Beneficial Viruses Could Improve BYOD Security
The evolution of mobile computing has led to an explosion in tablet and smartphone sales among business professionals, with PCs now lagging behind. Consumers are drawn to the convenience and portability that mobile devices offer and are eager to use their new gadgets for both personal and professional purposes. But IT departments aren't as excited about how this new wave in personal computing has affected organizations. The consumerization of IT has caused IT professionals to focus on bring-your-own-device (BYOD) security, which is a major pitfall for organizations.
According to Gartner analyst Ken Dulaney, it's only going to get worse. "The number of devices coming in the next few years will outstrip IT's ability to keep the enterprise secure," Dulaney told Computerworld.
Based on data from IDC, smartphone sales grew by 61 percent in 2011, with just over 490 million units sold worldwide. Some industry analysts believe global smartphone sales will jump to 1 billion by 2013. The number of tablets sold in 2011 is much smaller--IDC forecasts total sales to reach 63.3 million. But Gartner estimates tablet sales will equal PC sales by 2015. The numbers, in other words, are on Dulaney's side: The BYOD craze isn't going to go away or slow down any time soon.
So what can combat the security pitfalls associated with the ever-growing prevalence of BYOD? Dulaney suggests software vendors develop "beneficial viruses," applications integrated into sensitive data stored to a smartphone or other mobile device that works similar to digital rights management (DRM) software. Users would need a license to view or access the information. The virus would delete sensitive data if transferred to an unauthorized device or if the original device were lost or stolen.
A number of mid-market businesses use mobile device management (MDM) software to monitor, secure and maintain employee-owned devices. The software enables IT staff to control what applications and services can be accessed, perform remote actions on the device, and monitor activity, among other features. Mobile virtualization also promises to improve BYOD security by enabling workers to swap between independent business and personal profiles with ease. But Dulaney claims that current methods just aren't enough to keep devices secure.
"We have to be smarter about security on mobile devices," said Dulaney. "Right now, the data relies on protection from the environment that it's in. But there's leakage of data outside the enterprise with too many entry points to the enterprise."
But until better solutions become available, businesses that support BYOD will need to get creative to keep data safe. Combining multiple approaches, such as utilizing MDM, training employees on data security, and restricting certain device models, could help to ward off a potential data breach. On the other hand, organizations that are against implementing a BYOD policy should expect to meet increasing pressure from workers to allow employee-owned devices in the workplace.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.