Tablet computing is not overtaking smartphones or PCs in the enterprise, but they’re definitely carving a new business niche for themselves a survey conducted by cloud content management firm Alfresco shows. According to the data cited by GigaOM, tablets have replaced the PC as the go-to workstation for working at home and on the road.
The Alfresco study found that staff is using tablets:
- 48% of enterprise employees are using tablets after hours at home,
- 55% of respondents use tablets at business meetings (vs. 24% using PCs),
- 50% are turning first to slates at conferences, compared to 13% using their laptops.
Alfresco reported that employees prefer the smartphone at more informal business functions
- 57% using them at business lunches and
- 51% using them in coffee shops.
But the tablet is also starting to become commonplace even in those more casual settings: 34% of respondents said they would haul out their slate at a lunch meeting, while 43% would do the same in a coffee shop.
The Alfresco data indicates that the 3-screen reality is coming true. Tablets aren’t replacing either smartphones or laptops, but are instead creating a new space in-between. The vendor says it’s pretty clear that laptops are increasingly tethered to the desk or cube, while tablets are the tool of choice on the go.
RB- This has huge implications on the support side of the equations
Enterprise information security hasn’t caught up with the consumerization of IT according to Lenny Zeltser in a recent article on the Lenny Zeltser on Information Security blog. The author states that the urgency with which organizations need to account for consumerization is driven by modern mobile devices such as Apple iPhones and iPads.
Enterprises are coming to terms with the idea of employees connecting to the corporate network over a VPN. Be it from personal laptops and home workstations according to the article. However, most organizations haven’t looked at the effect that the proliferation of powerful mobile devices has on enterprise security architecture.
Mobile devices sometimes have VPN-like access to the corporate network. In most cases have access to the company’s email contents, calendar, and address book. The devices are as powerful as laptops were just a few years ago. Yet, their operating system’s security has not benefited from the test of time. Tablets and mobile devices lack most of the security controls we’d expect to find in a “legacy” workstation OS.
Mr. Zeltser argues we need to understand how to model the threat vectors related to mobile devices and how to adjust the security of the enterprise architecture accordingly. The measures will probably involve:
- Greater segmentation of the company’s network,
- Treating any device that users interact with, whether it’s a desktop or a mobile phone, as an untrusted node,
- Standards and tools to lock down the configuration of mobile devices,
- Practices and technologies for managing vulnerabilities in applications and the OS of mobile devices,
- Incident response plans that incorporate both “legacy” IT infrastructure assets and mobile devices.
Silicon.com had an article describing Three ways businesses are getting BYOD all wrong. The author claims the days of the standard work-issued laptop are numbered as businesses let staff use their own computers and gadgets in the workplace.
However, in the rush to adopt bring-your-own tech, businesses are placing too many restrictions on how personal devices can be used at work according to Anthony Vigneron, collaboration services global manager at global law firm Clifford Chance. He estimates that about 10 percent of firms’ 7,000 staff share the same device at home and work.
Mr. Vigneron described for silicon.com three ways businesses get it wrong when it comes to letting staff use personal devices at work.
Use sandboxing
Businesses are often advised to provide personal devices with secure access to corporate systems using sandboxed virtual machines. Sand-boxed machines allow remote access to corporate info via a virtual desktop that is run from the business’ data center.
He says it is better to let users access corporate data and apps from their device’s own OS. “Trying to deliver applications within a sandbox is not what users want. That’s not consumerization, that’s just another way of providing the same apps on different hardware,” he said.
“People want to use the native applications. They don’t want to have to log in through some other system.” He concludes “The business should be able to control some of the applications staff use but you don’t want all those things inside another application.”
Give them a choice
Mr. Vigneron argues that the line where work life ends and private life begins is becoming increasingly blurred. So it doesn’t make sense to treat them as two separate entities. By not allowing workers to merge their work and home calendars, contacts, and emails, businesses are imposing an artificial distinction on their staff. He explains, “You do want some separation … People want the choice of being able to work with the same interface.”
Costs matter
Letting staff use their personal smartphone while working may seem like a good idea. However, employees might be in for an unpleasant shock when they get their phone bill. Mr. Vigneron said “For companies to allow for consumerization, the price has to get to an equivalent of what we can get as a corporate. They’re not doing that at the moment.”
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Cyber-insurer Ace Group recently published data they say predicts a data breach. Based on their data (and the need to sell premiums) the insurer claims that all firms are at risk for a data breach. Matthew Prevost, vice president, ACE Professional Risk recently claimed data breaches are inevitable.
ACE has a unique position to speculate, according to ClaimsJournal ACE has over 15 years of experience with cyber-risk. The firm has cataloged a considerable amount of lost data. They recently shared several key insights from their proprietary data. FierceITSecurity explains that based on cyber insurance provider ACE data, the top triggers for data breaches are:
Network security attacks – 25%
Former employees accounted for 25 percent of insider attacks, and financial incentive was the motive in 72 percent of insider attacks, according to ACE.
