IT Security Professionals Speak Frankly about “Bring Your Own” Devices, Applications, Web Services, Cloud Storage and More

Linda Musthaler
By | May 29, 2013

Posted in: Network Security Trends

Sometimes the best learning opportunities are when IT security professionals sit around and talk to each other about their challenges, what they’ve tried for their own environments, what works and what doesn’t work. People need to talk to peers outside of their own organization to get a feel for what others are doing. This is the premise behind Wisegate, an exclusive social networking group for IT and IT security leaders.

Wisegate has just published a new report based on a discussion among some of its members about the challenges of “BYOx,” which they define as “bring your own anything”—devices, applications, web services, cloud storage and more. We outsiders are given a chance to learn from this group of CISOs about their struggles to both control and enable BYOx in their respective organizations. What I find most helpful in the report is that the security practitioners speak frankly about various products and services they have tried, and what they like and don’t like about them.

Specifically, they talk about mobile device management tools, cloud storage services, document sharing services, and other tools and applications they’ve evaluated, implemented or rejected. It’s quite likely that your own company has considered – or will consider – some of these same solutions for your BYOx environment.

For example, most of the Wisegate members agree that they don’t want their companies’ employees using the consumer-oriented tool Dropbox to send large documents around. These companies have looked at more secure alternatives like Box, Norton Zones, WatchDox, Google Docs, Copiun, Evernote, TeamBeam, IBM Connections, Accellion, and a few others. Some of these solutions are too expensive or too complicated, but others seem to work well for the given situations. Check out the Wisegate report to see who is using what, and why.

In this particular Wisegate discussion, three members presented mini case studies of their organizations. These members represent a Fortune 100 company, a global manufacturer, and a leading financial services firm. All three of the companies have many thousands of employees. Each company is attempting to enable BYOD, but for different reasons and in different ways. It’s interesting, though, that they are generally not satisfied with mobile device management (MDM) solutions. Why? They say MDM platforms are too expensive and too restrictive, especially when a solution won’t allow people to use native applications and forces them into a certain way of work.

As one CISO put it, “Why should we be happy with an MDM solution? We want to get away from MDM and to a place where you have security built into the mobile platform in a way that is not impacting the user experience…where it’s common, expected, and you basically have the same level of security on mobile devices that you have on a laptop. That’s really where I want to get to.”

Hallelujah, brother! You are preaching to the choir! Vendors, are you paying attention to what your customers want?

BYOD isn’t a given in these organizations. Some of the companies still prefer to own the devices in order to have better control over them. Blackberry is the vendor of choice when companies own the devices. Wisegate members agree that device ownership will shift to employees, however, once they can figure out how best to secure company data and applications.

To get a sense of what your peers in the IT security profession are doing about BYOx, read Wisegate’s report BYOx Case Studies: Three CISOs Tackle Employee-Owned Apps & Services.

You May Also Be Interested In: