"Bring Your Own Device" Can Cause Problems
Hamilton Fraser (www.hamiltonfraser.co.uk), located in North London, is an insurance company that specializes in home insurance. The firm is one of Great Britain's major contractors for its deposit protection system, which assigns an independent arbitrator to both tenants and landlords to resolve any disputes when a tenant moves from a rented property. The company's IT manager, Pete Agathangelou, claims that information security is his highest priority because credibility is critical to his company's success. He began to focus specifi ally on security threats from "bring your own device (BYOD)" in 2012 when he observed basic changes in his office environment. For example, he noticed that at lunchtime younger employees utilized their mobile devices to play games and contact their friends on social networks. He also observed that many senior executives were accessing their e-mail on mobile devices when they were out of the office. Hamilton Fraser had already embraced mobile computing by allowing its employees to have iPhones and iPads. However, employees were using other devices-particularly Android devices-on the company network. Agathangelou concluded that he needed a system to manage all of the mobile devices that the employees were utilizing.
The first step in creating this system was to find a vendor who could manage the issue of employees accessing the corporate network with their own mobile devices. The company ultimately selected MobileIron (www.mobileiron.com), a firm that provides mobile device management and security to large enterprises. MobileIron allowed Hamilton Fraser to identify which mobile devices the company would support. The MobileIron software enabled Hamilton Fraser to keep track of how many employees were accessing the firm's network for business purposes (as opposed to, e.g., playing games or shopping) and whether they were using an approved device. The company's human resources department developed an acceptable use policy, and it began to conduct short training sessions to raise awareness of this policy among employees.
The policy dictates that employees who use mobile devices must download an application to their smartphone or tablet that will enable the IT department to erase any corporate data from the device if it is lost or stolen, or to erase all data from the device if the employee so wishes. Sources: Compiled from J. Gold, "Has BYOD Peaked?" Computerworld, March 21, 2013; J. Scott,
1. What are the advantages of allowing employees to use any mobile device to connect to the corporate network? The dis advantages?
2. Why is it necessary to be able to erase corporate data if a mobile device is lost or stolen?