To BYOD or not to BYOD — That is the question

BYOD initiatives present considerable challenges


In April, Gartner released findings from a survey of more than 390 senior business leaders in user organizations worldwide which found that digital-business initiatives are behind the sudden growth in planned innovator and digital-leader hiring. The survey showed that many business leaders think they have a digital strategy, as 52 percent of respondents said that they have a digital strategy. Gartner also found that 19 percent of business leaders expect to see a chief digital officer by 2014, and 17 percent expect to see a chief data officer. 

We anticipate that business leaders will change the mix of leadership talent needed to drive change, with chief data officers and chief digital officers at the forefront. As we’ve seen, today’s businesses have become far more likely to adopt new, often online, technologies or approaches that reduce cost, irrespective of the risks they might introduce.

What’s Next…

Highly publicized data breaches, and more stringent regulation, have put the spotlight on cyber security in most organizations around the world. This has put unprecedented pressure on executives to assure stakeholders that sensitive information is secure. Data loss, compromised online transactions and authentication failures impacting customers are just a few things that will immediately get the attention of the board and business stakeholders.

Corporations have a real task on their hands, and some of the smarter organizations have said, “We’re not going to focus on trying to get people to understand the need for security inside the office. Instead, we’re going to focus on reinforcing some of the good practices in security outside the office.” Sound mobile-device security is not a nine-to-five issue.

What it all comes down to is that every organization, both small and large, needs to ensure employees are aware of what constitutes good working practice for mobile devices. As well as making consumer-device security an integral part of awareness campaigns, organizations should consider monitoring-device usage and enforcing policy through disciplinary or financial sanctions.

Obviously, no mobile device in the workplace will ever be 100 percent safe. However, organizations need to balance the acceptance of smartphones and tablets with control of those devices to protect the safety of their information. By putting the right working practices, usage policies and management tools in place, organizations of all sizes can benefit from the advantages that these devices can bring to the workplace, while at the same time managing their exposure to potentially devastating security risks.

About the Author

As the global vice president of the Information Security Forum, Steve Durbin includes among his main areas of focus the emerging security-threat landscape, cyber security, consumerization, outsourced cloud security, third-party management and social media across both the corporate and personal environments.

Durbin has considerable experience working in the technology and telecom markets and was previously senior vice president at Gartner. As global head of Gartner’s consultancy business, he developed a range of strategic marketing, business and IT solutions for international investment and entrepreneurial markets. He has served as an executive on the boards of public companies in the U.K. and Asia in both the technology consultancy services and software applications development sectors.

Durbin has been involved with mergers and acquisitions of fast-growth companies across Europe and the U.S., and has also advised a number of NASDAQ- and NYSE-listed global technology companies. He is currently chairman of the Digiworld Institute senior executive forum in the U.K., a think tank composed of telecoms, media and IT leaders and regulators.

About the Information Security Forum

Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best-practice methodologies, processes and solutions that meet the business needs of its members.

ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that members adopt leading-edge information security strategies and solutions. And by working together, members avoid the major expenditure required to reach the same goals on their own.