Consumerization causes power struggle in the enterprise

Credit: tpower1978 on Flickr

Over the last couple of years, the balance of power has shifted from IT to users -- with lots of hand wringing over what could happen from a security standpoint.

A recent report from 451 Research called Getting Control of Mobile Management Disorder suggests there a number of ways to secure BYOD devices, but it comes down to choices IT makes about security.

In many organizations, users bring their own devices and they want access to enterprise software and content. They also want the ease of use they're accustomed to from consumer apps. And they don't want any security restrictions to affect overall device performance.

Why JC Penney Employees Call Their iPod Touches "Libby"
CITE Goes Live! Register for the CITE Conference & Expo, June 2-4, in San Francisco.

In short, they want it all.

Meanwhile IT wants something entirely different. They still see the pitfalls of putting enterprise content onto mobile devices outside the firewall. They want to keep that content secure and they want to reduce risk. At the same time, forward-thinking IT pros understand that they can't restrict users too much because they will balk and find ways to work around them.

It's created a classic battle between security and freedom.

Chris Hazelton, Research Director for Mobile & Wireless at 451 Research, who helped write the report, says the tension comes into play in a couple of ways. First of all, there is the question of how much influence IT has at an organization to drive policy. The second question is how much freedom users require to do their jobs in a changing marketplace. The last the thing you want to do is handcuff your company by making it difficult for employees to conduct business across mobile channels.

"In the end it comes down to balancing company needs around compliance and regulations and what users are willing to tolerate – this will change as IT in organizations that have regulation exposure and will have more power to mandate security policies on mobile devices. Those with little or no regulatory exposure will have less power, and so user needs will come first," Hazelton explained.

To complicate matters further, the management tools available to help secure mobile devices are also changing at a rapid pace, and IT pros need to be careful not to rely too heavily on any one tool as the market sorts itself out.

To quote the 451 Research report Hazelton helped write, "Mobile management technologies and services that are still gaining traction in the market are themselves being challenged by new alternative management and security approaches. For instance, mobile device management (MDM) for iOS and Android devices is a relatively new market – but it is under threat from mobile application management (MAM), secure containers and mobile virtualization, to name a few..."

As this happens though, Hazelton says, MDM and MAM vendors are beginning to support a range of services by offering functionality previously only found in competitor solutions. "MDM vendors are appropriating capabilities of MAM vendors, and the reverse is true. MDM vendors are adding tools to insure that as users move beyond mobile email -- to viewing and editing large amounts of data (likely from email attachments) -- that they remain viable," Hazelton said.