Saying NO to BYOD When it Comes to Data Security in the Public Sector

ComputerWorld has an interesting article from Jeff Baxter a Principal Architect for the U.S. Public Sector at NetApp on the balance between BYOD and Data Security in the public sector.

Mr. Baxter references a recent survey by Telework Exchange, which finds that nearly half (49%) of federal employees say they use their personal devices for work-related tasks. A fact which creates a dichotomy for administrators to, “simultaneously support and encourage BYOD for the convenience and productivity benefits it delivers, while also putting in place effective policies and procedures that prevent data leakage and mitigate operational costs that come along with mobile device management” according to the blog post.

The article goes on to point out that, “in some cases, the added convenience of BYOD isn’t worth the risk of opening up access, even if it is secured access. In other cases, for knowledge workers that may often need to work from anywhere on data that isn’t so sensitive, the balance can easily tip towards more free access to data. And of course, other government workers spend their entire day in the field performing a function that requires (or is greatly facilitated by) always-on access to a government system via a mobile device.”

The most controversial response is offered first: “Don’t do BYOD”

“Agencies can opt to restrict use only to secured mobile devices provided by the agency that are not used for personal purposes. This is the device equivalent of an “air gapped” network, and allows the agency complete control. The downside is the reduction of employee convenience and potential dissatisfaction from having to carry multiple devices, while incurring additional costs associated with multiple mobile device management.”

Mr. Baxter offers a couple of other options as well, but it will be interesting to see if we are on the verge of a BYOD backlash.