BYOD part 1: Current situation and ‘the gap’

Recently I wrote writing a paper about the topic ‘BYOD and IT-Security’.  The goal was to give an overview about current situation in companies and how BYOD concept can possibly be integrated in the company´s IT.

The results of the paper are based on scientific books, aswell as blog posts and my personal experience.

I am aware of the fact that there is a slight overload on BYOD articles – that´s why I want to make it short and summarize my results in 1-4 articles, which will be published in the next days.

The first article describes basic parameters and the current situation of mobile devices.


Basic parameters

There are two parameters driving the change towards a mobile connected workforce:

  • First of all, the technology changed: Without new technologies there wouldn´t be a possibility to access the company’s data remotely. The development in this sector can be summarized as following: More technical power was leading to more functions. On the other side there was a trend to more standardization (e.g. look at the mobile operating system market: there are only a few big players) which was important in order to develop standardized applications.
  • Secondly the users who operate the devices changed: The lifestyle today is different from the lifestyle years ago – private-life and work-life are overlapping more and more [see ‘ClearSwift Report WorkLifeWeb 2011’]. Users have higher and more particular expectations when it comes to mobile devices, for example they expect higher level of usability. Also they have clear preferences regarding the phone manufacturer or operating systems that the device is running.

 

Status quo

The usage of personal devices in the corporate environment is increasing and will so in the future. Most companies (up to 80%) are still lacking adequate policies. [see 2011 Consumerization of IT Study: Closing the “Consumerization Gap”’].

The situation in my company is reflecting the results of the study: Earlier my company started to give out company-owned phones. They are running the Microsoft Windows Mobile, which is not further continued. User were asking for new devices; C-Levels ordered (well, they don´t have to ask) new phones.

By the time the IT department realized that they will need a whole new mobile security framework it was already too late: The Security-Officer was blocking the roll-out of new devices. Not those for the C-Levels of course…

The situation ended up as following: Half of the workforce has an old corporate phone; some C-levels have the favorite device (mainly iPhones) and the rest of the workforce keeps asking for new phones. Result is: You have to find a short term solution. Gartner says, there are over 60 companies who offer Mobile Device Management (MDM) solutions [see ‘Magic Quadrant for Mobile Device Management Software‘]. But the real problem is, that you don´t only have to find a solution for your future phones, but also for your already rolled-out phones (remember the iPhones from the C-Levels?). Additionally most people expect that the MDM market will encounter a strong consolidation in the next years. The first acquisitions can already be observed with Google acquiring 3LM or Sophos buying Dialogs. All together we are facing a very fast changing market, making it hard to ensure that investments are future-proof. This naturally leads to more complex decision processes which take more time and cost more money. To get back to the reality: We still don´t have a mobile security solution.

 

The Gap

Looking on this situation I am always visualizing this situation as a gap. The gap is the totality of the mobile demand a user wants but yet cannot be provided by the company. As mentioned above, these mobile demands are steadily increasing. This means, that the gap is getting bigger and the solution the problem more complex.

In one of my first classes in my studies I learned about something that we call “Zeit-Scheren Problematik” in German. Unfortunately I didn´t find an English term until now. Therefore I want to explain it here.

1)    The needed reaction time is increasing because the problem is getting more and more complex. More information is needed in order to get a solution.

2)    While collecting the information, the gap is getting bigger – it´s self-energizing. The result is that even more information is needed in order to solve the problem.

In my opinion this phenomena reflects the current situation in the MDM market perfectly. Naturally, new technology and functions are resulting in new security challenges. However, these challenges are not observable ex-ante – the solution has to be found ex-post and during that time new , more complex challenges are just about to be released.

Advertisements

About sitweak
Monitoring, Network, Firewall, Mobile Security. I´m totally into that stuff!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: