In this age of smartphones and tablets, mobile computing is becoming more and more prevalent. If I can do both my personal and work related activities from one device, I can be more productive. Many companies recognize this as an advantage for them and encourage their employees to ‘Bring Your Own Device’ or BYOD. You, the owner of the device, can work the way that is most convenient for you. Everything you need is on one computing device and you can respond quickly to messages whether they are of a personal or business nature. Your employer saves money by not having to buy a computer for you and by not having to acquire as much software for the company in general. Most of the software needed by the average employee is already on the newer smartphones and tablets. This appears to be a win-win situation.
Upon further review, there is a big problem with this approach and most companies haven’t even scratched the surface regarding an acceptable solution. When you buy a device for your personal use, you will likely employ a password to protect your personal data from the prying eyes of others. Most of us are more concerned that our device will be stolen rather than worry about the data that is on it. Businesses, on the other hand, have legal and fiduciary responsibilities to protect the sensitive company data that is on computing devices. They need to encrypt the data and in some cases, they need a method to wipe the data if they feel it has fallen into the wrong hands. If they know the data is protected, they will make little or no effort to recover the computing device and will write it off as a business expense. It seems to me that individuals and companies have divergent goals regarding the use of one single smartphone.
You may surmise that this issue can be easily taken care of by compartmentalizing personal data and business data. If my employer wants to encrypt and wipe data belonging to the company, that is fine by me. Just don’t touch any of my personal information! In theory, this solution works. In practice, the operating systems for the popular smartphones and tablets are not built to support such compartmentalization. For example, I cannot currently install two copies of Evernote on my tablet and expect to use one for business and one for personal use. Even if I could, there are no tools available to help my employer target only specific data sets for encryption and wipe.
If my employer insists on putting a solution on MY tablet that could result in the loss of MY personal information, I am less inclined to use it in the work environment. That is a lose-lose situation. Hence, many large companies are pressuring the smartphone and tablet makers to provide a better solution. Initial attempts miss the mark. One vendor segments the drive on your tablet into two areas, one for business and one for personal use. You can toggle back and forth between the areas depending upon your need. However, since you still cannot install more than one copy of an application on the device, you must use hybrid applications in the business area. These applications are feature scarce and require a learning curve for most employees. Another solution makes use of a virtual machine (VM) on the device. This shows some promise, but is not easy for the end user to understand and use. In all likelihood, a VM solution will eventually win out, but it will require that Android and iOS device makers make some concessions in the BYOD arena.
BYOD is here to stay. Security is the chief issue with this concept and until it is properly addressed, there will be a business loophole. Device makers must make an effort to understand the new culture they have created and make the necessary adjustments to let people and businesses work the way they want to.