In case you missed it, a recent interview with IBM CIO Jeanette Horan in the MIT (News - Alert) Technology Review caused quite a stir. The frenzy it created was about IBM – whose embrace of the bring your own device (BYOD) for use at work trend includes the iPhone (News - Alert) 4S as an approved device – banning the use of Apple’s popular Siri voice recognition-based digital assistant feature on IBM networks. This is a non-trivial issue.
Siri, along with its voice-recognition Android (News - Alert) competitive capabilities, operates by sending spoken inquiries and instructions to a remote database for processing, along with other valuable information.
IBM (News - Alert) has concluded that because the consumerization of IT has given IT professionals less visibility and control over personal devices, valuable information is too important for possible malicious consumption. Siri is just one highly visible example of the challenge of keeping enterprises safe in a BYOD world. It was singled out because it was great copy.
But it’s not alone and brings up an issue that goes well beyond having a quiet conversation with your personal digital gal pal.
The entire article is worth reading. The most salient section for me was this one:
“The trend toward employee-owned devices isn't saving IBM any money,” said Jeanette Horan, IBM's chief information officer and oversees all the company's internal use of IT. Instead it has created new challenges for her department of 5,000 people, as employees' devices are full of software that IBM doesn't control.
Horan said that when IBM surveyed several hundred employees using mobile devices, many were "blissfully unaware of what popular apps could be security risks.”
The lack of user awareness of the security risks involved in using public cloud-based services and apps has prompted IBM to institute guidelines for all of its smartphone and tablet toting employees. As the article points out, risk mitigation by Horan and her team now extends to things like disabling access to public file-transfer services like Dropbox (News - Alert), and are trying to enforce rules about forwarding corporate e-mail to public Web services and using smartphones to create nomadic Wi-Fi hotspots that are subject to being compromised.
I point this out as a cautionary tale. Let’s face it – to believe that BYOD is a fad is like believing in the tooth fairy. It is wishful thinking at best but totally unrealistic. We are going through an adjustment period as the BYOD phenomena takes hold and inevitably morphs in some predictable but probably mostly unpredictable ways with beneficial as well as harmful consequences.
The good news is it is creating a whole new industry for doing policy and device management, enhanced security, etc. Vendors are sprouting like desert flowers after a rainstorm. The more interesting impacts are likely to be not only IT departments establishing guidelines and denying personal devices access to public services that are viewed as risky, but it is likely to spawn an explosion of corporate app stores to serve up approved apps.
This may be a migraine for IT departments in the short run as they attempt to negotiate who to get back control and mitigate risks in a world of less than educated users who have expectations that need to be tempered.
In the long-term, however, it could be a boon to them, and not incidentally the app developer community. We have seen this before when PCs replaced dedicated terminals and laptops replaced PCs. It may have been a mystery at the time as to how all of those wild horses would be herded, but it has all worked out fairly well on many fronts.
The view from the eye of the hurricane can be extremely distorted and myopic. Just as GM’s questioning of the value of paid ads on Facebook has caused a rethinking of social media marketing, so too will IBM’s saying no to Siri cause reflection and ultimately a new way of doing business regarding the proper care and feeding of BYODs. It should be fascinating.