BYO iPads and iPhones invading your office? Here are the hidden costs

Consumer mobile devices in the enterprise are having a wider impact... useful but wondered if it might not be good practice, although they presumed there was insufficient detail to identify patients.

Whether this procedure was instigated by the users trying to make their lives simpler or someone in IT wanting to appear useful, is irrelevant. Mobile security needs to be seen to be taken seriously as well as actually being addressed through suitable on-device software, content access practices and services from providers.

All too often it appears there has been only a limited mobile security risk assessment or insufficient user training. These aspects may lack the intellectual pizzazz of security software, VPNs and all things prefixed 'cyber', but the social or human elements are critical for addressing the weakest link - the user.

Consumer devices at work

Even if employees own their smartphones and tablets, the issue of acceptable usage must still applyPhoto: Shutterstock

For mobile devices, even the technical aspects of security are rarely completely understood in IT departments, and the more complex issues involving the diligence of checking suitability of use can really only be answered by those responsible for business processes.

What is the right usage of any given application on a mobile device? It might depend on the individual role or department, work needs, employee location at the moment of access and actual device in use at the time. This is a complex mix of business and social requirements that need suitable policies and tools for enforcement.

Employees should know where they stand, what is acceptable and what is not. There are a number of mobile device-management tool vendors that have stepped into this adjacent area of monitoring, directing and curtailing user behaviours.

While this might seem a bit Big Brother to some, many organisations will need audit trails to show they have sufficient safeguards in place to protect sensitive data. If the details of someone's medical operation were found on the train, blame would be pointed at the health authority or employer first, not the employee.

With BYOD, these management tools now have the more difficult task of projecting the need for organisational control onto the personal device of an individual. They need to do this without compromising the integrity of business activities or violating the individual's personal content or device.

It is a fine line, and an easier way to tackle it would be to have one device for work, one for home - as many do now - but ultimately a portfolio of functions or personalities will need to reside on a single device.

The wave of virtualisation that hit the datacentre is already travelling through the network as virtual private networks and virtual desktop infrastructures. These offer an insight into how businesses might secure BYOD, and may extend virtualisation further into multiple virtual personalities and operating systems on the mobile devices at the edge.

All these developments have cost implications, and these content considerations as well as the contract issues need taking into account when organisations consider the savings of allowing employees to acquire their own devices. Consumerisation is looking as simple and pain-free as convergence.

Quocirca is a user-facing analyst house known for its focus on the big picture. Made up of experts in technology and its business implications, the Quocirca team includes Clive Longbottom, Bob Tarzey, Rob Bamforth and Louella Fernandes. Their series of columns for seeks to demystify the latest jargon and business thinking.