Investment firms feeling bullish on BYOD

Don't fear the "bring your own device" (BYOD) trend -- take a chance and find out if it works in your organization, say IT managers in the financial industry that let employees make use of their personal smartphones and tablets for work.

"I'm a huge advocate of 'bring your own device,'" says Robert Meltz, CTO for Hearthstone, the $12 billion investment firm based in Los Angeles focusing on the residential building industry. He acknowledges his company didn't exactly go in pursuit of BYOD for employees, but when employees began asking what they could do with their personal iPads at work, Hearthstone decided to give it a try.

SECURITY: Android malware exploding, says Trend Micro

He says Hearthstone has found one of the most useful ways to integrate business file-sharing with iOS devices is integrating them into the EMC Syncplicity cloud-based file-sharing service the company uses.

With the Syncplicity app for iOS, the user's mobile device has access to Hearthstone's electronic files, updated via the Syncplicity service, says Meltz. He notes the investment firm began using Syncplicity over a year ago, first thinking of it mainly as a way to enhance disaster recovery by having encrypted cloud-based file-sharing that duplicates server files held internally, but it quickly became a basis for all types of file-sharing for mobile devices.

Hearthstone will also reimburse employees for BlackBerries and iPhones, but doesn't favor supporting Android devices due to security concerns mainly around malware issues and the fact that this would be another mobile platform to support.

Blackstone, a New York-based financial firm with $205 billion in investments, has also decided it will support employees' personal iOS devices, says CTO Bill Murphy. It's not favoring Android at the present time.

But for official purposes related to work, Blackstone is mandating that these BYOD iOS devices must run specific corporate-controlled software intended for device security and management. Specifically, this is the MobileIron mobile-management device software and WatchDocs, which facilitates how any electronic document can be distributed.

That means if certain controls are on the document, it couldn't be opened even if it were forwarded, Murphy explains. Blackstone has used WatchDocs for other purposes than just BYOD, but "the mobile revolution is making it more important," he says. The weakest link in security tends to be unwanted actions and behavior by individuals, he notes, and WatchDocs helps prevent mistakes related to BYOD devices.

Having MobileIron on BYOD devices means that the company has the right to wipe the device if it's lost, says Murphy. "The corporate email is on there so we say, sorry, we'll wipe it. They accept that." Employees are encouraged to back up their BYOD devices regularly.

Jeffrey Hunter, vice president at consultancy Booz Allen Hamilton, says it's not unusual for any enterprise to initially fear the BYOD phenomenon because it appears to "break all the rules" associated with traditional IT management. But BYOD can increase employee productivity since traditional IT typically only has a one-size-fits-all strategy, he says, adding Booz Allen also supports BYOD for its employees.

It makes sense for institutions to "avoid total chaos" by defining specific devices and form factors they will allow for BYOD, Hunter says. But he advises caution on the question of deleting the user's personal data from BYOD devices, noting the time has come to find creative approaches toward "data sovereignty" adopted in BYOD to be able to delete business data but not delete the personal data.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email:

Read more about anti-malware in Network World's Anti-malware section.

Join the CSO newsletter!

Error: Please check your email address.

Tags apple iphoneNetworkingsecuritytrend microwirelessGoogle AndroidSyncplicityemcBYOD

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts