Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Everyone Gets It Wrong About BYOD

Posted by Soulskill on from the bring-your-own-device dept.

snydeq writes "Brian Katz offers a simple take on the buzz around BYOD in business organizations these days: 'BYOD is only an issue because people refuse to realize that it's just about ownership — nothing more and nothing less.' A 'hidden issue' hiding in plain view, BYOD's ownership issue boils down to money and control. 'BYOD is pretty clear: It's bringing your own device. It isn't the company's device or your best friend's device. It's your device, and you own it. Because you own the device, you have certain rights to what is on the device and what you can do with the device. This is the crux of every issue that comes with BYOD programs.'"

12 of 377 comments (clear)

  1. BYOD means I/T loses some control over it by Jailbrekr · · Score: 5, Insightful

    BYOD means you can no longer trust your own network because you no longer have the same level of control over the devices on it. And if you do not trust your own network, you need to increase your security costs substantially and provide other resources that you would otherwise not need to offer. So while you're saving around $1000 per year per user on hardware, you're spending more on licensing for NAC and VDI/RDP/ICA. You also need to amp up the local tier1/2 support because now without standards they're going to be spending more time dealing with more types of machines. Any gains made by standardization will be utterly destroyed.

    BYOD is a short sighted, stupid idea thought up by someone who sure as hell has no experience with I/T support.

    --
    Feed the need: Digitaladdiction.net
    1. Re:BYOD means I/T loses some control over it by Frobnicator · · Score: 5, Insightful

      From the IT side, it means a nasty festering pile of vulnerabilities. It means more vectors for the Chinese hackers, more attack vectors for competitors, more attack vectors for malware, more vectors for government and corporate spying, and more ways for information to accidentally leak.

      From the personal side, it means being on the clock continuously without additional pay. It means additional personal liability. It means if something goes wrong at work the powers that be can brick your phone. It means that your boss or peers are always watching, sometimes expecting you to reply to emails at all hours or work on reports over the weekend.

      From the bottom line perspective you may get a little more hours out of the worker, but at the cost of reduced total productivity from them never disengaging and the costs of supporting an alphabet soup of devices.

      Nobody wins.

      --
      //TODO: Think of witty sig statement
    2. Re:BYOD means I/T loses some control over it by Anonymous Coward · · Score: 5, Insightful

      Not sure about you, but no one plugs in whatever they want to our network, all network ports are authenticated at the switch, you plug in a non authorized device the port simply shuts off. BYOD is a fucked up concept by people that simply have a poor understanding of IT that think what they do at home is "better" as the guys running the network can't possibly know more than them. I have seen BYOD in 3 places now and in all it has been 3 complete failures where it was rolled back due to the insane increases in support costs.

    3. Re:BYOD means I/T loses some control over it by guruevi · · Score: 5, Insightful

      Maybe you should improve your licensing options or choose better products with less licensing. Throwing out high quality people because a 3rd party company bullies you is not really great business practice.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    4. Re:BYOD means I/T loses some control over it by FireFury03 · · Score: 5, Informative

      Both devices have plenty of support for HTTP proxies.

      Android Gingerbread lets you set a single HTTP proxy which applies to all networks. That means device owners have to manually enter and clear the proxy settings as they move between the office network and their home network. Not that it matters - almost all apps ignore the proxy settings anyway.

      Android ICS and Jellybean let you set an HTTP proxy per wifi network, which at least means the user isn't expected to reconfigure the phone all the time. Most apps still ignore the proxy settings. Most of the apps that do pay attention to the proxy settings don't support authenticated proxy servers.

      All recent versions of iOS allow the proxy and authentication credentials to be set on a per wifi network basis. That's excellent. Except that most apps (including a good chunk of the stock iOS apps that Apple ship with the phone) either ignore the proxy settings entirely or fail to support authenticated proxy servers. (Yes, Apple is aware of these problems - there are bug reports in their bug tracking system that have been open for several years, they aren't interested in fixing them).

      Even then, Squid has a transparent proxy option.

      Transparent proxying only works for HTTP, not HTTPS unless you are going to MITM all the sessions (which involves installing certificates on all the clients). And even then, you can't authenticate the users if you're proxying transparently.

      --
      http://blog.nexusuk.org
    5. Re:BYOD means I/T loses some control over it by Skuld-Chan · · Score: 5, Interesting

      1990 called - they want your manually set proxy server back.

      We proxy everything, but the users are none the wiser and its a university where BYOD isn't even something we can control.

    6. Re:BYOD means I/T loses some control over it by Lumpy · · Score: 5, Interesting

      Then tell management to stop being cheapskate morons and BUY the employees tablets and phones.

      Honestly the one thing that screams that the management is a bunch of Douschebags is a BYOD policy. If a company is work working for they buy you a tablet and phone if you need it as well as a laptop if you need it. The only places I have ever seen a BYOD requirement has been either fly-by-night or swirling the drain. If a company can afford to pay you 6 figures they can spend $1600 on a laptop every 2 years and $50 a month to get you a smartphone.

      --
      Do not look at laser with remaining good eye.
    7. Re:BYOD means I/T loses some control over it by Lumpy · · Score: 5, Insightful

      Sounds like a plan. got a FOSS version of AVID? same quality and same abilities?

      No? how about a FOSS version of AutoCad? no the two toys running around out there wont work.

      Well then how about a FOSS version of my automotive computer tuning software? IT supports all the modern cars, so what FOSS program is out there that does that?

      Lastly how about a nice FOSS large accounting software system? no?

      There are three business types that can not use FOSS even if they wanted to, and that covers a hundred thousand of businesses in the USA alone. (car repair, car shops, engineering firms, accounting firms, TV stations and studios, etc...

      FOSS is an impossible answer for a large number of businesses simply because the software does not exist.

      --
      Do not look at laser with remaining good eye.
    8. Re:BYOD means I/T loses some control over it by Anonymous+Psychopath · · Score: 5, Insightful

      Your company has no secure resources that you or your superiors are worried about then and you are not a candidate for NAC as the parent poster was. That or your company's IT staff, including you, is actually the incompetent group and if you ever get compromised by an outsider with malicious intent, you're fucked.

      We have about 25,000 BYOD users and ferociously protect our IP. I wish you luck in your crusade against the customers you serve. It seems to be working out for the RIAA/MPAA.

      --

      Eagles may soar, but weasels don't get sucked into jet engines.

    9. Re: BYOD means I/T loses some control over it by guruevi · · Score: 5, Insightful

      1 IT tech per 550 users is indeed a very unreal ratio unless you work at a place like Google where everybody is highly technically adept. Even with heavy handed standardization and lockdown, you simply cannot maintain even the most basic of communications. You would be manning 1500 users, ~2000 computers, ~50 servers, ~150-250 printers and ~100 switches, 50+ access points if you have wireless, miles of cabling you should be halfway upgrading to fiber pretty soon... with 3 people? Who is developing anything? Who is rolling anything out?

      Unless you have everything outsourced to the cheapest bidder and a host of consultants that don't count towards your FTE. Even 1 of you guys falling sick or getting hit by a bus would be devastating. From my experience a typical IT person can handle ~100 desktop users, ~250 if you have a well-run tiered help desk system.

      If your department truly believes you personally have a hand over 550-800 users, then simply go out there, most likely what has happened is every single department has one or more official or unofficial IT tech and a number of desktop-servers and wifi routers on the desks.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
  2. BYOD means IT imagines less control over it by crow · · Score: 5, Insightful

    No, BYOD means that IT still has no real control over the devices on the network, but now has to stop pretending that they ever did.

    In an engineering environment, many of the locked-down MSWindows systems that are deployed are wiped by the users to install Linux. Other systems may be mostly locked down, but users will run their own systems in virtual machines. The network may have a nice secure firewall, but lots of users set up backdoors through their home VPN connections to bypass the tight web filters.

    And then there are the Chinese hackers who have infiltrated the network.

    Any company that relies on controlling the systems on their network for security is practicing security through imagination. A real security model has to assume that there will be issues at every level. BYOD may help force companies to recognize the need for comprehensive security, but it doesn't create the need.

  3. Too bad he wasn't fired ..... by King_TJ · · Score: 5, Insightful

    Having done I.T. for over 25 years and counting now, I'm *really* getting fed up with all the authoritarian sysadmin wanna-be's who impose all sorts of rules on what people CAN'T do on a network, instead of ENABLING people to do more with the resources available.

    You want an AppleTV on the corporate network (most likely for the purpose of easily projecting things onto a conference room television instead of physically connecting a video cable between the PC and the TV)? Great! Why the hell NOT allow it? It's pretty much the same guts inside as an iPod touch, except with a locked-down version of iOS. Not exactly anything I'd be concerned about. (If your main objection is something along the lines of not liking the fact it lets people stream TV shows or music when that's not what they're hired to do? Guess what! It's not YOUR job or problem to concern yourself with that! Like the telephone on someone's desk, it's a TOOL. In I.T. you're paid to provide it and make sure it functions well. It's not YOUR problem to try to stop them from making personal calls instead of work-oriented ones. The person's direct supervisor can be concerned with all of that.)

    As just one of the extreme examples .... my current boss just told me a story of his previous boss at a casino he did I.T. work for. The guy was SO intent on having 100% control and lockdown on things, he wouldn't even give the I.T. staff administrator rights to any of the boxes, except on an "as needed" basis. My boss was trying to install and configure SQL servers on a number of Microsoft servers, so each time he had to load the product, he was required to call or email and request admin access -- which was only granted JUST long enough to get the product installed! At least a couple times, this caused people to sit around and do absolutely nothing productive for the better part of a day, when he forgot they needed admin rights back for a project they were assigned to do and HE wasn't available to give it to them.

    At the end of the day, when you work in I.T, or network/systems administration, it's your job to construct and maintain a computer environment that everyone finds as productive as possible. Yes, "computer security" has value ... but at the end of the day, it's just about having a documented process in place to show you tried/are trying. It's not actually some sort of goal you can achieve, and the more you try, the more difficult you make it for everyone to just USE the tools they're given.

    I think this is why people make BYOD into a FAR bigger deal than it needs to be. Again, the cellphones and mobile devices are simply tools people can use to do their jobs. If you TRUST an employee enough to give them access to your digital information in the first place, then who really cares if your company has the legal right to wipe the device on demand or not? That's like issuing them a pad of paper and pencil and saying, "If you're terminated or quit, you must return the pad of paper to us." Never mind the person might have already torn out the pages where he or she scribbled down the proprietary information you were trying to protect. (Anyone with a smartphone could synchronize the contents to some personal device, off of the company-owned one, so they still possess the data you wished to wipe.)

    What protects your DATA is the legal stuff.... non-compete clauses or signed agreements and documents promising you won't do certain things with the info. The BYOD or the company owned devices are just tools that can temporarily hold some of the data for people. Who buys the device is little more than a detail for accounting -- and shouldn't even matter much from the I.T. perspective.