John and I loathe BYOD. It is a security nightmare. While most business agree, many have felt compelled to embrace BYOD (bring your own device) because, frankly, employees (and sometimes senior management) demanded it.
Reading the story of IBM’s experience with BYOD is unnerving. It is sometimes argued that BYOD will save a company money. IBM’s CIO, Jeanette Horan, says it doesn’t save money – it just creates headaches because employees’ devices are full of software that IBM doesn’t control.
While IBM has given BlackBerrys to 40,000 of its 400,000 employees, 80,000 other workers now connect to internal IBM networks using other devices, including those they purchased themselves. When IBM surveyed employees about security risks using mobile devices, many were “blissfully unaware.”
So IBM has its hands full. It has a list of banned apps including Dropbox, already a suspect in one law firm breach. It turns off Siri, afraid that spoken queries may be stored somewhere. Mobile devices (now) cannot connect to IBM’s networks unless the IT folks have configured them for remote wiping.
IBM is by no means alone – businesses across the country are struggling with BYOD. But as much as John I dislike it, we agree with IBM’s Chief Technology Officer for Mobility who said simply “The genie is out of the bottle.”
No wonder there are now more than 40 mobile device management companies. These should be cash cows for the foreseeable future.
This post originally appeared on Ride the Lightning: Electronic Evidence and Information Security Blog.