Yesterday I was at the Make IT Mobile
event in Richmond run by Lab 13
which continues today but I unfortunately can’t be there. The event is mainly a device management/BYOD related event attended by management and IT Department employees and sponsored by predominantly mobile device management solution providers. Here are some insights from yesterday that I particularly found interesting…
- There are over 100 device management solution providers so it’s a crowded market.
- Operators are currently interested in device management propositions to provide a value-added service to enterprises. The enterprises themselves are concerned about governance of BYOD and security.
- Choose Your Own Device (CYOD) as opposed to Bring Your Own Device (BYOD) has some challenges when it comes to personal taxation and potential legal problems. For example, who really owns any personal, as opposed to business data on the device? Can this be wiped as part of a device wipe if a device is lost or stolen? Does the employer also have a responsibility for protecting this personal data? Misunderstandings can be prevented by having a solid company policy that the user needs to sign-up to.
- Much is talked about BYOD but not so many companies actually practice it.
- Current problems with BYOD and CYOD might eventually result in corporate owned but user enabled devices. In the future, mobile virtualisation might eventually solve business vs personal use and security aspects.
- RIM Blackberry 10 will have ‘Blackberry Balance’ that will have separate file store areas and isolation between business and personal use. BES 10 will also allow management of iOS and Android devices. These will be coming Q1 2013.
- Many current device management solutions are binary in that they either protect everything or nothing. There’s lots of unnecessary protection and hence overhead. Network-based controls are becoming less effective, because, once in, everything is often visible. The Open Group Jericho Forum advocates more layered and different levels of protection such that things are only protected to the level they need to be. Much data doesn’t need to be controlled in typical companies and only a small sub-set is truly sensitive. Self-protecting data is ideal and might be used in the future, together with risk based authentication that uses context to evaluate identity. Firewalls and spam protection would still be needed to provide first level of filtering to reduce unnecessary resource use.
- It’s possible to use DNS and DHCP to dynamically control and monitor access. This is used within the device management solution provided by Bluecat Networks.
- There’s great uncertainty as to what will happen in mobile in the near to mid term (1 to 3 years) with respect to mobile OSs and their variants. In the panel session, the device management providers bemoaned that they are at the mercy of particularly Apple (but also Google and Microsoft) as there’s no roadmap and the short timeframe between SDK and device release makes it very difficult to keep solutions up to date. The result? When speaking to the other delegates I learnt that even the most popular device management solutions are a continual ‘work in progress’ that can complicate rollout.
- Some companies are creating specific mobility IT support teams containing cross disciplinary people rather than traditionally splitting out roles so as to get things done quicker.