IPhone: CIOs ponder personal tech toys in the office

By Zach Church, News Writer 05 Mar 2008 | SearchCIO-Midmarket.com

Technology news and tips for Midmarket CIOs Digg This!     StumbleUpon     Del.icio.us

CIO-Midmarket News Podcast Want to take this with you? Download it as a podcast.

As the wireless industry hits its stride -- connections are everywhere and Gartner research shows IT leaders are less and less concerned about security each year -- the consumer and business worlds are on a collision course.

Many employees, enamored with their new, tricked-out personal phones, already want them synced up with their work networks. And more will be asking for that privilege.

More on mobile devices Mobile workers push for smartphones Virtual private networks offer secure, simple remote access

The first reaction, of course, is to say 'No.' Why compromise security and take on a series of network headaches so the hipper component of the company workforce can look cool?

That's a fair question, Gartner analyst and vice president Nick Jones says. But with well-enforced policies and employee education, the blurring of the work device/play device line should be encouraged by CIOs, Jones said.

"Don't say no as a gut reaction," Jones said, speaking at Gartner's Wireless & Mobile Summit this week. "I don't think we can or should always resist demand from employees who may want some corporate applications on employee-owned devices."

Sleep soundly while employees play Remote connections Problem: Unsecured public and home connections offer a window to corporate applications and data. Solution: Use a Secure Sockets Layer virtual private network (SSL VPN), and provide selective access and employee training. Personal, Web-based email Problem: Employees forwarding work email and malicious code. Solution: Monitor use as applied to company policy. Personal mobile devices Problem: Corporate data loss and open to attacks. Solution: Offer thin-client access with SSL VPN, restricted access to corporate systems and no email attachments. Social networks (Facebook, LinkdIn, etc.) Problem: Information leaks and malicious code. Solution: Set company policies and a Web security gateway. Source: Gartner Inc.

Take the BlackBerry. Research In Motion (RIM) President and co-CIO Mike Lazaridis said his company, which manufacturers the popular smartphone, still sees business as the sweet spot. But the BlackBerry is no secret outside of work, and more and more people are buying the phone for personal use. Windows Mobile devices and other smartphones are also starting to gain traction.

"They're literally walking into the stores and asking for a BlackBerry," Lazaridis said. Recently, RIM integrated social networking service Facebook into its phones. Business networking? Maybe. But still, an overwhelmingly out-of-work application.

"They bought them and they want to use this device to connect to corporate email and corporate data," Basso said. "Theoretically, an enterprise should completely ban the use of iPhone. The reality is if you do this what happens is the iPhone users will find other ways to access their email."

Currently, Apple Inc.'s iPhone does not support Microsoft ActiveSync for easy data transfers between personal phones and work computers. Next week, however, will bring Apple's iPhone software development kit, which allows third-party applications to be built for the phone.

"There are dirty ways to make this possible," Basso said. "And then IT … will completely lose control of in terms of security of their data."

Jones and Basso recommend CIOs familiarize themselves with the most popular consumer products -- both wireless and Web-based, such as Facebook and MySpace -- and develop a series of policies on their use in the workplace.

Manufacturers of consumer-cum-business products are constantly pushing those toward employees, said Steve Vandermolen, an IT director at Grand Rapids, Mich.-based restaurant supplier Gordon Food Service. Sooner or later, smartphones and Web applications end up before the IT department and have to be dealt with.

"We look at ways to embrace," Vandermolen said. Gordon Food Service is comfortable with employees using personal BlackBerrys, provided they adhere to company use policies. IPhones are still so new, Vandermolen said, that how compromise will be brokered is yet to be seen.

Vandermolen said caution and oversight is key before IT begins sanctioning user-owned smartphones and other wireless products. And companies shouldn't allow use if there is no real business value, he said.

Some of them are fads and they don't last long. Steve Vandermolen IT director, Gordon Food Service

"Some of them are fads and they don't last long," he said.

Jones and Basso said that kind of open thinking isn't only a must, but it could also be beneficial to the business. Cash-strapped or lower-profit companies may find employees wanting to work on personal products that perform better than anything IT can supply. Business innovation, so often directed from above, might spring up in the lower ranks by employees finding easier ways to complete tasks using rapidly developing consumer products, Jones said.

There is some evidence that CIOs are willing to loosen the reins on employees. A late 2006 Gartner survey of 150 IT directors in Australia found that 72% expected personal smartphones and digital assistants to be sanctioned in the workplace by 2010.

And about half of 97 U.S. CIOs surveyed by Gartner late last year said they were satisfied with the ability of consumer-oriented products and applications to help work toward business success.

(That isn't the case with everything, Bello said. Another survey found that about 90% of CIOs want to ban Facebook outright.)

Besides security precautions (see sidebar), CIOs should begin developing policies for personal-device use and build and enforce a list of unauthorized devices, Basso said. Conversely, she suggested building a list of approved devices and encouraging employees to purchase those. Educating employees about secure use of personal wireless toys is also a must, she said.

Sound Off! -   Be the first to post a message to Sound Off!

Tags: Mobile technology for the midmarket,  Remote connectivity for the midmarket,  Information security management for the midmarket,  Web 2.0 technology for the midmarket,  Tools and Technology: Avoiding cool-tool envy,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us