Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

BYOD – It’s Time to Throw Out the Rule Book

Grant Taylor, Head of UK operations, Cryptzone

Employees have differing views when it comes to what they like – not every one wants a Volkswagen Golf, and many company car schemes take this into consideration. As a concept it works fantastically – instead of having a pool of company owned cars, employees are given an allowance to offset against their own vehicle. Genius!grant

A few years ago organisations extended this practice into other areas of the business – for example, an allowance to fund purchasing a laptop. The theory was that, if the employee gets ownership of the device after three years, they’re more likely to ‘look after’ it. Consumerisation of IT, or Bring your Own Device (BYOD) as its becoming more commonly known, as a concept was born and with it a can of worms was not only opened, but flung all over the place.

The problem is …
Initially, while a genius idea, the issue of integrating different operating systems was just the tip of the problem iceberg – changing functionality, applications and connectivity all had to be addressed and standardised. Then came the discussion about what could, and couldn’t be done with them. Initially email was the essential must have, which quickly moved on to the ability to access corporate information. Suddenly security became the elephant in the room.

It wasn’t too long before organisations started to suffer breaches, and public humiliation, as these mobile missiles haemorrhaged sensitive corporate information. Some were lost, some were stolen and a few were sold legitimately on public auction sites! For the technology team, enabling their use was no longer the issue but securing the data they carried.

Move on a few years and today the situation we find ourselves is not dissimilar. On one side employees want to utilise technology that fits with their lifestyle – although now they’re happy to fund it themselves. In the ‘other corner’, the technology team are tasked with sanctioning their use, but need to do so securely.

Saying no is simply not an option – for either side.

Barriers – Up or Down?
The main issue is that, for the majority of organisations, the technology team had barely got to grips with laptops when smartphones started storming the organisation’s enterprise. Without time to properly draw breath, the iPad came along and joined the offensive. Unfortunately the formula of affordable price tag, with superb functionality, makes these new business tools too valuable to blank block. In far too many cases IT is having to play catch up with some teams in danger of losing the game.

Rather than always trying to pre-empt the next advance, technology teams need to find ways to secure the defences now that future proofs the organisation for tomorrow’s world.

Stand Firm and Secure
If we look at the basic problem, in both private and public sector organisations, people are able to consume information on their devices in their personal lives and found it to be beneficial. They simply want the same flexibility in their business lives and this means the ability to consume corporate information on the same devices.

The challenge for the technology team is to put controls in place that allows people to do that securely so that the data that they access is secure.

Well it’s simple then, isn’t it?

Actually it hasn’t been until now.    However, Cryptzone has come up with the best solution that covers most permutations – different devices, different operating systems in different scenarios (i.e. laptop at home, iPad on public transport, smartphone in Wi-Fi café, etc.)

A Holistic View
Organisations could take a conjoined approach to their access strategy that enables granular access to people in a safe and secure fashion.

One method is to provision users on a role base, location base and on device based access. This method means each request is permitted or declined dependant on the user, their device, its location and what information is being accessed.

For many organisations that’s easier said than done. However there are solutions on the market which deliver such granularity without introducing significant administrative and support overhead.

Additionally, another option would be to introduce Access on Demand. A relatively new twist, on a tried and tested concept, information is stored in a secure central location – not dissimilar to a public library. However, rather than being able to walk in and browse, users are sent a secure link that takes them to the exact location – be it file, page or record, the information is stored. At this point they can read, edit, or do anything else that they need to do but without the information leaving the central repository. To further strengthen this option, access could be secured with authentication – for example a passcode sent to a device registered to the user that has to be entered before the file can be opened.

With this approach the user gets the flexible agile work experience they’re so hungry for, regardless of the device they’re using and for the organisation its information never leaves its control as it is not transferred to the end users device.

And there’s more
For those organisations looking to introduce secure collaboration, especially with a third party, this approach means organisations can provision external agencies safely and securely, and quickly, offering even greater flexibility.

As a popular advertisement would say, ‘Simples!

At the end of the day, it is data that is king and must be protected at all costs. Rather than trying to secure every device known to man, and those that are being dreamt of, organisations can provision security that fits in today’s mobile and agile world.

Rather than playing catch up, do you want to get ahead of the game so you’re prepared for tomorrow’s world?

Cryptzone on stand D90 is exhibiting at Infosecurity Europe 2012, the No. 1 industry event in Europe held on 24th – 26th April 2012 at the prestigious venue of Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk