don't touch my BYOD!

Using your personal equipment (iPhone, iPad, and Android and other mobile devices) for professional purposes has almost become the new norm. The BYOD phenomenon is the result of a groundswell movement. Companies are now torn between the advantages of this model and the security challenges it presents. At the same time, device owners have to stay vigilant and not let overzealous companies and technologies push them around.

technologically advanced

More and more people are using their personal devices at the workplace. Using their own devices lets them keep working while traveling, commuting or staying home. One of the reasons behind this movement is that very often (too often?) these devices are more powerful and user-friendly than the “antiques” their company provides them at work.

companies at a crossroads

Companies are dreading the consequences of BYOD, which can lead to leaked data or unauthorized access. Cutting to the chase, can BYOD pose a big enough threat to be banned from companies? No.

On the contrary, BYOD is a golden opportunity for companies for two reasons:

  1. it reduces IT costs because employees buy their devices themselves
  2. it increases employee productivity. It helps pick up a few precious extra hours of work without having to pay for them, or for additional labor costs.

It’s not just the “in” thing to do: allowing and encouraging BYOD provides a business advantage for companies, as they look for ways to optimize costs in a difficult economic environment. For more analysis of this phenomenon and its challenges, check out my colleague Stewart Baines’ article, “Why do we bring our own devices to work?

BYOD security: a tough challenge!

Securing BYOD terminals is no easy task: as opposed to the devices they provide, companies cannot dictate terms of use and required security measures for devices owned by employees.

companies no longer make the decisions

Yep, it’s a rule: for all employee devices, companies will have to get employees to agree before changing settings, installing security solutions, or even remotely geolocating or deleting data on the device.

To an extent, employees can now take back control, because they will only accept solutions that benefit them personally and professionally. And yes, IT and security managers will have to take employee expectations into account during negotiations.

VDI: the ultimate solution for BYOD?

But does securing a BYOD device solve the problem? Maybe there’s another solution. Virtual Desktop Interface (VDI) technologies such as Citrix (XenDesktop or XenApp) and VMware (VMware View) now make it possible to remotely access company applications from nearly any kind of device.

These solutions are now available in packs. That’s the idea behind “VDI-In-A-Box .” Obviously, companies will have to handle security for these “application centers.” The GCN article “Bring your smart phone to work, leave your data in Somalia” sheds some interesting light on this topic.

The only hitch with this kind of technology is that you need network access. But this isn’t, or more accurately, will no longer soon be a problem. Indeed, 3G networks offer increasingly high performance, and with the arrival of LTE (or “4G”), coverage and speeds will only increase. You can read more about 4G’s arrival in Europe here.


The question is no longer “to BYOD or not to BYOD,” but how and under what security conditions. Workplace virtualization solutions and applications joined with high-performance network access should help answer this question.


photo credit: © Ben Chams -

This blog post was originally published in French here.

Jean-François Audenard

Au sein de la direction sécurité du Groupe Orange, je suis en charge de la veille sécurité et de la sensibilisation à la sécurité. Franchise, optimisme et bonne-humeur sont mes moteurs quotidiens