.

Re:BYOD means I/T loses some control over it (5, Insightful)

Anonymous Coward | about a year ago | (#43855545)

Not sure about you, but no one plugs in whatever they want to our network, all network ports are authenticated at the switch, you plug in a non authorized device the port simply shuts off. BYOD is a fucked up concept by people that simply have a poor understanding of IT that think what they do at home is "better" as the guys running the network can't possibly know more than them. I have seen BYOD in 3 places now and in all it has been 3 complete failures where it was rolled back due to the insane increases in support costs.

Re:BYOD means I/T loses some control over it (4, Interesting)

Anonymous Coward | about a year ago | (#43855607)

Then it sounds like you and the rest of the IT staff were incompetent. I work at a company right now that's been using a BYOD approach for nearly 5 years with no real issues. And with only 4 IT staff to support around 400 people.

Re:BYOD means I/T loses some control over it (1, Insightful)

bdwebb (985489) | about a year ago | (#43855973)

Your company has no secure resources that you or your superiors are worried about then and you are not a candidate for NAC as the parent poster was. That or your company's IT staff, including you, is actually the incompetent group and if you ever get compromised by an outsider with malicious intent, you're fucked.

Re:BYOD means I/T loses some control over it (5, Insightful)

Anonymous Psychopath (18031) | about a year ago | (#43856291)

Your company has no secure resources that you or your superiors are worried about then and you are not a candidate for NAC as the parent poster was. That or your company's IT staff, including you, is actually the incompetent group and if you ever get compromised by an outsider with malicious intent, you're fucked.

We have about 25,000 BYOD users and ferociously protect our IP. I wish you luck in your crusade against the customers you serve. It seems to be working out for the RIAA/MPAA.

Re: BYOD means I/T loses some control over it (1)

Anonymous Coward | about a year ago | (#43856019)

You have 1 IT staff member to every 100 people? That is a high ratio. In my environment we have ~1650 users with only 3 people in the IT department and that includes the IT director. We also don't outsource really anything (cable runs is the only real thing I can think of), manage the network/servers and do development. There is no way we could do that if it was a BYOD environment. Our support model would be blown away. We are able to do what we do because we have a highly automated patch management and client management system, this would not be possible if we did not "own" the client systems.

Re: BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43856137)

So what is the trade off here?

Option a) Heavy handed IT standardization and lockdown:

Reducing the need for IT staff by a few people and slowing the ability of hundreds or thousands of staff members in getting their actual work done. Slowing happens in many ways, inability to use a device optimal for your work, inability to use software you need for work, generally shitty corporate standard hardware.

or

Option b) BYOD

Slightly more IT people needed. Hundreds / thousands of staff has device and software they need/want making them as productive as they can be.

Seems to me its worth having a couple more IT nerds around if 1600 staff members are even slightly more efficient.

Re:BYOD means I/T loses some control over it (1)

guruevi (827432) | about a year ago | (#43855667)

So you have implemented NAC, you therefore have already sunk an insane amount of money and resources into getting this to work. And now you're protected until a home device with malware has authenticated itself...

Re:BYOD means I/T loses some control over it (1)

bdwebb (985489) | about a year ago | (#43856051)

There is a definite cost to implementing NAC but I'm confused as to how you believe a home device with malware is going to authenticate itself. There are many complex malware programs out there that can attempt a variety of attack vectors but none complex enough to bypass a NAC solution worth its' salt with anything but the baddest 0-day exploits.

There was a BlackHat presentation made in relation to NAC that presents some of these potential attack vectors (http://www.blackhat.com/presentations/bh-dc-07/Arkin/Presentation/bh-dc-07-Arkin-ppt-up.pdf), however in a fully secured, fully featured NAC deployment, the likelihood is almost zero. Like you said, the cost of the solution and the time and resources devoted to implementation are all high so it really needs to be an industry requirement or something of the like but a well implemented NAC solution in tandem with well developed security policies provides an extremely high level of security. IAANSE (Network Security Engineer)

Re:BYOD means I/T loses some control over it (1)

swalve (1980968) | about a year ago | (#43855819)

That seems like a lot of hassle for not a lot of payoff. Every time something breaks or gets moved, they have to call IT to reenable the port? Just so you can imagine that you have security? I guess nobody ever heard of MAC address spoofing.

Re:BYOD means I/T loses some control over it (1)

bdwebb (985489) | about a year ago | (#43856087)

MAC address spoofing doesn't help vs a well implemented NAC solution as the MAC address of the connecting device is not the only authentication factor. Many NAC solutions even require agents to be installed on the connected machine so that an analysis of installed software and hardware can be performed as an additional authenticator and many will pre-scan connecting devices for offending/unsecure software and quarantine them in a segregated network with no routing abilities.

Once implemented, a NAC isn't an incredible hassle to manage and 802.1X even allows for a port to be re-enabled once the offending device is disconnected from the port so you don't have to manually reenable the port every time someone plugs in an unauthorized resource. It is extremely costly, however, and the effort integrate it properly so that it can't be bypassed by simple means is huge so a NAC is not a great solution unless your industry or company requires it.

Re:BYOD means I/T loses some control over it (1)

FireFury03 (653718) | about a year ago | (#43855577)

You shouldn't trust your own network to begin with. How do you make sure no-one plugs in whatever they want?

Yep, I've had customers insist they don't need to worry about antivirus, etc. on their workstations because they have a company policy that no one plugs unauthorised kit into the network. A few weeks later they invariably get an infection because one of the directors ignored policy and plugged his personal laptop in - afterall, who's going to tell the director off?

BYOD is not just about someone saving money. It's about people expecting to have their devices work and IT in organizations being too slow or not having enough funding to give everybody their device of choice.

I've found BYOD is actually a big PITA for large organisations because the devices people are bringing are almost universally Android or iOS, and in both cases the OS and apps have terrible support for HTTP proxies; and many large organisations use proxies to control web access from within their networks.

Re:BYOD means I/T loses some control over it (1)

guruevi (827432) | about a year ago | (#43855695)

Both devices have plenty of support for HTTP proxies. Even then, Squid has a transparent proxy option. Or you could filter at the DNS level... options, options.

Re:BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43855769)

Funny, then the issues we had with Chrome and Firefox on Macs, and the time we spent trying to resolve them shouldn't have happened?. Fuck off idiot

Re:BYOD means I/T loses some control over it (5, Informative)

FireFury03 (653718) | about a year ago | (#43855823)

Both devices have plenty of support for HTTP proxies.

Android Gingerbread lets you set a single HTTP proxy which applies to all networks. That means device owners have to manually enter and clear the proxy settings as they move between the office network and their home network. Not that it matters - almost all apps ignore the proxy settings anyway.

Android ICS and Jellybean let you set an HTTP proxy per wifi network, which at least means the user isn't expected to reconfigure the phone all the time. Most apps still ignore the proxy settings. Most of the apps that do pay attention to the proxy settings don't support authenticated proxy servers.

All recent versions of iOS allow the proxy and authentication credentials to be set on a per wifi network basis. That's excellent. Except that most apps (including a good chunk of the stock iOS apps that Apple ship with the phone) either ignore the proxy settings entirely or fail to support authenticated proxy servers. (Yes, Apple is aware of these problems - there are bug reports in their bug tracking system that have been open for several years, they aren't interested in fixing them).

Even then, Squid has a transparent proxy option.

Transparent proxying only works for HTTP, not HTTPS unless you are going to MITM all the sessions (which involves installing certificates on all the clients). And even then, you can't authenticate the users if you're proxying transparently.

Die proxy servers (0)

tokiko (560961) | about a year ago | (#43856211)

Proxy servers are relic of a time before NAT. Please, please, please stop using this old hack to "share" your office Internet connection. If you want to prevent SMTP/FTP/IRC/etc traffic on your network, set up a proper firewall that blocks those port ranges. As you pointed out, using a proxy server in 2013 is going to give grief to anybody that has to touch it.

Re:BYOD means I/T loses some control over it (2)

mysidia (191772) | about a year ago | (#43855765)

afterall, who's going to tell the director off?

I would... in private of course. The director must be coached, and warned, in a firm and positive way order to give them an opportunity to avoid misbehaving in the future.

This is why it's important to have security policies and IT governance rules and the consequences in writing, and signed off on by multiple members of upper management, and the board.

If you commit a violation, the disciplinary action procedure has to be initiated, no matter who you are in the organization -- even the CEO is not above scrutiny from the security department; just in the same way even the CEO is not exempt from fraud or financial embezzlement rules, as the violation of any of the important security rules is of similar severity, because it may have enabled the commission of fraud or other crimes against the shareholders.

If everyone is not held to the same standard, then not everyone has to obey the policy, and it won't work.

Re:BYOD means I/T loses some control over it (5, Interesting)

Skuld-Chan (302449) | about a year ago | (#43855921)

1990 called - they want your manually set proxy server back.

We proxy everything, but the users are none the wiser and its a university where BYOD isn't even something we can control.

Re:BYOD means I/T loses some control over it (4, Insightful)

ultranova (717540) | about a year ago | (#43856129)

I've found BYOD is actually a big PITA for large organisations because the devices people are bringing are almost universally Android or iOS, and in both cases the OS and apps have terrible support for HTTP proxies; and many large organisations use proxies to control web access from within their networks.

So maybe you shouldn't try to control web access from your network if you allow it at all, but rather deal with people browsing Slashdot or porn sites all day long when and if it becomes a problem?

Re:BYOD means I/T loses some control over it (2)

Frobnicator (565869) | about a year ago | (#43855597)

BYOD is not just about cell phones or property. It's about people taking work laptops home and home phones to work.

We were recently stung by this little feature.

License true-ups and program audits are fun.

People install the products on their laptops with the corporate keys, and pass it around to their co-workers saying the installs are business related. For us, a two-week network scan found nearly two million dollars in improperly-licensed and unexpectedly-installed software on all those BYOD laptops.

A whole lot of people got one-on-one meetings with management, a few lost their jobs.

Re:BYOD means I/T loses some control over it (5, Insightful)

guruevi (827432) | about a year ago | (#43855727)

Maybe you should improve your licensing options or choose better products with less licensing. Throwing out high quality people because a 3rd party company bullies you is not really great business practice.

Re:BYOD means I/T loses some control over it (1)

girlinatrainingbra (2738457) | about a year ago | (#43855857)

Re:Throwing out high quality people because a 3rd party company bullies you is not really great business practice.

Excellent point. Licensing is key. Go FOSS.

Re:BYOD means I/T loses some control over it (5, Insightful)

Lumpy (12016) | about a year ago | (#43856247)

Sounds like a plan. got a FOSS version of AVID? same quality and same abilities?

No? how about a FOSS version of AutoCad? no the two toys running around out there wont work.

Well then how about a FOSS version of my automotive computer tuning software? IT supports all the modern cars, so what FOSS program is out there that does that?

Lastly how about a nice FOSS large accounting software system? no?

There are three business types that can not use FOSS even if they wanted to, and that covers a hundred thousand of businesses in the USA alone. (car repair, car shops, engineering firms, accounting firms, TV stations and studios, etc...

FOSS is an impossible answer for a large number of businesses simply because the software does not exist.

Re:BYOD means I/T loses some control over it (1)

girlinatrainingbra (2738457) | about a year ago | (#43856321)

Well, hey, if you can't get FOSS for what you want, at least have the ethics to realize that you have to pay fo rthe software you use. Don't use unlicensed software. FOSS software is licensed too, even if it is or is not free of cost. Freedom in FOSS is the freedom to share and the lack of a bullshit-filled license. Or at least don't keep hiring idiots who think that it's okay to steal. It's not okay to steal in either case, and your employees ought to be aware of that: a - proprietary software copied without paying for the copy or the extra license b - FOSS software that you intend to use without honoring the license If your employees can't stop stealing, perhaps they deserve being fired.

Re:BYOD means I/T loses some control over it (1)

zidium (2550286) | about a year ago | (#43855739)

Would these piracy scans be successful if the user was not logged into the domain via, say, their own personal laptop?

Or, more to the point, what is the best way for a user not to show up in these scans? Would a firewall help? What would I block?

Re:BYOD means I/T loses some control over it (2)

mjwx (966435) | about a year ago | (#43855971)

People install the products on their laptops with the corporate keys,

Why were you giving end users corporate license keys?

Re:BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43855701)

How do you make sure no-one plugs in whatever they want?

If you have to ask that question, i hope you don't manage any network in any company i have to work with. Its also not about 'funding' or 'slow', most companies prefer standards. Breaking standards is bad.

Re:BYOD means I/T loses some control over it (2, Insightful)

mjwx (966435) | about a year ago | (#43855893)

You shouldn't trust your own network to begin with. How do you make sure no-one plugs in whatever they want?

Managed switches.

No unauthorised devices get plugged in. Every device has to authenticate with the switch (so not simply MAC address blocking).

From the fine summary:

Because you own the device, you have certain rights to what is on the device and what you can do with the device.

Yeah right, feck off.

When you BYOD onto my network, we control it, we can wipe it, we can install and uninstall apps and if you dont agree to our terms, dont bother complaining that you cant BYOD. BYOD is not open slather, if you want to bring your own device, fine, we welcome that but you will be registering it with our MDM (Mobile Device Management) system before you're even so much as able to put mail on there, that means our policies get enforced on your device (and your administrative privileges for that device get taken away). Sorry, but this part isn't negotiable.

Re:BYOD means I/T loses some control over it (1, Insightful)

Anonymous Coward | about a year ago | (#43855979)

Sorry, but this part isn't negotiable

Maybe not - but I'm sure your employment is. The first time you tell the CEO to "feck off" I suspect it will be negotiated to no longer exist.

Re:BYOD means I/T loses some control over it (2, Insightful)

mjwx (966435) | about a year ago | (#43856025)

Sorry, but this part isn't negotiable

Maybe not - but I'm sure your employment is. The first time you tell the CEO to "feck off" I suspect it will be negotiated to no longer exist.

LoL,

You do realise this policy comes from the CEO.

Besides that, one data leak and it's the CEO's who's job will no longer exist. They get real paranoid when you make it clear their job is at risk. Besides this, if management wont take security seriously, I'll have another job by next week anyway.

Re:BYOD means I/T loses some control over it (1)

khasim (1285) | about a year ago | (#43856175)

Besides that, one data leak and it's the CEO's who's job will no longer exist.

Maybe. Maybe not. It depends upon how well he (or she) can spin it.

And the easiest way to spin it is to blame you.

So if you're having trouble getting the CEO to support the "NO BYOD HERE" policy then start hunting for a job with a more informed CEO. Leave that job and that CEO to one of the BYOD advocates. Let them deal with whatever loss happens.

... I'll have another job by next week anyway.

Maybe. It depends upon how high profile the loss is. It's easier to get a different job BEFORE the story about how the company lost $500,000 because someone in Accounting brought in an infected laptop and the CxO's and BoD are all claiming that it was your fault. Be proactive.

Re:BYOD means I/T loses some control over it (3, Insightful)

Lumpy (12016) | about a year ago | (#43856257)

I watched an IT guy try to tell a CEO that his apple TV was not allowed on the network. the CEO pointed at the door and asked the guy, "what does it say on the door?"

The IT guy was one of the brighter ones and got the hint quickly... and set it up on the corporate network.

Re:BYOD means I/T loses some control over it (2)

octothorpe99 (34654) | about a year ago | (#43856335)

You shouldn't trust your own network to begin with. How do you make sure no-one plugs in whatever they want?

Managed switches.

No unauthorised devices get plugged in. Every device has to authenticate with the switch (so not simply MAC address blocking).

From the fine summary:

Because you own the device, you have certain rights to what is on the device and what you can do with the device.

Yeah right, feck off.

When you BYOD onto my network, we control it, we can wipe it, we can install and uninstall apps and if you dont agree to our terms, dont bother complaining that you cant BYOD. BYOD is not open slather, if you want to bring your own device, fine, we welcome that but you will be registering it with our MDM (Mobile Device Management) system before you're even so much as able to put mail on there, that means our policies get enforced on your device (and your administrative privileges for that device get taken away). Sorry, but this part isn't negotiable.

Well, if it was my choice to B[M]YOD, I'd let IT get admin privileges on my devices. But if its at the company's insistence, then hell no!
Here's the deal:
- I can do off-hours work if I get email on my phone.
- I won't carry a second phone for work
- I am willing to add my work email on my phone PROVIDED:
    -- I am not required to register my device for monitoring
    -- I and ONLY I have admin rights on my phone
    -- No remote monitoring of my phone allowed

I will, however, agree to follow policy like setting a passcode, time-out locking, enable find-my-phone and remote wipe (which I will control).

Re:BYOD means I/T loses some control over it (1)

TENTH SHOW JAM (599239) | about a year ago | (#43855903)

Usability is the antithesis of security. With that in mind. BYOD can work for Some apps. Anything that stores sensitive data locally, no. Anything that requires much more stuffing around that opening up a web port, then no.

If PHB needs more than that to get $HisFaveApp working on his Pear uPad then he may find out there are some days when he must use the tools provided by the workplace. Diddums.

Having said this, the 80 20 rule will apply.

Re:BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43856267)

BYOD is not just about someone saving money. It's about people expecting to have their devices work and IT in organizations being too slow or not having enough funding to give everybody their device of choice.

Exactly. It's all too common for IT departments to be a bureaucratic obstacle rather than the people you go to when you need to get something done. The situation strikes me as slightly analogous to teachers unions being against school vouchers because they know the competition will kill them.

Re:BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43856365)

802.1x - stops people plugging their own shit into the network. No certificate, no connection.

Re:BYOD means I/T loses some control over it (5, Insightful)

Frobnicator (565869) | about a year ago | (#43855519)

From the IT side, it means a nasty festering pile of vulnerabilities. It means more vectors for the Chinese hackers, more attack vectors for competitors, more attack vectors for malware, more vectors for government and corporate spying, and more ways for information to accidentally leak.

From the personal side, it means being on the clock continuously without additional pay. It means additional personal liability. It means if something goes wrong at work the powers that be can brick your phone. It means that your boss or peers are always watching, sometimes expecting you to reply to emails at all hours or work on reports over the weekend.

From the bottom line perspective you may get a little more hours out of the worker, but at the cost of reduced total productivity from them never disengaging and the costs of supporting an alphabet soup of devices.

Nobody wins.

Re:BYOD means I/T loses some control over it (3, Insightful)

chihowa (366380) | about a year ago | (#43855861)

Ah, but from upper management's side, it means costs are shifted from purchasing physical hardware (who's cost is hitting a floor) to employee hours (which can keep going down). It means next quarter's expenses will be lower (the difference of which they can collect as bonuses now) and when the following quarter's expenses are back up (from IT having to maintain the mess), the bonus has already been collected. Then they can start looking to cut costs again by shipping the (now fungible) labor overseas, and collect another bonus. When the whole house of cards collapses, they've already cashed out.

Somebody wins (just not you).

BYOD means IT imagines less control over it (5, Insightful)

crow (16139) | about a year ago | (#43855533)

No, BYOD means that IT still has no real control over the devices on the network, but now has to stop pretending that they ever did.

In an engineering environment, many of the locked-down MSWindows systems that are deployed are wiped by the users to install Linux. Other systems may be mostly locked down, but users will run their own systems in virtual machines. The network may have a nice secure firewall, but lots of users set up backdoors through their home VPN connections to bypass the tight web filters.

And then there are the Chinese hackers who have infiltrated the network.

Any company that relies on controlling the systems on their network for security is practicing security through imagination. A real security model has to assume that there will be issues at every level. BYOD may help force companies to recognize the need for comprehensive security, but it doesn't create the need.

Re:BYOD means IT imagines less control over it (2, Insightful)

mysidia (191772) | about a year ago | (#43855875)

many of the locked-down MSWindows systems that are deployed are wiped by the users to install Linux. Other systems may be mostly locked down, but users will run their own systems in virtual machines. The network may have a nice secure firewall, but lots of users set up backdoors through their home VPN connections to bypass the tight web filters.

These are all things that can more or less be prevented or detected.

For starters... the implementation of 802.1X authentication of Windows computers, Network Access Protection

The other big one is a semi-deny by default webfilter policy; with a firewall device that validates the HTTP stream is actually HTTP (identification by protocol regardless of TCP/UDP port), allows access to only IP space on known web hosting providers, datacenters, and large Enterprises, but specifically doesn't allow connections to VPN services; and only allows HTTPS to specific known destinations.

VPN attempts can then be screened for and detected based on traffic anomolies: HTTP session duration and Download to Upload ratio.

Any session with a high Upload ratio sets off alarms, and gets blocked in a short period.

Re:BYOD means IT imagines less control over it (2)

tepples (727027) | about a year ago | (#43856337)

Then watch requests to whitelist particular web sites take up half the IT department's time.

what about disasters from BYOD (2)

Joe_Dragon (2206452) | about a year ago | (#43855589)

what about disasters from BYOD can you bill some for damage with little to no proof? can you make some go out buy some thing new right after they just go some due to change requirements and so no? What some who is not very technically informed goes and get's the best buy special POS and who fixes that mess?

and if they go the way of making employees pay out of pocket for a specific device and subject it to complete IT control so that no personal apps or data could be used on it. This is akin to not only buying your uniform from only this supplier, but also ensuring it is kept clean and pressed and not only but based on the cost and labor laws that can pull some under min wage for that pay period and in other places it may fall under Business Expenses.

Also you can be hit with same laws even if not as locked down / you must use this system.

Re:what about disasters from BYOD (-1)

Anonymous Coward | about a year ago | (#43855813)

I tried to parse this as English, but mostly failed. Could you please provide a translation? Especially the first paragraph.

Re:what about disasters from BYOD (1)

Joe_Dragon (2206452) | about a year ago | (#43855841)

what about disasters from BYOD?

Can you bill some for damage with little to no proof? Can you make some go out buy a new system new right after they just got one due to changes in requirements ? What some who is not very technically informed goes and get's the best buy special POS and who fixes that mess?

and if they go the way of making employees pay out of pocket for a specific device and subject it to complete IT control so that no personal apps or data could be used on it. This is akin to not only buying your uniform from only this supplier, but also ensuring it is kept clean and pressed and not only but based on the cost and labor laws that can pull some under min wage for that pay period and in other places it may fall under Business Expenses.

Also you can be hit with same laws even if not as locked down / you must use this system.

Re:BYOD means I/T loses some control over it (0)

Anonymous Coward | about a year ago | (#43855591)

You should never trust your own network. If you think your network is more trustworthy than the next guy's just because you _think_ you dictate the hardware and software allowed on it, then you've got another thing coming....

You're like someone who puts up a 4-foot fence around his yard and thinks he's never going to get burglarized, or get burglarized less. All it will do is keep the kids out; the bad guys couldn't care less.

Re:BYOD means I/T loses some control over it (2, Insightful)

Anonymous Coward | about a year ago | (#43855789)

BYOD means you can no longer trust your own network because you no longer have the same level of control over the devices on it. And if you do not trust your own network, you need to increase your security costs substantially and provide other resources that you would otherwise not need to offer. So while you're saving around $1000 per year per user on hardware, you're spending more on licensing for NAC and VDI/RDP/ICA.

That's the point though. BYOD isn't about enabling jack shit. It's about shifting the cost to your employee. If it breaks the employee pays. If the employee doesn't like it they had other options so it's their fault. Well here's the thing the employer wants to do that THEN lock down the device so that the end user can't use their own hardware. It's just petty and cheap. Petty and cheap is not going to facilitate security.

Re:BYOD means I/T loses some control over it (1)

maccodemonkey (1438585) | about a year ago | (#43855869)

BYOD means you can no longer trust your own network because you no longer have the same level of control over the devices on it. And if you do not trust your own network, you need to increase your security costs substantially and provide other resources that you would otherwise not need to offer.

Right. Because corporate owned devices could never ever ever become quietly compromised. Sounds safe to me.

Re:BYOD means I/T loses some control over it (5, Interesting)

Lumpy (12016) | about a year ago | (#43856213)

Then tell management to stop being cheapskate morons and BUY the employees tablets and phones.

Honestly the one thing that screams that the management is a bunch of Douschebags is a BYOD policy. If a company is work working for they buy you a tablet and phone if you need it as well as a laptop if you need it. The only places I have ever seen a BYOD requirement has been either fly-by-night or swirling the drain. If a company can afford to pay you 6 figures they can spend $1600 on a laptop every 2 years and $50 a month to get you a smartphone.

Re:BYOD means I/T loses some control over it (1)

vux984 (928602) | about a year ago | (#43856279)

you're spending more on licensing for NAC and VDI/RDP/ICA.

Unless you aren't.

Many companies have an outbound sales force. The use a VPN + virtual infrastructure for laptops to access email email, access to the CRM, point of sale/sales quote system, and intranet resources. BYOD vs company hardware is a wash for licensing here.

You also need to amp up the local tier1/2 support because now without standards they're going to be spending more time dealing with more types of machines. Any gains made by standardization will be utterly destroyed.

Definitely true to a point.

In practice, for a lot of companies, they do end up ahead. Employees tend to treat the units better. There's no hassle with recovery after an employee leaves. They frequently tend to buy better hardware for themselves than corporate budgets would spring for. Insurance, droppage, spillage, etc is eliminated.

Ditto for smart phones -- if you don't have or need particularly stringent policies in place for email; and you already are just using some generic hosted exchange, or gmail hosting, or zimbra hosting or whatever then byod gets a lot cheaper fast.

You save on hardware, you save on support. Its your device, if the speaker stops working, or its dropping too many calls, go get yourself a new one. You don't have to manage their airtime packages and data usage. Or bill them, or monitor them. Typically you just give them a $X phone service allowance, and your done.

Not every business is paranoid about 'customer health and financial information leaking'. The sales guys knocking on doors trying to get you have their company fix your companies elevator, wash your companies buildings windows, do your companies landscaping, do the HVAC, do building envelope testing for water penetration, supply you with printer toner...

You don't always have to micromanage their devices. Sometimes you do, and then BYOD makes no sense, for all the reasons you state... but sometimes you just don't.

News flash... (2)

fuzzyfuzzyfungus (1223518) | about a year ago | (#43855445)

In case our good buddy Brian missed the past couple of decades, nothing is simple about 'ownership' in our delightful brave new world of digital devices...(even if we might want it to be)

"Licensed not sold", DRM in all its myriad permutations, encrypted bootloaders, SIM-locked cell modems, systems that phone home faster(and in much greater detail), than ET, activesync policies that give IT the ability to nuke your phone if you want to connect to your email, all the good stuff.

Even in his article, purporting to be all progressive and whatnot about recognizing 'ownership, he says "The good news is that plenty of tools allow you to isolate all your business data from employees' personal data. Those tools can let you wipe business data from their devices without touching their photos and private emails." This is, in effect, a polite way of saying that "There are plenty of tools that allow you to gain control over a slice of somebody else's device in a way sufficiently robust to keep them from messing with that slice'.

Above and beyond all the usual amusements of negotiations between dubiously equal parties, contemporary computers offer ample power to enforce restrictions of virtually arbitrary complexity over what we quaintly pretend that you 'own'.

Leased (1, Funny)

Anonymous Coward | about a year ago | (#43855451)

It's your device, and you own it.

Not if it's running an Apple or Microsoft OS.

Re:Leased (-1)

Anonymous Coward | about a year ago | (#43855531)

How exactly is an iPhone or Windows Phone "leased"? Do you even know what that means in a legal sense? Because it's clearly not what you seem to think. I don't pay Apple to use my iPhone. Nor does anyone pay Microsoft to use a Windows phone.

You're a fucking moron.

Re:Leased (0)

Anonymous Coward | about a year ago | (#43856017)

Read the EULA. You don't own the OS.

Re:Leased (0)

Anonymous Coward | about a year ago | (#43856083)

Get a new phone, and then try to port it to another carrier. Its leased in they sense you pay, but the carrier "owns" it.

Re:Leased (1)

stoborrobots (577882) | about a year ago | (#43856095)

The concept of "leasing" vs "ownership" is not one of whether you're paying every month or not - it's about whether you have legal control over the asset. If you paid the entire cost of leasing a house up front, that doesn't mean that you own it.

A leased asset is yours to use, because another entity continues to permit you to use it, however they may revoke your permission to use it at any time. They have the legal control over the asset, you get to use it because they allow you to use it as long as you play by their rules (which may or may not involve repeatedly paying them money).

When someone else says "you can use an iPhone, as long as you don't install Cydia or other unapproved software on it, and if you do, we reserve the right to remotely disable it", that's indicating that they have the control, and dictate the terms under which you use your device.

Yeah? Hidden? (2)

magic maverick (2615475) | about a year ago | (#43855461)

I'm pretty sure that's what a lot of people here on /. have been saying about "bring your own device". You know, "it's mine, and I don't want corp. IT to tell me how to use it, or what software to have on it, or to be able to remotely delete everything on it". And, "why should I have to pay for company equipment? If it's for work, they can pay".

Gee, who'd'a' thunk it?

In other news, a smug Linux user commented that Linux doesn't crash nearly as often as M$ Windoze does. And, moreover, the GIMP is a more than sufficient replacement for Photoshop for most casual users.

Re:Yeah? Hidden? (0)

Anonymous Coward | about a year ago | (#43855541)

yawn

Damn kids need to get off my lawn!!

Re:Yeah? Hidden? (2)

jeauxkewl (1465425) | about a year ago | (#43855551)

I would mod this up if I had points. This came home to roost with me just this week. I started a contract gig for one of the O&G supermajors whose new contractor policy is BYOD and they use a vmware/mokafive VM to give you access. So here I am, doing the same work their employees are doing with powerful dedicated machines and multiple displays on my laptop running a Win7 VM on top of Win7 (see: splitting resources) because said company is too tight to provide tools to do the job. I guess it's not a problem if it takes me longer to read the fine print or manage issues as I'm on their very generous hourly rate but I'll be damned if I'm gonna drag my dock and 24" displays to the office. Sure, VM makes sense to them from a cost perspective (no capital for workstations) but the cost savings end there. Another clear case where bean counters rule.

BYOD - Borrow Your Office Data (0)

Anonymous Coward | about a year ago | (#43855469)

Great circular rant with no intelligent point. Thanks for the "simple take" Brian. Way to gloss over information security and system compatibility by repeating the same non-sensical bullshit for a whole page.

Umm no. (2)

TobinLathrop (551137) | about a year ago | (#43855479)

Or maybe it is because I work at place with SOX/HIPAA/DOD/etc requirements. Even though I am vendor I have to use the customer supplied device as I admin their servers and thats what security will allow for me to do my work. I don't have admin rights on the supplied laptop itself and everything is whitelisted to run.
Every time I hear about this at least from my side of the fence of IT support I just think of the support and security nightmares. Also if the company wants me to install their stuff on my personal pc. well they can buy me one. Same goes for a phone. They need to call me as an employee they can provide a cell phone too.

BYOD means YOU pay for it, you support it (1)

Anonymous Coward | about a year ago | (#43855561)

That's why businesses like it.

Point = missed (3, Interesting)

girlintraining (1395911) | about a year ago | (#43855565)

Because you own the device, you have certain rights to what is on the device and what you can do with the device. This is the crux of every issue that comes with BYOD programs.'"

Okay, let me make this simple; You're in IT security. Let's say you just threw open the doors and let anyone bring their own laptop in to work. Well, you know, and I know, that people are stupid. They're going to be infected with malware, viruses, APTs, and god only knows what. And that's the point: You don't know what's being brought in. You have no control now. And let's say as a result of someone doing this, they pass on a piece of malware, not to your super-secure corporate systems, but to another employee who's also brought in their own device.

Who's legally at fault here: The employee who accidentally (or neglegently!) brought in an infected laptop, the other employee who connected their own laptop and accidentally (or neglegently!) got it infected... or the company whose network policy facilitated this? And here's a better question: Who do you think both employees are going to sue, thus costing your company millions in unrecoverable legal fees (even if you win, you ain't going to see that money again).

Ownership here is indeed the issue; Just not device ownership. Specifically, the cost of ownership; which if you allow this stuff on your network, the cost of owning that network is going to rise due to incidental costs. How much, nobody knows for sure -- this is still a relatively new thing (in the business world anything less than 10 years old is 'new').

Re:Point = missed (1)

TENTH SHOW JAM (599239) | about a year ago | (#43856007)

How about you set some standards?

I $user in connecting my device you your $companies network, do swear and aver that
* My antivirus software is paid for and up to date.
* My device (to the best of my knowledge) is patched and up to date.
* Assume all risks to the IT system that are traced to me to a value of $20 M
* Will follow IT policies and procedures (and not look at porn at work) while device is connected.
* (insert whatever you want here)

Risk of infected laptop has now been transferred to the device owner.

Re:Point = missed (0)

Anonymous Coward | about a year ago | (#43856107)

and the device owners go for this because....

"BYOD" -Define your damned acronyms in the summary (1)

Anonymous Coward | about a year ago | (#43855583)

And not just with a link. No, this is not a well known acronym yet.

Your device, their data (4, Insightful)

DigiShaman (671371) | about a year ago | (#43855599)

The problem with BYOD is that users often want access to corporate data. But companies have a right, no, make that a duty to protect their own data. The problem is that in order to do that, the company has to have some control of your hardware. Mainly with regards to encryption and holding the keys from you. Again, your device, their data. And that's often the point of contention between staff and IT personnel.

Re:Your device, their data (0)

Anonymous Coward | about a year ago | (#43855773)

Wrong - if it's my device, then I control it to the fullest extent possible. If the company wants me to have access to their data on the move, then *they* have to provide whatever device is suitable, which they can own if they want to (or rent, lease, give away whatever is their fancy), and I'll be happy to comply with their rules.

Re:Your device, their data (1)

bdwebb (985489) | about a year ago | (#43856149)

If the terms of your employment are that you BYOD and comply with company security policies then you do that or you don't have a job. I'm not saying you're wrong...I also believe they should be responsible for providing you with a company resource to comply with security policies. In fact, almost every company with a BYOD policy actually does do this and BYOD is simply a policy that allows users to work in a more convenient fashion with their own equipment.

Almost every BYOD policy I've seen implemented is due to complaints about not being able to get on the corporate network with their iPad or connect to the corporate network with their personal laptop via VPN. In the case where users want that access, it is up to the company to either allow it and enforce security on those BYOD devices just like they are company resources or to disallow them entirely and tell the personnel to eat it. All the BYOD policies I've ever seen that require a user provide their own equipment operate through Virtual Desktops anyway so there are no strict compliance rulesets for the devices people use..just simply that they have web browser access and can install a Citrix agent or something along those lines.

Re:Your device, their data (1)

fermion (181285) | about a year ago | (#43856069)

And the solution is to go back to the good old days when corporate controlled data and user only had terminal access. This with todays technology this is not so hard to do. User devices are display only. All storage and processing is done on IT controlled servers. The average worker bee does not need a high end PC, and has not needed one for years. At least not for work. It has been a perk that companies supplied a PC that could also be used for entertainment purposes.

The real downside, to me, is support. If a user device is not working, then no work will get done. This means that the firm has to fix the device or lose productively. This is not such a big deal because modern devices, especially non-MS Window devices, are very reliable.

Indeed (0)

Anonymous Coward | about a year ago | (#43855603)

That's it right there.. It's your device.... you control it..

Well since that is such a big issue for you, Since I control the network, I guess you WONT be bringing your own device and using it at work.
Chew on that ......

Brian doesn't have a fricking clue. (2)

Chas (5144) | about a year ago | (#43855613)

"It should be about enablement"

Spoken from the self-entitled end-user's perspective!

Sorry, but it IS about control. Control of company data. Security of company data. Compliance with various laws such as HIPAA, SOX, etc.

No sane company WILLINGLY bends over and spreads by giving unfettered access to their dearly bought client and company data.

I've dealt with numerous clients over the years who've been suing former employees for data theft. And they TOOK precautions!

And you're telling me I should let someone walk around with uncontrolled access to a multi-million dollar client list, documents, etc, in their pocket?

FUCK YOU!

Re:Brian doesn't have a fricking clue. (2)

iggymanz (596061) | about a year ago | (#43856047)

you have some misconceptions. Enterprise software can manage the access of data on the device: requiring device have password lock, separation of client and company data, wiping of the device by the company if stolen (yes, employees made to sign agreement). All this can be done on Android, iPhone, Blackberrry

Re:Brian doesn't have a fricking clue. (1)

iggymanz (596061) | about a year ago | (#43856053)

also should mention my employer actually will buy the device for the employee, it is the employee's property and yet they pay the bill each month, HOWEVER note the agreement the company can wipe the device upon termination, theft of device or any other reason.

Rights? (0)

Anonymous Coward | about a year ago | (#43855617)

You have no rights if you connect to my network and i get to control your device 100%. Sorry, it has to be that way for all our security. If you don't like it ( hey, i don't either.. ), not a problem, just don't connect YOUR device to my network and accept a corporate device.

Completely misses the point (0)

Anonymous Coward | about a year ago | (#43855621)

There are many things involved here:

- The fact that a discovery and hold data order may mean the company needs to grab the user's notebook (and depending on the jurisdiction possibly provide them with another one.
- The lack of a solid hardware break fix plan for "whatever crap" the user brings in. Is it depot instead of onsite? Is it even under an plan?
- How does the crap notebook from Best Buy work with existing docking solutions and provide dual monitor support and fit with the corporate ergonomics mandate?
- Heck, how can the user even load the coporate ergonomic software - let alone any other corporate software on the device. Many times the ownership issue is exactly the licensing boundary.
- How does IT support the failed app installs due to some crazy setup?
- How does that home system work with our Smart Card mandate for logon?

There are a lot more. In fact, most large companies IT departments will simply punt and force all corporate data access and applications to go through a VDI and use the user's BYOD device as a dumb display terminal when faced with BYOD.

It is about ownership. Please. If only it was just about that this would be easy.

Re:Completely misses the point (1)

jedidiah (1196) | about a year ago | (#43855743)

> - Heck, how can the user even load the coporate ergonomic software

That's not a bug. That's a feature. That kind of crap is why end users want to control their own devices to begin with. The employer provided devices are all crap. It's because of nonsense like "corporate ergonomic software".

The PCs they give you in "enterprise" environments are one of the biggest reasons to avoid "enterprise" environments in general.

Re:Completely misses the point (2)

Todd Knarr (15451) | about a year ago | (#43855853)

Well,

Discovery: there's legal issues there, yes, but there's also the fact that it's not your property that the data's on anymore. With physical documents a discovery order for the company doesn't give the company the right to come in and search my home for documents that might relate. Why should it be any different for electronic documents? The pattern should be that of any other case: the company responds that some of those documents are not under their control and supplies the contact information of the people who do control the documents.

Break/fix plan: not the company's problem. It's my device, fixing it is my job. And frankly I build stuff so my break/fix plan is "Buy a replacement.". I try to design things so I can hit Fry's and get replacement parts if it's really an emergency, mostly that means I'm down for an hour or three depending on which one I have to go to.

Exising desks etc.: again not the company's problem. I shouldn't need a docking station just to plug in a power cord and Ethernet cable, and the monitors should be using standard VGA/DVI/HDMI connectors.

Corporate software: this should've been dealt with before you started a BYOD program. If you require software that's got complex licensing requirements, figure out how you're going to let users use it first.

Failed app installs: this mostly shouldn't be a problem unless your apps have some really hairy dependencies. Despite this being a common scare tactic, I've rarely run into situations where an app wouldn't install because of some complex interaction with a personal setup. Most often it's because of stupidity like "We designed it to only work with one specific patch level of Java 1.5, and the user's got current Java 7 installed.". Often it ends up being the corporate developers who created that problem. For example that Java app before would run just fine in current Java 7, the only problem was that the corporate developers deliberately set the configuration to refuse to run except with that one specific patchlevel of one specific version of Java. Take that restriction out and presto, app works perfectly.

Smart Card mandate: again this is something the company ought to be working out beforehand. Remember that when you want to use someone else's equipment you can't always mandate what it has to be capable of or how it must operate. You either deal with this up front, or you acknowledge that the company needs to own the equipment which means it's not going to be BYOD.

The big problem seems to be that companies want to have employees paying for and owning the equipment, but want to treat that equipment as if the company owned it. The company needs to change it's attitude if it wants to use BYOD, design things to not require the company to own and control the equipment. It's not like it's a big deal, it's not like Oracle or Adobe or Intuit or Blizzard or any other software publisher hasn't had to figure out how to make their software live and work on machines they have no control over. If they can do it, I'm positive the problem isn't insoluble.

Re:Completely misses the point (1)

LDAPMAN (930041) | about a year ago | (#43856277)

Discovery only applies to data you control. Once it's on an employee owned device the company has no obligation to produce the data. The court then needs to go after the user directly if they want that. Note that there are exceptions for company officers.

Taxes (3, Insightful)

macemoneta (154740) | about a year ago | (#43855651)

I'm sure that eventually someone will realize that companies are deriving a benefit from an asset they don't own (not on their books), and thus should be paying tax and or compensation.

Re:Taxes (0)

Anonymous Coward | about a year ago | (#43855815)

I hear you, but I fear it will be the other way around. Tax authorities will start to claim that since employees provide (rent) their devices against a payment (some percentage of salary, perhaps), the employees will end up paying some form of additional income taxes. Mind you, companies can offset all cost they expend, including the software and staff they soley require to make use of BYODs.

BUY not BRING (0)

Anonymous Coward | about a year ago | (#43855663)

Companies like BYOD because they suddenly don't have to pay the bill for the hardware and the data plan (or whatever).

You also lose rights on your device (1)

cyberspittle (519754) | about a year ago | (#43855755)

If there is company property on your device, they have every right to it. Not as good as it seems.

Re:You also lose rights on your device (0)

Anonymous Coward | about a year ago | (#43856269)

does that go the other way, too? if the company has one
of my documents on their machine, do i own it?

BYOD moves between work and home (1)

Hentes (2461350) | about a year ago | (#43855801)

BYODs move between work and home thus transferring sensitive information out and moving viruses in.

Not really it isnt yours. (0)

Anonymous Coward | about a year ago | (#43855809)

When you use it on company property on company time for company work you are doing then you need to abide by their rules and when following those rules essentially it is not yours.

Its no different than having to buy your own clothes that meet your companies standards. Sure you can have mustard stains on them, if you are a business guy you have to tuck in your shirt, not wash them and spill coffee on them but when you are at work those things are not acceptable to company standards. Yes you bought the clothes but you are still required to keep them a certain way for work.

If they didn't control the device you bring in atleast somewhat then the offices would get flooded with Trojans from retards that cant maintain their device, or people just automatically assume they can take whatever company data home on their device.

So is it your device? Yes it is. Is it your device when using it on company time? No it is not because your ass belong to your employer when on their time body and device and if you don't like it then quit your job because there a ton of people out there who would love to have a job.

What about risk of damage to your BYOD? (1)

Katan (104699) | about a year ago | (#43855871)

Think about the risk that has transferred over to your personal devices. You take ownership of a BYOD as your own, even if you receive a stipend for its purchase. So now a BYOD affects you personally, and not only the company. For example, if you work in an environment where your BYODs could be damaged. This could range from the basic (spilled coffee) to the extreme (working outside in a harsh environment). What if its cosmetic damage?

Obviously I have some personal experience in this. I took a BYOD (Macbook Retina) on a business trip, and we were making coax cables. My colleague dropped his end and the center conductor whipsawed onto my brand new screen, leaving a scratch. So now my supposedly best in class screen has a smiley face scratch on it. You could argue it is cosmetic. So how you handle this? I talked with my boss and it became clear that having a BYOD means accepting some liability. To be clear, my job is fairly office environment-esque, just general IT tasks for the most part. I use my laptop for email, programming, office suite etc. But I could see days where I need to bring it on a man-lift or in a harsh environment. Not a great prospect.

There are certainly extremes where you can expect some company liability, but it opens many questions about how determine if/when risk of BYOD damage is a customer issue.

I'm not going to spend this much money, stipend or not, and have it get all jacked up. I'm leaning towards letting the company carry the risk going forward...

BYO(Body) (1)

LionKimbro (200000) | about a year ago | (#43855895)

I can see an argument that a person's device is effectively part of their brain or their body.
I own it, I control it.
Also. Both my device and my body can catch a virus.

Perhaps the problem with BYOD is sick days.

Just say NO to BYOD (2)

canadian_right (410687) | about a year ago | (#43855913)

I would never use my personnel devices at work. One, if work wants me to have device xyz they can pay for it. Two, I like to keep my private and work life separate. Three, I've never worked for a company so insane that they actually thought BYOD was a good idea.

Re:Just say NO to BYOD (0)

Anonymous Coward | about a year ago | (#43856143)

I'll add four: I don't take work home with me. Why would I want any personal device with work crap on it?

cost of repairs and need to have a working device (0)

Anonymous Coward | about a year ago | (#43856065)

who is going to to replace it the same day when the device breaks, the screen gets damaged, the fan stops spinning, or it catches on fire? If its byod, and work needs to be done, the employee may not have the money on hand to deal with "fixing it" that day. if its not byod, it will replaced by the next morning. work can't stop because theres no funds available to fix your byod device.

Didn't read article, summary is ridiculous (1)

Luke has no name (1423139) | about a year ago | (#43856075)

Of COURSE the problem is ownership! That's the first question every worker in my IT department asked when we got offered BYOD!

"So, if I can have company data on my phone (email), what are y'all doing to my phone? Oh, you're putting it in an encrypted sandbox? Oh, you're reserving the right to wipe that sandbox remotely (and possibly my entire phone)? Oh, you're not taking any liability for accidental wipes? Oh, you're not issuing a phone number that hides my personal cell (ala Google Voice/giving me a SIP address)?"

Ya, fuck that noise. Give me my crappy work-iPhone 5 that, rather than using native apps like the Blackberry I had, gets to use "GOOD for Enterprise" apps that don't integrate with the rest of the phone.

BYOD exists really for one reason ... (0)

Anonymous Coward | about a year ago | (#43856081)

By making people use hardware they own, the non-tech types break them dramatically less than when it is company owned.

We had an 80% reduction in sales people breaking laptops when we started making everyone use hardware they own (and have to replace when they break it).

Things don't get lost in airports, people don't carry them around by the screen like a jackass, etc ...

Let's have our cake (1)

Zeromous (668365) | about a year ago | (#43856085)

Look, where I am BYOD is totally OK. We are provided lots of options for secure OTG access and training to avoid breaches.

Here's my person opinion and what I advocate for in my work:
I support doing everything you can to isolate clients from servers- from data access to workflow/process. There is no reason this level of authentication cannot be implemented on BYOD as the next step. That said, BYOD is only sustainable long term if accompanied by a mature self-service support model. IT should provide the virtualized environment setup, but once it's on your device you are "on your own". Devices now are so homogeneous- soon it won't be an issue to support random/phones/tablets/PCs. Save money supporting on the front end, consolidate your back end and support the hell out of it. Companies should supply replacement and loaner hardware if they need to confiscate a user device, for say, legal reasons or company interests.

So missing the real point... (0)

Anonymous Coward | about a year ago | (#43856145)

The huge issue with BYOD is really simple. People are paid to work. This means that whatever device they're using has to work so they can do their jobs.

With BYOD, their device is potentially an unreliable piece of junk that the IT staff (who are responsible for keeping people working) has no control of, no experience with, and no idea how it's set up.

So when it fails, the IT staff are suddenly landed with a big turd that they have to get working RIGHT NOW because Joe Citizen needs to be able to work.

See the problem?

Dual SIM, Dual OS (1)

ChunderDownunder (709234) | about a year ago | (#43856263)

Partition the phone into work/private.

The 'work' profile runs whatever your corporate masters inflict upon you. It's for work calls only.

The 'home' profile uses its own SIM and runs inside its own OS. You can load Android, FireFox OS, Ubuntu, whatever - it's you're personal space with your environment, private contacts, phone contract & data plan.

When an employee leaves, the personal profile could be easily exported to be transferred to another phone (the image is just carried across to the hypervisor running on the new phone).

Dual SIM tech exists. Hardware virtualization exists (arm v7a extensions).

Blame Apple; ipad + ceo = byod (0)

Anonymous Coward | about a year ago | (#43856305)

and the shit rolls down hill from there

BYOD @ Your doctor, bank, accountant, government? (1)

deadlydiscs (1505207) | about a year ago | (#43856357)

Here's the simple question...

Perhaps without knowing all of the risks associated with BYOD in a corporate environment, or any environment were information management is expected or required, how comfortable would you personally be if you knew that BYOD was implemented as a standard anyone-can-have-it end-user offering at:

- Your Doctor and/or health care provider
- The financial institutions you use (e.g. banks, brokerage, 401k, etc.)
- Any small/large company that is storing your personal information (SSN, DOB, name, address, salary info, etc.)
- Your attorney, accountant, etc.
- The networks of your government


Shoot. After typing this, I half wish there was a BYOD disclosure requirement to customers/citizens of the above organizations.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...