Mobile Device Management and Consumerization of IT

IT departments are currently under a lot of strain as they shuffle through the best options for their businesses with regards to Mobile Device Management (MDM). IT departments are more aware than ever before of the risks which are being presented to their employees' devices when it comes to phishing and other security breaches.
As a result, IT administrators are more interested in learning how to stop security threats in their tracks rather than how to respond to them.
Software which is designed to help pre-empt such attacks is out there, but there are more MDM solutions which are aimed at sorting out the mess once it's occurred. This is just too late in some cases, especially where high risk data is concerned.
Damage limitation can assist IT to some extent, but when security has been breached in a workplace where Bring Your Own Device (BYOD) is the norm, in many cases it's too little too late.
Part of the problem is that we're not just talking about mobile devices but also about desktops and the variations required in terms of rolling out MDM solutions across a workforce who are all using their own equipment.
Macs bring their own problems; companies are accepting them as part of their BYOD systems but failing to update their system capabilities to include the additional platforms needed to secure them.

In cases like this, the management is sometimes forced to ask their employees to undertake a job normally assumed by an IT department.

.

. the consumerization of IT is underway due to these widespread issues.
What actions are usually undertaken by IT departments when there is an attack which renders sensitive information vulnerable on company desktop devices? 1.
Ascertain the scope of the problem by checking how many versions of the software which is vulnerable are out there and in use.
2.
Disable the software in question or where possible, update it. 3. Inform users that they need to update more regularly thereby ensuring that less emergency measures will be necessary in future.
The actions listed above are only relevant when IT departments have full access and control of the devices which are used within the organisation.
In cases where the organisation's workforce is using their own devices, then step 2 is impossible to undertake. In these cases the important thing is access rather than software.
.. the ability to access and possibly quarantine devices whose security has been breached is a fundamental point in the successful management of BYOD.
So while employees may be undertaking a large part of their own IT management with regards their personal devices, the final call to action comes from the IT department. This is where policy must be clear; employees must be fully aware that participating in BYOD brings the responsibility of regular specific updates and security measures being undertaken and that management may at certain times, close access to the device if the breach is serious enough. So the relationship between IT and device users is not the same as it once was.
The balance has shifted with the rise of the BYOD trend and the two parties must work together to reach a secure MDM solution for any device being used for professional and personal purposes.