It is OK for BYOD to just be an acronym
It was not that many years ago that the acronym BYOD was coined to represent the trend of personal mobile computing devices being brought to the workplace. A few years ago as these mobile devices exploded onto the scene with close to the same computing power as our typical institutional computers, IT departments feared losing control of their technology environments. Mostly IT wanted to avoid the perceived increase in support required to help get these devices on our network. Then vendors seized the opportunity to sell us products that gave the illusion that we could maintain control. As we realized that support was not a real issue, those who still feared losing control or vendors who wanted to sell unnecessary solutions pushed a security angle. The security angle was based on the fear of what we don’t control could hurt us, again not an issue with today’s network security appliances and NAC strategies. The other security driving angle is the perceived need to manage what files these devices could store and walk away with. The reality of that argument is that USB thumb drives are far more dangerous. Mobile devices generally don’t have file systems so could be considered safer. Our security is still based on what we allow access to not what device is accessing it. So do we need BYOD policies? Probably not, we just roll them into our standard information management policies.
My short thought for the afternoon.