back to article BYOD: Bring Your Own Device - or Bring Your Own Disaster?

In most discussions of Bring Your Own Device (BYOD) and consumerisation the experts' mistrust of users is evident. Typically, IT departments are not keen on people bringing their own devices into work with the expectation that apps, services and support will just magically work. But some organisations have decided to trust the …

COMMENTS

This topic is closed for new posts.
  1. Nick Ryan Silver badge

    How about discussing the realities of just how many real users would really like to spend £100's on computers and software "just" to do their job and how this is being carefully ignored by the pushers of BYOD management infrastructure who have their own agenda - i.e. sell their services.

    Staff using their own mobile devices, such as phones, to access corporate resources is one thing. They own these devices already and it's extending usage of an existing resource.

    1. Corinne

      Seeing as I don't own a smart phone or laptop/tablet/netbook, I would have to spend a fair amount of money for BYOD. And more importantly on the cost front, who pays for the data/calls to non-inclusive minutes etc, and is there an assumption that all staff will have expensive all you can eat data & calls tariffs for their personal use anyway?

  2. Arctic fox
    Headmaster

    @Nick Ryan I have to say that I agree. This has all the hallmarks of yet another attempt......

    ..........by management to shift the company's costs onto their employees - I would be more impressed if it was CYODWPFI. "Choose Your Own Device and We'll Pay For It".

    1. P. Lee

      Re: @Nick Ryan I have to say that I agree. This has all the hallmarks of yet another attempt......

      > "Choose Your Own Device and We'll Pay For It".

      That can still work and is sometimes used for air travel. "Here's the budget, if you can better it, you can spend the difference in expenses."

      It doesn't have to be a free-for-all. Perhaps someone will prefer to have a slower, cheaper AMD chip over an intel i7 and a better screen or SSD instead. Or perhaps you want a fast CPU and rubbish screen because your manager has agreed to get you an external screen from his budget, or you've got an old screen after upgrading at home that you don't mind bringing in to complement the laptop screen. Perhaps you want an AMD chip because you can use 8 cores (hello handbrake!) and the company budget won't stretch to the equivalent Intel chip.

  3. Anonymous Coward
    Anonymous Coward

    Hmm...

    The big questions I have are rather mundane, but pretty important:

    Who will PAT test these appliances to ensure electrical safety?

    How will you know that employees are only using tested hardware?

    Who is responsible if a dodgy PSU or owned by a customer electrocutes someone?

    Who is responsible if a laptop battery goes on fire?

    What will the insurers say if employee hardware causes a fire?

    Do you really want employees groping round under a desk to plug/unplug their own devices - how do you make sure they don't exceed the load of the desk and take the whole lot out. (I remember desktop support days dealing with failed desk power supplies because a external consultant had unplugged everyone to plug in their own laptop, another time when a fan heater had been plugged in and tripped a load of desks.)

    Like I say, all pretty boring stuff, but it needs to be thought out before it becomes an issue...

    1. cyberdemon Silver badge
      Devil

      Oh come off it..

      Bloody 'elf and safety bods...

      When was the last time a faulty laptop PSU ever electrocuted anyone? And if it did, would a PAT test -really- have prevented it?

      For starters PAT testing is just a parasite industry that serves no real purpose, a bit like PPI claims and errr, ambulance-chasing personal injury lawyers. Companies just pay some cretin to go round sticking stickers to stuff, because they perceive it as necessary arse-covering. Half the time said cretin doesn't even do any testing, and when he does, it's just to make sure the live wire isn't connected to the earth wire.

      Also, a laptop PSU draws typically no more than 80W these days. How many of those would it take to overload a 13A wall socket? More than 30. Yes a 3kW fan heater will trip it, because 3kW draws almost the entire 13A all in one go.

      As for who has responsibility for laptop fires, I'd hazard a guess at the laptop manufacturers and/or their insurers, or your insurers. Laptop battery fires are pretty rare anyway. And PAT testing certainly isn't going to make that go away!

      While I agree with most of the other posters here that BYOD is a terrible idea for the reasons of an IT support nightmare, health and flipping safety is the worst reason to cite.

      Unless you happen to be employed in a parasite industry.. In which case, carry on spreading the FUD! And don't forget to sanitise your telephone. Swine flu and all that..

      1. JC_

        Re: Oh come off it..

        Last week a phone charger I bought off amazon exploded - literally - in the office. It left scorch marks on the adjacent plugs, blew the fuse on the UPS, left pieces around the office and scared the hell out of everyone nearby.

        So, no health & safety is actually a pretty good reason to be strict about office equipment!

        1. Anonymous Coward
          Anonymous Coward

          Re: Oh come off it..

          In the EU you can go out and buy a charger that will work with more or less any phone other than those iThings, from any one of the major phone suppliers.

          There really is no reason why companies shouldn't buy a job lot of chargers and distribute them around the place. They are cheap.

          So - was it a branded phone charger or an unbranded one?

          If the latter, spot your mistake. If the former, inform Trading Standards.

          1. JC_

            @ribosome

            It was a Samsung-branded charger, though it came from one of those amazon sellers, so it might well have been a fake. Thanks for the Trading Standards tip - the amazon customer service rep seemed remarkably unconcerned about selling exploding chargers!

      2. Anonymous Coward
        Anonymous Coward

        Re: Oh come off it..

        Most large organsations will have a reasonable level of turnover for their PC's laptops etc... Have you ever looked into the legal aspect of trying to 'Donate' this surplus equipment to a worthy cause or charity ?

        Well we have, and we ended up throwing it away as scrap for all of the reason you seem to rebuff. Why don't you join us in the real world...

        1. P. Lee

          Re: Oh come off it..

          > Have you ever looked into the legal aspect of trying to 'Donate' this surplus equipment to a worthy cause or charity ?

          Indeed. Selling it to employees is generally tricky and throwing it out is also expensive. Usually it ends up in a cubical by the exit with a sign up for a couple of weeks saying that that all equipment to be thrown out should be placed here.

          There's a certain amount of shrinkage and before the bin-man arrives.

      3. Anonymous Coward
        Anonymous Coward

        Re: Oh come off it..

        Yes, PAT testing doesn't really add any significant electrical safety. It really dates from the pre-moulded plugs days (I was there at the time, I remember) and consumer units that didn't have RCBs.

        Fan heaters certainly don't come under BYOD, but in any case the load for a ring main is 32A and the fuse on a plug doesn't actually blow at 13A. It will survive quite a while at nearer 20.

        In Europe at least there is no justification for companies not providing approved phone chargers. Laptops are indeed essentially untestable, whether corporate or not, because nobody knows how often that power brick has been dropped or whether the lithium battery is about to throw a short.

        I agree: BYOD is a terrible idea because (a) it is an attempt by employers to make employees pay for essential work kit, (b) it is an IT support nightmare which will almost certainly defeat (a), and (c) it will make internal solutions harder to develop. H&S is a red herring. Currently the biggest H&S risk is staff with infectious diseases who don't get sent home and infect other people, which I suppose you could call BYOD - Bring Your Own Disease.

      4. Anonymous Coward
        Anonymous Coward

        Re: Oh come off it..

        @Cyberdemon - I have seen company laptop PSUs, when I used to do desktop support, with frayed cables and exposed copper, because some idiot thought that wrapping the leads round the PSU was how you kept it. This only has to happen once to be fatal.

        Health and Safety is the reason that you think we don't need health and safety - people don't die going to work in the EU any more (as a rule) this is a good thing. I'm not talking about the "elf un safety gone mad" type of "you're not allowed to use ladders" idiocy which is nothing to do with the health and safety act, but basic stuff like proving that your electrical equipment is safe.

        1. cyberdemon Silver badge
          Alert

          Re: Oh come off it..

          @AC

          Actually I think it probably has to happen quite a few times to be fatal. For starters, your company has an RCD on the office sockets, right?

          If the live wire shorts to the desk or earth, there'll be a flash and a bang, maybe even enough smoke to trip your fire alarm, people will be frightened and then annoyed because the power went off (mind you in a BYOD office they wouldn't have lost any work). But it's not going to start a fire. You need a resistance between 10 and 10k ohms to generate the heat without blowing the fuse, and a frayed cable will almost never have that range of resistance, and if it did, the frayed strand causing the partial short would vaporise.

          If the live wire touches a human, he'll get a nasty shock and the RCD will trip. There's a small chance it could upset his heartbeat, but for it to actually be fatal he'd have to have an existing heart condition.

          I've had enough mains shocks to know that they bloody well hurt, especially if there's no RCD, but they aren't as dangerous as crossing the road half the time. At least so long as the current doesn't go across your chest.

          A friend of mine was once servicing an 11kV busbar at some scottish mansion with its own substation, when the janitor of the place, wondering why the power was out, ignored the signs, unlocked the substation and threw the switch. He is still alive despite having each hand touching a different 11kV phase.

          Anyway my point is that people are scared of electricity because they can't see it.

          Reminds me of those Health and Safety posters about electrocution - If you see someone who's been electrocuted, don't touch them, find a wooden broom handle and poke them with it, otherwise the electricity will get you too!!

          Oh and also, that laptop PSU with the frayed cable was a company PSU you say? Must've been PAT tested then? Fat lot of good that did. And who'd be responsible if it DID electrocute someone? You would.

          Maybe with BYOD, the idiot who wrapped it like that would be responsible instead.

    2. Aitor 1

      Re: Hmm...

      The company who sells the HW in the EU cares for safety.

      And pleaso don't tell me that you check it.. as you CAN'T. If you fnd "CE" markings, you can be sure that those mean "China Export" and not "CE marking".. they are almost the same.

      ME, I don't want to have a slow, expensive laptop for work.

      This is what I got: 2000€ for a 1400€ misconfigured laptop that I can beat with a 700€ one. At least it was assembled in europe.. but still, 2 more years suffering this damn laptop.

      For internal IT is simple: you got a problem? nice, we will format the drive a put a new (misconfigured) image.

      So I have to work with virtual machines, as these smart people have "secured" the system, bringing in full disk encryption (that does not use TPM, so slow), and deactivate USB and keyboard until you launch windows. But that means that if windows is asking you to press enter to boot, you have to reformat the laptop!!

      And I am not talking about a small company,,,

    3. TheVogon
      Mushroom

      Re: Hmm...

      What is the difference between this and employee mobile phones or contractor laptops - both of which are already present in most large businesses?

  4. Anonymous Coward
    Devil

    Savings?

    "But some organisations have decided to trust the user and claim big savings in productivity by deploying BYOD."

    Trust the user or trust their admins to keep everything safe?

    And speaking of which; I can't help wonder how much extra taxation this is going to put on IT. Depending on how you (try to) implement all this I can imagine it now: "So I brought my laptop and I can't see my PC?", "Where is that standard logon screen?", "How do I access my files again?", "Why doesn't my version of Word 2003 open this Word 2010 file?", "My Avast kept saying I have a virus for the past hours but now it seems I can't click the error message away?", "Are you SURE you can't convince management to switch to Office 2003?", "I clicked this icon and then my work PC suddenly showed a blue screen?", "Can you give me an extra HD for my laptop, I tried to copy my documents and now it says my laptop is full", "My PC says "Same IP detected in network", what does that mean?".

    Yeah, that's going to save SO much money....

    1. Anonymous Coward
      Anonymous Coward

      Re: Savings?

      The real savings are in the area of management/HR, who won't have to spend their time listening to underlings mewling about how unfair it is that they have to go out in the field without a cool iFone or Samsung Galaxy to flash around onsite at customers.....

    2. BlueGreen
      Happy

      Re: Savings? @ShelLuser

      And what do you do in your day job, then?

      This is exactly why I stuck with dev + DBA'ing rather than general admin. Too much pain over there...

      Best of luck.

    3. Ed Vim

      Re: Savings?

      It is something of a mess. This is half-dreaming, half-logic but IT departments need to express to upper management the issues involved. If anything, make all staff who insist on using their own devices to sign off on a waiver. In a lot of places general staff resent controls put on their computer usage by IT -- they want the authority to do what they want and how they want under a claim of productivity but they don't want any of the responsibility of their own actions should they cause a serious problem.

  5. Jon Green
    Devil

    Wonderful timing

    What a great discussion to have on Red Nose Day...full marks to El Reg for bringing sysadmin dark comedy to the fore.

    (Try working for a security-sensitive company and suggesting BYOD if you'd like a laugh!)

    1. jake Silver badge
      Pint

      Re: Wonderful timing

      Indeed, Jon Green. In such circles, BYOD means "Break Your Own Defenses".

      I could tell you how I know, but then I'd have to shoot you.

      Beer, because I might have to turn to it to make the stupidity go away for a bit.

    2. Metrognome
      Meh

      Re: Wonderful timing

      Well I do work so a very security-sensitive area of my firm dealing with mil-spec stuff and developing for the military.

      And yet our IT is firmly on the Arctic Fox's definition of CYODWPFI ie we choose from a broad palette of devices that gets updated nearly fortnightly with the latest shiny-shiny and our IT guys just pledge to let us use it.

      OK some of the security/password/encryption/2FA etc. are a bit extreme but they do not interfere with our freedom of choice, just our ease of use. But I have no qualms about it as I know that this inconvenience is part and parcel of working in the sector.

      Last I check the smartphone catalogue was basically all of BB, all of Apple, the latest Lumias and some 2 dozen pages of androids of various shapes & sizes. While not pure BYOD, it's not far off.

      FWIW, online private storage of the likes of google drive, dropbox, MS's and Amazon's equivalents are far more of a risk than loosely secured smartphone.

  6. Christian Berger

    It will be a worse disaster than the PC age

    Today's mobile platforms are at a 1990s security level. The treats they were designed to be secure against were treats against the business models of operators, hardware manufacturers and app-developers. The security of the data of the user never was a design criterion.

    Plus we still don't know how a proper mobile system should look like. We are still years away from even basic safety measures like "full disk encryption".

    Heck there are even systems out there where all the e-mail goes through a closed source gateway running with admin rights. And those are even the better ones as they claim to have some form of Flash encryption.

    Then there's no sane way of updating your operating systems since the SoC manufacturers want the market to be fragmented so no single image can run on different models. So even if you had updates (which still need to go through the manufacturer) you'll still have next to no possibility to have a common patch level.

    You can see what this means if you look back to old Unix, midrange or mainframe-based installations. Those don't need to worry about the text editor being exploited, mainly because the user only has limited rights, and all the data is stored centrally where backups are made regularly. It's much easier to manage the system that way as you only have a few systems to manage and they are just a few steps away in the server room.

    1. Anonymous Coward
      Anonymous Coward

      Re: It will be a worse disaster than the PC age

      Windows Phone already has FIPS compliant full disk encryption:

      http://www.wpcentral.com/microsoft-beefing-security-windows-phone-8

      1. Anonymous Coward
        Anonymous Coward

        Re: It will be a worse disaster than the PC age

        Doesn't matter, what he means is "Apple haven't invented it yet". Give them a few years, they'll catch up.

      2. Christian Berger

        Re: It will be a worse disaster than the PC age

        How do I change the key? Where is the key stored? Is it actually implemented?

        If the key is installed on the device itself, it's useless since you can just read it out.

  7. Turn it off then back on..
    Mushroom

    Re: Savings?

    Also most of the BYO devices will require wireless connections. I'm a network tech and work in a university where we've begun the whole BYOD thing. We've spent a fortune this last year due to the amount of new devices wanting connections to the internet. Black spots need to be covered, drop outs due to excessive traffic, and that's just the learners. Earlier Android tablets don't have a proxy authentication option, iPhones/pads/pods have issues with certain channels on the wireless. While on the outside it looks cool and seems a great idea, the inside is a nightmare to keep that sort of stuff running smoothly and costs a fortune if you have significantly high usage.

  8. Paul Wells
    Thumb Down

    BUY Your Own Device

    Saves the company a lot of money as they no longer pay for any work equipment.

    Not got a phone from this list then you'll have to buy one. Not got a laptop from this list then you'll have to buy one. Not got business messaging on your phone plan then you'll have to upgrade.

    And you have to allow the HelpDesk to install remote reformatting software.

  9. Anonymous Coward
    Anonymous Coward

    What about the security risks if people run Android stuff? I don't want that malware magnet anywhere near corporate systems....

  10. Anonymous Coward
    Anonymous Coward

    Forgive my ignorance..

    .. But i thought the whole point of BYOD was that it would basically be used as a thin client to the bigger corporate network?

    So you have a secure terminal / remote access window on the client and VM's are installed on the server. Then this would...

    1. Protect the corporate network from potential virus infection

    2. Data theft (i.e disallow/create policy for copying of company files to YOD)

    3. Reduce company IT bill

    Of cause Co's will still have to buy servers for users to log in to.. Big fancy one's, as the load will be on the server.

    1. BobsNephew
      Flame

      Re: Forgive my ignorance..

      You're forgiven but you're still wrong... I've seen the scenario you describe deployed at a medium sized bank and it was DOA because the users (often exec level) don't want to use their iPad to do work on a remote Win7 VDI session... they want to "do work on their iPad". And because there are so many execs with these devices you can guess who's going to get their way. Apparently having to remote into a secure environment and work on properly secured systems really wrecks the fun of twiddling their toy.

  11. Dale Vile, Freeform Dynamics
    Stop

    Whoa - massive unsubstatiated assumption here

    I realise the covering piece is there to provoke a reaction, but this phrase is extremely assumptive:

    "But some organisations have decided to trust the user and claim big savings in productivity by deploying BYOD"

    The implication is that productivity gains are a given if you can overcome some of the risks and practicalities associated with BYOD. There are arguments and experiences that go both ways on this. The first point of order is that just because a user 'feels' they are more productive with their non-standard personal device doesn't mean they actually are. People tend to accentuate the positives and conveniently forget the hassle factor of working around inconsistencies and incompatibilities. Even if they are somehow more 'productive', the lack of cohesion if you have too much diversity within a team or workgroup means lots of time reinventing the wheel, dealing with round trip document editing issues (when different editors are used), and so on. Productivity at an aggregate level is rarely considered in the BYOD discussion, but it should be.

    Don't get me wrong, I'm not saying it is all bad, just that even if you overcome the risk and support related challenges, it's not necessarily all good either from a productivity perspective.

    In my experience, when people start quoting the benefits of BYOD, most (if not all) of what they tell you are benefits of mobile computing. I guess if you can't afford the cost of deploying mobile technology in a fully supported manner, then the two are essentially the same. My feeling from having talked to a lot of people on this, however, is that you are generally going to get a better result by giving people what they need to do their job. There are enough good devices out there that are enterprise ready and very desirable, so it's no longer a case of business phone must be crap and personal phone sexy.

    Sure, BYOD is here, and it probably makes sense to look for ways to accommodate it, e.g. for borderline cases or VIP users wanting to connect up their optional bling. But if a mobile device is really going to have a big productivity impact, wouldn't you be better to supply as an essential tool and make sure it all hangs together at a team, workgroup and company level?

    Bottom line is that I would like to see the following discussion point added to the agenda for the live chat:

    "Are productivity benefits really a given with BYOD?"

    Cheers

    Dale

    1. RonWheeler
      Devil

      Re: Whoa - massive unsubstatiated assumption here

      Most users feel sitting on Facebook, What app and Twitter all day is highly productive use of their time.

    2. Trevor_Pott Gold badge
      Pint

      @Dale Re: Whoa - massive unsubstatiated assumption here

      The issue there isn't technology nor the technology choice. It is people. If you have have people who work best when they are told what to do, how to do it, what to think and how to think it, then a company-mandated top-down approach to everything works best. Sadly, for shareholders everywhere, we're not all drones.

      We cannot paint "BYOD" with a great big brush and make assumptions that apply to all (or most) companies. Each and ever company is going to be different based on the people, politics, extant infrastructure, finances available and yet more that is involved. What works for enterprises won't work for SMBs. For that matter, what works in the UK won't work in the US; the cultures are completely different!

      Hell, I could give you some damned good educated guesses on why the cultural deltas between Edmonton and Toronto would affect the uptake and success of BYOD deployments to various sized businesses (and in which sectors.) You could provide some hard figures from your research. We both have dozens of anecdotes from sysadmins, end users and CIOs we've talked to. Me, mostly in North America. You, mostly in the UK.

      What Tim and Phil really need to do is lock you and I in a room with a video camera, a case each of our favourite beer and let us go at it on this topic. We've had some epic debates on this, you and I, and the results from those conversations end up the same each time: it's the people, stupid.

      "Are productivity benefits really a given with BYOD?" No.

      By the same token: "Are productivity benefits really a given with any technology, ever, regardless of provenance?" No.

      There is also a whole conversation to be had about "applies to some people" versus "applies to the majority." Just because BYOD doesn't make sense for some (or most) doesn't mean it doesn't make sense for others. This stupid internet thing and these stupid "actually capable consumer devices" are raising the expectations of the hoi polloi. "One single policy on endpoint technology applied indiscriminately to everyone from the stock picker to the IT staff to the field sales staff" just doesn't work in 2013. Not everywhere, anyways.

      We need to start a BYOD fight club. :) Cheers and beers, good sir! Next round's on me!

  12. StuartW

    It is all about control

    So the PC revolution was about the corporate workers wresting control of information back from the IT department. When it took weeks (months) to get a report modified managers brought in PCs to allow them to control the information and use spreadsheets to manipulate the numbers to get what they wanted. So the rise of the PC and Lotus 123.

    We are now of the cusp of another revolution where the issue again is control. The IT department has now got back control of the PCs and locked them down so that mere users cant change anything. The users are bring there own tablets, phones, mac books etc in to use to get things done again.

    Some companies are embracing this some are fighting it. I predict that this is just another cycle, and the freedom from control will be short lived, the IT will soon wrest control back from the users and control the tablets, phones, etc. But we will have a few years of freedom.

    1. ecofeco Silver badge
      FAIL

      Re: It is all about control

      No, it's about security. Most users are useless wankers when it comes to security and so are most manufacturers and support has better things to do than support every damn thing ever made.

      There is simply not enough money or manpower to do so.

      1. Anonymous Coward
        Anonymous Coward

        Re: It is all about control

        Samsung have tried to make it look like they are doing something about this with Knox, but as it is still Android underneath, its like putting an Elastoplast across the Grand Canyon...

  13. Anonymous Coward
    Anonymous Coward

    Our group IT are so crap...

    ...that they can barely keep our existing, fully company mandated infrastructure alive. BYOD would kill us. Would it surprise you all to know we outsourced our network and *nix admin? I thought not.

    1. ecofeco Silver badge
      Holmes

      Re: Our group IT are so crap...

      Is it? Or is the managers of the group. You know, the ones who never have enough money to fix things properly or pay for good people.

  14. feanor

    The main driver for me would be to have a machine that is actually powerfull enough for me to do my job with, unlike the laughable pocket calculator some desk pilot IT idiot thinks is suitable.

    I could run a corporate image as a VM on my three year old laptop and it would STILL be 10 times as fast as the POS I'm lumbered with!

  15. jason 7
    FAIL

    Some twit with more money than sense.......

    ...bought an iPad and then had his nose put out of joint when he wanted to use it for work (to pose with basically) and the IT dept told him to sod off.

    He then banded together with his other expensive pink shirted friends and pushed it and pushed it.

    And BYOD was invented.

    The power of whining knows no bounds.

    As for the rest of us? I've seen what the general public use cos I make a living trying to fix it all. It's a mess quite frankly.

    Hilarity and disaster will be certain!

  16. Anonymous Coward
    Anonymous Coward

    The problem here is shitty IT departments

    Your network should already assume that every single machine is non-company. It should already assume that every attempt to get at a resource is a hacker unless proven otherwise. Comms between databases, fileservers, etc and your users should be encrypted- even on the internal LAN- and the contents of those data stores should be encrypted as far as practical as well.

    The devices connecting should do so over standard, well documented, interfaces and be restricted by multifactor identification.

    It should NOT matter what device connects to your network, you should always always always assume it's hostile and that the user has no legitimate reason to be connected or doing what they're trying to until you establish that this is not true.

    If you assume that a 'company' computer (say, one on the LAN) is legitimate just because it's plugged into a switch, you're opening yourself up to a world of hurt. I've been to clients offices before and found that I have access to their servers- what the hell are their IT thinking?!

    After that, include other forms of control- perhaps only allowing a set of credentials to be used on only one device at a time.

    Once you secure your data properly, BYOD suddenly becomes a lot less of a problem. Assume they're all the enemy- because at some point any one of them could become one.

    1. /dev/me
      Facepalm

      Re: The problem here is shitty IT departments

      Paranoia is a good thing for a sysadmin.

      But; at my old job we had a very active BYOD policy. User devices where physically separated from company infrastructure and didn't even share the same internet connection. But as dozens of soon to be disappointed users found out they could not mount network shares on their iPhones/iPads and one of them, a user with half a clue, found the solution.

      By the time we found out about it, they had been building a shadow-fileserver using Dropbox for months. They had been emailing their documents to themselves so they could upload them and where now using Dropbox as the online collaboration suite they had always wanted. We found out because some overconfident conspirator joked that soon we wouldn't need no stinking fileserver because everything was in the cloud these days.

      Luckily for me, it befell to my boss to explain to our CEO why exactly this was a Bad Thing(tm), as I wouldn't have had patience enough. Because the CEO was of the sorts that actually applauded this sort of initiative. So despite all our measures of keeping the network and data safe, the shadow-network had no better protection than the assumption that no one would be interested.

    2. Anonymous Coward
      Anonymous Coward

      Re: The problem here is shitty IT departments

      Okay, so that got me a couple of downvotes... Care to explain WHY slightly paranoid security is a bad thing? Eggshell security (once you're in there's little extra resistance) is shown to be a bad idea on an almost daily basis around the world.

      Your data should be secured point-to-point and, ideally, should be secured and encrypted when at rest as well. While it doesnt stop users dropboxing files it does stop them uploading unencrypted data without resaving or copy-and-pasting the contents out of the encrypted file.

  17. Shadowbadger

    Setting aside for a moment whether the network is set up to securely accommodate this (which it should).

    The problem here is user variety. Some can troubleshoot most of their own problems, but others cannot be reliably expected to use a toaster correctly. I have seen a user solder a power supply to a laptop mobo where the connectors had been physically damaged (great thinking on his part as his being offshore made the "damage" to the laptop meaningless, the job and having the laptop working at all was worth so much more than the laptop).

    I have also seen someone post a CD through the gap between two blanking plates and get confused as to why it was not working (the student we had sent through came and got me to "help", read "laugh at" this user).

    This level of understanding varies both within and between organisations. It would be hard to say to Brian (and his difficulty finding the app every morning) that you do not have time to support him when you do support Steve (on his one semi-interesting and helpful issue every couple of years).

    You would alienate entire sales departments on a regular basis.

  18. Anonymous Coward
    Anonymous Coward

    "But some organisations have decided to trust the user and claim big savings in productivity by deploying BYOD." but of course they lie. BYOD is a sham and those caught up in the whirlwind deserve the large fine they are bound to receive at some point.

  19. Ouch
    Thumb Up

    It is a great thing and going to get bigger.

    Why not, just about everyone has some sort of personal smart device, phone,pad,laptop.

    We implemented and air gaped WiFi solution. Employees love it ,we love it, reduced load on our business LAN/WAN and stops people trying to load crap onto their desktops.

    If they want to access the corporate email over it or any other network, we have a app fro that, ha that allows us to remote wipe their devices. Droid and Apple.

    As for UK HSE, madness PAT testing etc. One company I worked with which forced you to wear safety boots, done cloves and safety specs to mount a 1U device FFS. Even they allow you to plug in your own phone or laptop to charge it. Ok you did have to get your charger PAT tested but at least you could get it tested on the same day.

  20. Anonymous Coward
    Anonymous Coward

    Internal IT organisations ran as corporate profit centres have the most to lose here.

    Each 'PC' is a wrapper for a bundle of services associated with it, so it can cost £6k per year to rent a 'PC' per person for example.

    When you remove the need for the physical 'PC' to be deployed because people can use BYOD it becomes a serious issue.

    It is a challenge to profitability in the IT company (usually located in a tax benefficial country).

    In this context the disaster is a loss in profit and tax benefits.

  21. Corinne

    More H&S issues...

    I'm going to throw another H&S issue into the mix here. Who would be legally responsible if someone developed RSI or a posture related problem because they are using a device they own but for work use, and are only using it because the employer has a BYOD policy & therefore doesn't supply any of the hardware?

  22. FireExit
    WTF?

    Wow - So man people here seems to be totally missing the point of BYOD!

    I do agree that many uniformed CEO's will see BYOD as an opportunity to offload IT costs to the employees - but done properly it doesn't need to be the source of outrage and indignation to sysadmins that I see here.

    BYOD is a part of a wider initative to decouple resources such as applications and data from devices. To do BYOD properly a company needs to invest in a platform to allow access to the resources people need to be productive in a safe

    and secure way on any appropriate device - regardless of who owns it.

    It's not about me handing my personal laptop over to IT to be put onto the domain, but rather me accessing centrally hosted applications and data from ANY device in a consistent way whether I am at my desk on a company supplied PC /

    thin client device or working from home / client site.

    My employer does BYOD right. I can either have a corporate issued laptop or be given an amount of money to provide my own IT kit. Either way the applications are delivered to me in the same way via Citrix technology. I chose the BYOD

    option as I travel for work and live out of a suitcase in the week. BYOD allows me to carry a single device that meets both my business and personal needs.

    I was a sysadmin for years and the facist streak that ran through many of my colleagues while necissary at the time is soon to be a relic from the past. The Baby boomer generation will be retiring over the next decade to be replaced by

    Millenials who have grown up surrounded by technology. They are chafing under the dictatorship of the IT department and service models will need to change as a result as IT provision becomes a key factor in the retention of talent. It's

    Sysadmins will need to move with the times or risk being swept out of the way.

  23. jason 7
    Happy

    Just ban the use of Powerpoint in your organisation...

    ....and you can get rid of 25% of your workforce with no negative impact. The remaining 75% will have a lot more time to do actual work than sit through the pointless presentations created by the 25%.

    1. jake Silver badge

      Re: Just ban the use of Powerpoint in your organisation...

      Not 25% of your workforce, jason 7. Rather, roughly 35% of your middle management. In my experience, anyway. PowerPoint has wasted more person-hours of corporate time (read "money") than any other single piece of corporate bullshit I've ever run across.

    2. AceRimmer

      Re: Just ban the use of Powerpoint in your organisation...

      Powerpoint does't kill people; people kill people

    3. Anonymous Coward
      Anonymous Coward

      Re: Just ban the use of Powerpoint in your organisation...

      One advantage of mobile devices is that they are very bad at handling PowerPoint.

  24. This post has been deleted by its author

  25. Anonymous Coward
    Anonymous Coward

    Great session...

    but the CoverIT live solution sucks balls - comments were taking 3 - 5 mins to appear, when they did, most seem to have got lost.

    1. Trevor_Pott Gold badge

      Re: Great session...

      I believe comments were moderated.

  26. RobertD
    IT Angle

    That was a very useful, thought-provoking session - thanks to everyone who took part! Lots of food for thought.

This topic is closed for new posts.