Our Blog

BYOD and the Threat of Willful Ignorance

added: 10.22.2013, by Mike Spinney

The proliferation of mobile computing and communication devices in the workplace has become a challenge for information technology managers and policy makers for some time, but the proliferation of bring-your-own-device – or BYOD in industry parlance – has suddenly made this a hot topic. Especially since Edward Snowden absconded with a whole lot of the NSA’s secrets.

In fact, a panel of experts recently convened in the UK to discuss the issue.

You see, it’s rather inconvenient when the personal information of folks like you and I gets pilfered from a company’s data repositories. Those pesky data privacy regulations mean there’s paperwork to file, notices to make, and mea culpas to issue. Not to mention the cost of credit monitoring services, legal fees, public relations counsel, and temporary loss of reputation.

But when someone absconds with a company’s intellectual property, well, now we’re talking about a genuine crisis. Blue ribbon commissions are appointed, panels are convened, and high-powered consultants are hired to figure out a way to stop the bleeding.

It’s not that Snowden invented the insider threat to data loss, but his timing was impeccable. BYOD was already on the minds of many corporate technology managers, cybercrime was a long established and consistent headline maker, Senator Rand Paul’s anti-drone filibuster had recently raised awareness of government intrusiveness, and public disclosure of data breaches made it clear that data protection efforts were akin to a wrestling a greased pig at the county fair.

Yet the threat to data theft from small, mobile storage devices is hardly new, as the Canon roundtable event seemed to imply. Information has been walking out the front door on small form-factor devices for… well, for a decades. Floppy discs, CDs, iPods, thumb drives… all of these and more have played a role in the theft or unintended compromise of data and intellectual property well before anyone coined the term BYOD. Even before the advent of the information age, industrial espionage was taking place courtesy miniature cameras and cassette recorders.

Information has always had value. And because it has always had value, information has always been a target for theft. I’m amazed at the persistent attitude that BYOD represents a new threat to the integrity of data and intellectual property. BYOD may mean new challenges, but the biggest threat is not the latest iPad; it is in the willful ignorance of those who set the example and who set policy for their companies.