Some people believe letting users have personal devices actually makes data *more* secure. WTF?!?

Believe it or not, there are actually ways that the consumerization of IT can make data more secure. How?

Believe it or not, there are actually ways that the consumerization of IT can make data more secure. How? Call it the “pride-of-ownership” effect. If you give your end users cool devices or let them to use their corporate devices for personal reasons, they’ll take better care of them.

Eric Lai deserves credit for bringing this to our attention with his comment on last week’s article about Motorola Solutions’ attempt to thwart BYOD. The hook of his blog post on ZDNet was that playing games like Angry Birds will get people to feel more attached to their corporate iPads. More importantly, though, he pointed out that end users will treat cool tablets a lot better than corporate ruggedized devices. (Ruggedized devices was a new term for me, but I knew instantly what he was talking about. Think of a utility employee or a FedEx guy with their big, bulky specialized tablet device that likely runs Windows 7 Mobile.)

I see this same effect in my office. The same people that forcefully jam their big, ugly corporate Windows laptops into the bottom of their backpacks tender lavish care on their iPads.

Even if the corporate device isn’t a sexy iPad, allowing personal use will go a long a long way in getting users to protect it. At the Intel Developer Forum in September, Intel’s CISO, Malcolm Harkins, spoke at a session about consumerization in the enterprise. He noted that incidents of lost and stolen laptops at Intel decreased dramatically after they started allowing employees to use them for personal reasons. It makes perfect sense: if there are pictures of your kid’s birthday party on your laptop, you’re going to keep tighter control of it then if it was an anonymous corporate device.

So there’s a good argument for letting your employees use their corporate computer for personal reasons—when they protect their personal attachment to it, the corporate data will be protected along with it.

Of course some people argue the exact opposite: when you let your employees go wild, suddenly their laptops and devices will be open to a whole new set of threats. User installed applications could be a problem, depending on your policies. And if an employee has pictures of their kids on their laptop, it just means that they’ll take it outside of the office more, giving them a better chance of loosing it.

Will the pride-of-ownership that comes with cool devices or personal usage make the corporate data that’s also on a device more safe? Or is it just asking for more trouble from crazy user land?

Join the conversation

8 comments

Send me notifications when other members comment.

Please create a username to comment.

BYO is not "more secure" that traditional IT way of doing things... It is just "more secure" because your infrastructure should be able to take into account that non managed devices could connect. this is a change in the way of thinking that open a lot of door...


you do not managed/owned the device, you control the service...


Cancel

Encrypt all data at the service level and issue certificates etc to control access to the data... that might work


Cancel

The pride-of-ownership factor only comes into play with the techie/geek employees who go out and buy iPads or Macs. The ho-hum workers who just go out and buy standard PCs won't care about those machines any more than they would corporate-issued PCs.


Cancel

Maybe we should just make a policy that every employee has to keep embarrassing photos of themselves on their laptops. That way even if the employee buys a low-end one that they don't care about, they'll still be motivated enough to not lose it.


Cancel

Some people will always do their best to protect assets, just out of professional/personal pride.  Flying Spaghetti Monster bless'm,  every one.


The rest....about the only real way to motivate them is with financial incentives & penalties at review time.


Cancel

I agree employees will take better care of the device but I don't know if the data will be more secure. I know a lot of people who regularly have to take their laptops in to get all the spyware and malware removed. They don't notice they have it until they see their devices running slower.


Cancel

I work for Symantec and I’ve actually been thinking about this very topic lately. Another conclusion I came to that is in a similar vein is how BYOD can help solve – at least in part – another IT security issue: the relative ineffectiveness of standalone passwords. Allowing employees to bring their own mobile devices breaks down a lot of the barriers around using multifactor authentication, specifically through the use of smartphones as secure login credentials. Just a thought.


Spencer Parkinson


Symantec


Cancel

Organizations must learn to manage mobility with efficiency. Mobile devices have become essential terminal after traditional computing platforms.


Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchEnterpriseDesktop

SearchServerVirtualization

SearchVMware

Close