Forget BYOD – it's now BYOC

For the last couple of years CIOs and CSOs have been fighting to manage the rising tide of personal devices entering the enterprise. But that's changing as people start to bring their own cloud apps and services into the enterprise. BYOC – Bring your own Cloud – is the new challenge.

At the recent Cloud Innovation Forum held in Saratoga, California, Michael Howard from Infonetics Research hosted a panel discussion with John Marshall from AirWatch by VMware, Erik Papir from HP, Manish Rai from Meru Networks and Vittorio Viarengo from MobileIron.

According to research presented by Howard, a third of the devices today inside North American enterprises are mobile and that's expected to grow to 50% during by 2014 with the number of devices per user rising.

"One of the interesting facts here is that the majority allow employees to bring their own devices and only 25% of the enterprises that we surveyed said they don't. How do you stop it? They don't allow it but it happens anyway".

Marshall commented that while BYOD adoption continues to rise, there are still difficulties with security, governance and privacy. He suggested that part of the problem stemmed from how BYOD was adopted.

"There is a perception that BYOD is kind of a one size fits all and I think what we are seeing in more organisations is there is different levels of BYOD now. And there is a BYOD what does it mean for an executive versus what does it mean for maybe a store associate or somebody in the middle. And I think early on BYOD was really binary, you do it or you don't. And we are seeing now people adopting it in smaller ways," he said.

In Rai's view, much of this was driven by the popularity of the iPad. Before that, BYOD was not considered a viable alternative. He said that "When the CEO brings that iPad to work he wants coverage and the budget's started appearing".

At the moment, with the rapid uptake of BYOD, there are some lessons to be learned according to Viarengo.

"I think that looking at BYOD on its own and focusing on security and the problems is short-sighted, because I think we have an opportunity to look at history and look at mobility as the biggest opportunity for innovation that we've had since the web".

Although BYOD has been the focus – IT departments have traditionally been focussed on devices. The more complex payload that has been delivered inside the portable device Trojan has been the array of apps and services that those devices have enabled.

"We are seeing this real flexible hybrid approach where based on the app, the business, the collaboration, cross-company collaboration there is all kinds of elements that will come together whether it's a dedicated private cloud, some shared cloud infrastructure, a little bit of Amazon Web Service. So I think organisationally in the past you always thought about one element of all that infrastructure being provided from, I think now based on the application, the company collaboration, the third parties involved you're going to have different clouds that you pull data from, and all of those will have some different policies and integration touch points".

Read more: Navigating the balancing act: how to support user privacy whilst maintaining control of corporate-owned data

Viarengo points to the simple example of cloud storage services such as Dropbox and

"I think the days where IT can mandate what people will use to do that what kind of cloud private or public they are going to use are over. There are some, maybe some healthcare and financial service environments where they can still be able to do it, but for the most part you need to embrace whatever [is] coming in, and so what we are focusing on is enabling our ecosystem".

When it comes to security, this means moving more of our resources out to applications rather than on physical infrastructure as "a lot of applications are in the cloud and it's hard to manage security on the device in this BYOD world," according to Rai".

Anthony Caruana attended the Cloud Innovation Forum in Saratoga, California as a guest of NetEvents.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags BYOCAirWatchMobileIrondropboxcloud securityMeru NetworksManish RaiBox.netcloud storage servicesEric PapiriPadmobile devicesBring your own CloudHPVittorio ViarengoBYODsecurityCloud

More about AirWatch AustraliaAirWatch AustraliaAmazon Web ServicesBox.netCSODropboxEnex TestLabHPInfonetics ResearchMeru NetworksMobileIronVMware Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place