Don't fear the "bring your own device" (BYOD) trend -- take a chance and find out if it works in your organization, say IT managers in the financial industry that let employees make use of their personal smartphones and tablets for work.
"I'm a huge advocate of 'bring your own device,'" says Robert Meltz, CTO for Hearthstone, the $12 billion investment firm based in Los Angeles focusing on the residential building industry. He acknowledges his company didn't exactly go in pursuit of BYOD for employees, but when employees began asking what they could do with their personal iPads at work, Hearthstone decided to give it a try.
He says Hearthstone has found one of the most useful ways to integrate business file-sharing with iOS devices is integrating them into the EMC Syncplicity cloud-based file-sharing service the company uses.
With the Syncplicity app for iOS, the user's mobile device has access to Hearthstone's electronic files, updated via the Syncplicity service, says Meltz. He notes the investment firm began using Syncplicity over a year ago, first thinking of it mainly as a way to enhance disaster recovery by having encrypted cloud-based file-sharing that duplicates server files held internally, but it quickly became a basis for all types of file-sharing for mobile devices.
Hearthstone will also reimburse employees for BlackBerries and iPhones, but doesn't favor supporting Android devices due to security concerns mainly around malware issues and the fact that this would be another mobile platform to support.
Blackstone, a New York-based financial firm with $205 billion in investments, has also decided it will support employees' personal iOS devices, says CTO Bill Murphy. It's not favoring Android at the present time.
But for official purposes related to work, Blackstone is mandating that these BYOD iOS devices must run specific corporate-controlled software intended for device security and management. Specifically, this is the MobileIron mobile-management device software and WatchDox, which facilitates how any electronic document can be distributed.
That means if certain controls are on the document, it couldn't be opened even if it were forwarded, Murphy explains. Blackstone has used WatchDox for other purposes than just BYOD, but "the mobile revolution is making it more important," he says. The weakest link in security tends to be unwanted actions and behavior by individuals, he notes, and WatchDox helps prevent mistakes related to BYOD devices.
Having MobileIron on BYOD devices means that the company has the right to wipe the device if it's lost, says Murphy. "The corporate email is on there so we say, sorry, we'll wipe it. They accept that." Employees are encouraged to back up their BYOD devices regularly.
Jeffrey Hunter, vice president at consultancy Booz Allen Hamilton, says it's not unusual for any enterprise to initially fear the BYOD phenomenon because it appears to "break all the rules" associated with traditional IT management. But BYOD can increase employee productivity since traditional IT typically only has a one-size-fits-all strategy, he says, adding Booz Allen also supports BYOD for its employees.
It makes sense for institutions to "avoid total chaos" by defining specific devices and form factors they will allow for BYOD, Hunter says. But he advises caution on the question of deleting the user's personal data from BYOD devices, noting the time has come to find creative approaches toward "data sovereignty" adopted in BYOD to be able to delete business data but not delete the personal data.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: firstname.lastname@example.org.