EDGE 2015 is starting in

Find out more EDGE 2015
Rise of “shadow IT", not BYOD, should be a concern for organisations: IBRS

Rise of “shadow IT", not BYOD, should be a concern for organisations: IBRS

Security analyst shares his view on MDM and how it fits in with BYOD

The entire MDM space is dead when it comes to the bring-your-own-device (BYOD) trend, according to IBRS security analyst, James Turner.

He made the claim during the launch of Kaspersky Endpoint Security for Business in Sydney, explaining that one can not claim to control something that one does not own.

“You have two ways of controlling the data, either by presenting it to the device via HTML5 or by having an encrypted container on the device,” Turner said.

“Either way, you don’t own the device.”

Instead, Turner said MDM is applicable for devices issued by the organisation.

To highlight this disparity, Turner referenced two organisation he dealt with recent, with 10,000 employees between the two of them.

Over the last 12 months, one organisation gave their employees a choice of Blackberry or iPhone.

After that time, Blackberry now only represents 40 per cent of their corporate fleet.

“The second one has been doing it for two years and did the same thing, though also gave the choice of Android,” Turner said.

“In this case, Blackberry represented only 10 per cent.”

Turner highlighted these two cases to show the massive appeal of the non-Blackberry devices among employees.

People who have been interested in these devices are already using them, a trend that Turner refers to as “shadow IT”.

“It is already happening, so organisations are not trying to reclaim control, they are catching up with what users are doing and then provide guard rails around that,” he said.

Field work

When data loss prevention (DLP) was a trend a few years ago, one of the scenarios Turner discussed with clients was how to stop someone from looking at their iPhone, taking a photo and sending it via their Gmail account, essentially passing the IT system.

In terms of gauging what IBRS’ client base is doing in terms of BYOD, Turner said it is already there.

“We talk about BYOD in the same sense of being hacked,” he said.

“Either you’ve been hacked or you’ve been hacked and don’t know it.”

Instead of BYOD, Turner prefers to call it bring-your-own-other-device (BYOOD), because there is a distinction between the gear the company has provided to an employee, and the actual tools used to get the job done.

Turner came to this conclusion after going out and talking to line managers across the field, conducting dozens of interviews with organisations spanning thousands of people, and talking to the staff about how they use the device.

As an example, Turned mentioned one organisation that received a call in the office from someone in the field, who then asked the employee for the information to be sent.

“The person in the field pulls out their iPhone, takes a photo and sends it as an MMS to the other person’s phone,” Turner said.

“That was sensitive information, and it was suddenly there on an outside communications channel that the IT department in the organisation has no record of whatsoever, as well as no ability to control it.”

Turner admits an incident such as this is nothing new, as he has spoken about this for years and it has “been around for as long as IT departments have,” notably with people plugging in their own wireless routers.

“It is the concept of the shadow IT department,” he said.

“That is what BYOOD is about, users out there in the field finding other ways to use technology, which has been consumerised, work for them.”

As such, the best thing an IT department can do is go out and start interviewing the line manager on the field, asking how they use the information and the devices.

“Everyone out there is using Gmail and Dropbox, so how can we provide you with the same capabilities and play catchup, and provide some method of control, which the organisation needs to keep track of what happens with their data,” Turner said.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

EDGE 2015:: For all the latest on EDGE 2015 including the keynote speakers visit the EDGE mini-site now

Follow Us

Join the ARN newsletter!

Error: Please check your email address.




In Pictures: 7 things we hate about Twitter

In Pictures: 7 things we hate about Twitter

You probably either love Twitter for its quirkiness and brevity or see it as a pointless waste of time. After nearly a decade on the social scene, Twitter still needs to improve its user experience and fill in notable gaps in the service. These seven problems are long overdue for a fix.

In Pictures: 7 things we hate about Twitter
IN PICTURES: EDGE 2015 - Sponsor Briefing

IN PICTURES: EDGE 2015 - Sponsor Briefing

With EDGE 2015 rapidly approaching, ARN and Reseller News NZ held a Sponsors Briefing where ARN publisher and president, Susan Searle, and Events Manager, Alexandra West, ran through the considerable logistics in detail. Attendees then enjoyed some splendid canapes and drinks. EDGE is designed to bring the A/NZ channel together in a collaborative and educational environment. Themed around channel channel leadership, EDGE will be held at the Sheraton Mirage, Port Douglas, July 20-23. Photos by MIKE GEE.

IN PICTURES: EDGE 2015 - Sponsor Briefing
In Pictures: Robots that cook, clean, sing and dance

In Pictures: Robots that cook, clean, sing and dance

Cooking, learning language and doing the laundry are a few of the human skills demonstrated by.real humanoid bots featured in the National Geographic movie Robots.

In Pictures: Robots that cook, clean, sing and dance

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments