Monday, October 10, 2011

The Impact of the Rise of Tablets on Corporate Security

India launched a 35$ tablet based on Android 2.2. It may lack sophistication but has the functionality needed to browse the web, use apps and so forth. This launch is a future indication of how cheap and therefore ubiquitous a tablet is set to become. Corporate employees will soon carry a tablet as a personal item.
The cultural change brought on by online banking, shopping and social networks pressured IT departments to allow access to social sites through their corporate networks. Most refused citing five main reasons; loss of productivity, need for larger bandwidth, security reasons such as malware, violation of corporate policy (viewing adult content, legal issues) and fear of employees posting uncensored content (against other employees or corporate info). But these restrictions simply suppressed a desire. Smartphone’s allowed limited access to social networking sites and email but lacked in rich browsing experience.
Tablets overcome this limitation with larger screen size. As the device and the mobile data access charges are paid by the employee the IT department has no control over its use. Of the five main reasons for disallowing access to social networks the company is freed from; risk of malware, legal issues and higher bandwidth charges. The risks of malware does not go away but simply shifts from the company to the user, but baring this the company will not be able to control the loss of productivity, violation of company policy and uncensored content.
Companies will have to learn to accept the risks, just as companies long stopped trying to prevent employees chatting in corridors and set-up quiet corners and coffee places for employees to mingle.  The net result was an increase in conversations around business and better productivity.
The next step for security professionals will be to modify company policy to accommodate the use of employee owned tablet in the workplace which may be difficult to monitor and enforce.

1 comment:

  1. Lucius, Nice Perspectives. At Intel IT, we see these trends also and are seeing our role in security changing pretty dynamically.

    Between embracing IT consumerization, harnessing the value of cloud computing, and moving more business applications and services to the web are just a few of the trends impacting enterprise security.

    At Intel IT, the security team sees their role as not just to protect but also to enable new usages inside our business. Some of the Intel IT best practices for information security are captured in this 2 page executive insight document (http://www.intel.com/content/www/us/en/it-leadership/intel-it-it-leadership-information-security-should-protect-and-enable-paper.html)

    Hope this is helpful to your readers

    @Chris_P_Intel (twitter)

    ReplyDelete