"IT should aim to use an appropriate level of management to ensure that data is secured without degrading the user experience for employees prepared to work in this flexible manner. Full mobile device management (MDM) solutions offer a lot of control over device activity, and are the most effective ways to secure data on multiple platforms, but for some users they can be seen as being too invasive. A lighter-touch approach, such as managing data at the application level rather than the device level, can also be considered as a way of managing BYOD behaviour in emerging markets, and, given the preference for strong privacy controls in certain mature markets, may offer an easier way to manage BYOD there, too," he says.
"For businesses, particularly those operating in multiple markets, the challenge is to set the right levels of governance and manage BYOD behavior wherever it is happening."
Aruba's Enuya echoes the same sentiments, and explains that this is why Aruba has been working hard to produce solutions that help to fix the problem. He points to the vendor's WorkSpace function, which he says is designed to simplify the process of securing, distributing and managing work apps on mobile devices.
"In addition to automatically pushing work apps to mobile devices, Aruba WorkSpace lets IT enforce contextual policies that control how the apps are used and data is secured. A VPN session is initiated automatically whenever work apps are launched on a public network," he says.
"On a personal note, WorkSpace eliminates liability issues related to privacy by preventing IT from accessing or viewing a user's personal information. IT can only wipe or lock work apps and data--anything controlled by WorkSpace--while personal information stays private."
Whether a CIO goes with Aruba for its MDM solutions or not, the experts stress that MDM need not involve an entire network redesign. According to Mike Goedeker, Director of Pre-Sales, ESG, CEEMEA, Sophos, all that's needed to support BYOD and consequently MDM is a "rethink".
"Smartphones and tablets are the new endpoints of the next century so we need to recognise that fact and secure access as well as devices correctly," he says.
"We suggest creating an awareness campaign and security policy that helps secure and define what usage of data and security is appropriate for the company and its employees while accessing sensitive data on the go or in transit. Least privilege, auditing and monitoring are also a good start to general security processes. Lastly, many companies in the past have seen security as a non-revenue generating function. We believe (as others do, like Forester and Gartner) that security is a business- and revenue-critical process that needs the attention it deserves."
Sign up for Computerworld eNewsletters.