- Home
- Cloud Essentials
- Software as a Service
- Accounting / Financial
- Analytics
- Asset Management
- Business Intelligence
- Business Process Management
- CRM
- Collaboration
- Compliance & Risk Management
- Content Management
- Development
- Document Management
- E-commerce
- E-learning
- ERP
- Help Desk Management
- IT / Application Management
- Marketing
- Messaging
- Procurement
- Productivity
- Project Management
- Transportation & Logistics
- Infrastructure as a Service
- Platform as a Service
- Providers
How cloud can provide security from a BYOD policy
Letting users bring their own devices can be problematical, yet combining this with a cloud policy could ensure security
“It’s all about resources and planning because often it’s the people involved in security, mobile and infrastructure that will cause the bottlenecks to implementation,” says Peter Chadha, chief executive of independent strategic technology advisors DrPete Inc.
Unless a company is a large-spending, forward-thinking IT department that has developed its own applications then organisations are going to be reliant on vendors to supply web-based apps and analytics.
But Chadha argues that the industry has not reached the stage where companies are fully in the cloud and can support any device that comes into the organisation.
“The reality is they’re not there yet and, while most of them have apps for the ‘mobile warrior’, you won’t be able to run a whole business on what’s available yet and it certainly won’t be fully device-agnostic,” says Chadha.
If cloud-based apps can't be device-agnostic then some believe it is up to CIOs to cater only for a handful of the most popular devices. This turns a bring your own device strategy to something more akin to a “choose your own device” policy.
"There is much to be said for a reduced platform size," says Dr. Kevin Curran,senior member of the Institute of Electrical and Electronics Engineers. "Even in the case of trying to ensure all devices are constantly updated for firmware and OS upgrades"
One aspect, which should not be overlooked, is the fact that these devices belong to the employees and traditional 'rules' and mandates for enforcing new updates may not simply work. Curran says that corporate governance and security frameworks however will be severely tested as employees leave along with sensitive enterprise data on their mobile devices. "I mean, can an IT department do a remote wipe?" says Curran.
Can mobile device management address device diversity and can cloud apps cope with the demands of many differing OSs? One of the simplest methods is by only providing applications for platforms that the company wish to encourage.
Should a company fear the widespread use of 'rooted' android devices and their associated security vulnerabilities, then they can attempt to steers employees to Blackberry or IoS applications for instance. Mobile device management can deliver on manageability, maintenance and governance aspects for mobile applications and the mobile infrastructure landscape.
Mobile device management can also help with the major problem of lost devices and subsequently lost corporate data. An effective policy and prior education will ensure that the company can wipe the lost device without fears of a lawsuit.
Of course, the company has to be informed that the device is lost. This issue alone will give many IT managers nightmares. Mobile device management can also assist in the necessary review of the regulatory, industry, and corporate policies to which an organisation is beholden such as HIPAA or guidelines such as from the SEC. It is crucial that the corporation’s mobile strategy supports current compliance controls.
David Ellis, director of new technology and services at Computerlinks says that cloud apps can cope with device diversity if standards in browsers are adhered to.
“Developments in web browser technology, such as HTML5 and websockets, have meant there is less reliance on the OS of the access device for delivering line-of-business applications across a range of devices, as the application can run natively in the browser,” he says.
A clientless approach such as this is great for IT and the business as it provides cross-platform access with no clients to manage and importantly, no footprint on the device. Essentially, as long as your user can get access to a browser via their device, then they can access their applications.
But can a cloud-based architecture combined with a well thought-out BYOD strategy deliver value to the business? Chadha certainly thinks so.
“Cloud and BYOD equals productivity and availability of data. This, in turn, can bring major benefits to organisations,” he says. With multiple client endpoints a key element of most businesses these days, there is a need for staff to be better informed in real time about their customers, budgets, sales data and so on. “Productivity and reporting can also increase through, say, dealing with the boring task of time recording - doing it on a mobile app in situ provides accurate, real-time updates that can benefit the business and the customer.”
Curran agrees that cloud and BYOD combined can provide value. “In fact, to many it seems that a truly effective BYOD model needs to be tightly integrated with a cloud-based architecture,” he says.
Curran adds that these cloud solutions differ from the lighter cloud model where users interact with web-based applications such as Google Docs to a virtual desktop model where they login to a portal and all share 'nailed down' applications and workspaces.
“Each of these models differs greatly in cost, support and security however both avenues should still lead to reduced total cost of ownership per employee,” he says.
