Information workers in India are increasingly using their personal devices, applications, and web services to accomplish both personal and work-related activities. Results from Forrester’s Forrsights Workforce Employee Survey, Q4 2012 indicate that at least 85% of employees use phone/tablet applications and web-based services for both purposes which is putting corporate information security under serious threat.
My interactions with numerous infrastructure and operations (I&O) professionals from large enterprises in India over the past six months have revealed that there is a high degree of awareness of the need to develop a bring-your-own-technology (BYOT) policy. However, actual implementations aren’t yet common, as I&O professionals are unable to address management’s three key concerns. These are, in order of priority:
How can we ensure that information on employee-owned hardware and software is secure?
At a recent Enterprise Mobility event, I spoke with a few Asia-based IT directors about their journey in the age of consumerization of IT, and how they were dealing with Bring-Your-Own Technology (BYOT) at work. Their responses ranged from ‘fear of the unknown’ – as in ‘how do we deal with this trend?’ to ‘paralysis by analysis’ – as in ‘let’s arm ourselves with as much information as possible, and analyze it to death.’
The issue is – their employees are already accessing corporate email on their own mobile devices – which means that these IT managers are scrambling to catch up to managing BYOT in their organizations. In fact, an IT head at a large FMCG organization admitted that he did not know where to start managing BYOT.
Security and compliance were key concerns for these IT folks, and their concerns are valid. Trend Micro predicts, for example, that 91% of targeted attacks begin with spear-phishing, a highly targeted type of phishing aimed at specific individuals or groups within an organization. This was heightened in a recent spear-phishing attack on a South Korea bank. The security provider also predicts that there will be 1 million malicious Android apps in the wild by the end of 2013 – another red flag for organizations coping with the rise of Android devices at their work place.
Information workers in organizations across Asia Pacific (AP) are increasingly using personal mobile devices, applications, and public cloud services for work. Forrester defines this as the bring-your-own-technology (BYOT) trend. This behavior is more prevalent among employees above the director-level (C-level executives, presidents, and vice presidents) than those below that level (individual worker, contractor or consultant and manager/supervisor). Data from Forrester’s Forrsight Workforce survey, Q4 2012 corroborates this trend in AP.
We believe that the BYOT trend will strengthen over the next two years in AP, primarily fueled by employees below the director level. Increasing options, quality and affordability of devices, apps, and wireless connectivity, coverage, and capacity will contribute to this expansion. In order to secure corporate data, organizations will need to:
Develop Corporate Mobile Policies: Organizations must build cross-functional teams to plan their mobile strategies. This should include representatives from different LOBs like finance, HR, legal and sourcing. Moreover, the policy must clearly define guardrails to provide flexibility to employees but within boundaries and in compliance with local regulations.
Identify Technologies To Secure Corporate Data: 29% of business-decision makers in AP report that the rising expectations of younger workers require businesses to push enterprise IT to keep technology current. This is why it is critical to identify both back-end and front-end technologies and suppliers that can optimize mobile device and application management in a secure manner. Focus should be on networking layer security and mobile device management solutions.