I recently had an experience that reinforced some of my deepest fears about BYOD solutions. I’ve been a huge advocate of Microsoft OneNote and its integration into SkyDrive, the OneNote web app, and the OneNote mobile apps. It’s a great solution for professionals in an SMB environment to share documents and manage their work.
Even when business users don’t have access to a secure public SharePoint portal, they can leverage Microsoft’s cloud solutions to achieve a collaborative platform. Unfortunately, there are significant risks beyond the obvious in taking this route.
In my case, I had previously created a separate login for Microsoft services associated with my corporate address. I used it for my TechNet, MSDN, and other things that required a Microsoft online account. When my company was recently acquired, the incoming IT teams at the various regional offices shared our weekly meeting agenda via OneNote on SkyDrive. I quickly saw the incredible potential of this and began a push to move all meeting notes to this method. I also began to adopt this for all of my private professional needs, like organizing my Outlook inbox. Of course, I used my corporate-oriented Microsoft online account to create the OneNote/SkyDrive account that I used.
I’ve created and shared several documents, including an Outage Downtime Report for my office and a Security Response document, which were quite popular with the other regional IT locations. For example, we recently had to deal with the w32.changeup virus. When a smaller regional office experienced an unrelated outbreak later, we granted document access to them so they could review our response instead of learning first-hand how to best contain the issue.
Microsoft has moved to integrate Windows 8 Pro and RT, Xbox, and Windows Phone tightly with their cloud-based solutions. You can still create a local account (on Windows 8 Pro and RT), but to fully leverage the advantages of the integration between these devices and platform, you’re best off using a Microsoft online account. Furthermore, Microsoft is moving to consolidate all of their various accounts (Live, Xbox Live, TechNet, MSN, etc.) into one single unified login for all products and services. Let’s not get too hung up on the “Microsoftness” of this — it’s exactly the same approach that Google has taken across their ecosystem.
Around the same time that the virus happened, I was reviewing the HTC Windows Phone 8X on Verizon, plus demoing and reviewing Windows 8 Pro. Because I like to focus on enterprise and corporate (rather than consumer) applicability, I activated my device logins using my work-related Microsoft account.
I saw the first signs of this problem, but not all of its implications, almost immediately. Since I have a professional account for one set of roles and a personal account for my leisure and consumer needs with Microsoft’s services, I found that I could not easily integrate the two on my devices. Microsoft’s goal is for you to have one unified account, but I don’t want my Xbox Live account associated with my professional life. This resulted in a situation where I could access my professional documents in OneNote on Windows Phone 8 and Windows 8 Pro, but I couldn’t access my music, movies, gamer information, or other media. I could easily test the professional applications of the phone, or the leisure, but not both.
I knew that my phone review wouldn’t be complete without some discussion of the quality of the music playback and Xbox Live integration. I looked at my local music collection and discovered that I had ripped my copy of the Get Him To The Greek soundtrack to digital format. I own this music and have frequently ported it between iTunes and Google Play Music, so I figured it wouldn’t be a problem to upload it to my work-related SkyDrive in order to download it or stream it to the Windows Phone. I copied the music file over and listened to it. I had already shared the virus response document with a member of our other office. When I returned, he had sent me an email, asking me to share it with another team member.
When I went to share the document, my login was rejected. My account had been locked for a violation of the SkyDrive TOS. It didn’t take me long to realize what happened. The upload of a media file with a title identified as protected IP triggered an automatic response that locked my account. It was a mistake, I knew what had caused it, and I was willing to correct the issue, even if it wasn’t really a problem. But there’s no live support for SkyDrive — you’re redirected to a site where you can basically submit a plea to have your account reactivated. That submission is reviewed, and your request to have the deactivation reversed is either granted or not. The details on the process are very vague and unclear, but it’s evident that you’re assumed guilty until you prove yourself innocent.
I was eventually able to resolve the issue, but my leisure BYOD devices and my professional corporate life had caused a tremendous conflict that could have had a serious impact on a mission-critical response.
This illustrates one of the many pitfalls of BYOD solutions. When tightly integrated with unified cloud-based accounts, you’re forced to mix your professional and leisure uses on one device, and the results could be disastrous to your career.
Have you had any similar nightmare scenarios with BYOD solutions at your job? Share your experiences in the discussion thread below.