Tech, Gadgets, Photography, Social Media and Poor Spelling
CESG the government department who handles policy for data handling amongst other things for government IT earlier this month decided that the imminent demise of the Blackberry (Version 10 of the OS not withstanding) means they need to get another phone approved for government use.. The iPhone got the nod.
With Blackberry pretty much being dropped all over the world, the once darling of the phone world was accredited to allow, with a predefined policy applied to provide Government users with a mobile method of accessing their emails up to a level called restricted, if you were that government minister receiving top secret emails, not so lucky. This has lead to CESG needing to find another phone for Ministers and Minions alike to use to read their email on the go.
This has lead to headlines on sites like cNet of
and on the register as..
The problem is with headlines is they only give you half the story, because while every bureaucrat this side of Westminster is jumping for joy, a shiny new iPad or iPhone may well be coming their way but it’s not all roses and butterflys.
You see, despite reports all over the globe that BYOD is the saviour of us all, and the luvvies of this world thinking they can just hook up their IOS device to the company lan and start downloading to their hearts content the realistic truth is, there is no self respecting sysadmin worth their salt who is going to let that happen.
The realistic truth is the novelty of these devices is going to wear off pretty quick in most cases when the users find out that that smartphone is going to be less smart once the IT dept has got hold of it. Realistically there is no way you can put a device on a company network and expect no recourse from the IT dept. Yes they may be the fun police however as was pointed out to me today “Everyone is an IT specialist, right up until the point it all goes wrong” it’s at that point Sales, Development, Presales they all point the finger at the IT dept and say “sort it out, i’ve got a job to do” and at that point hours of circumventing seurity systems, clicking on no because the backup stops you reading the dailymail.co.uk quite so fast and all the other joys of being a user are things others do.
So what will you get for your £400 iphone when it goes on the company network?
Well i’m happy for you to read your email, but you’ve got to be joking if you think you are saving it on your device, forget about icloud i don’t want the company figures being indexed on icloud or left on a dropbox folder you have passowrd protected with the word kittens or Password123. Forget Apps, why? simple Apple have a history of “forgetting” to actually check all the apps and some of them data scrape, and we can’t trust any app which has access to your mail, contact list, calendar not to pass that data onto another source. best case scenario i’m going to setup a sideload app store but i’m not letting you install all sorts of cloud based google hugging apps.
So as an IT dept I have two choices for Mobile device Managerment
The walled garden consists of an app I install on the iDevice, this connects to a back end MDM server the best example of this is Good Technologies. this app contains a mail client, a contact list, a calendar and maybe some other apps all within an App which can’t speak to any other app on the device. there are obvious pro’s to this however research shows that people want to use the native IOS apps such as mail, calendar and contacts not what’s in the walled garden.
The alternative to the walled garden is to provide the user with the more native experience, however lock down the system so you have control of the apps on the device MobileIron is a good example of this. The user has access to native apps however the system locks down Mail and turns off other apps so the user doesn’t have access to them.
The long and the short of all this is what the user thinks they are going to get, and what they actually get are two different things. The user perceives that they can use their iphone to do all the things on the Apple Ad, the reality is the iDevice needs to be locked down to the point it has the same functionality as a 1992 Nokia phone. This need sto be done because (a) we don’t trust the cloud, the apps and the internet and (b) we don’t trust the user not in the heat of the moment to do something foolish which could compromise the data of the company.
So while CESG may have opened up the government to the world of the iDevice, and while corporate BYOD is the finance departments wet dream, the harsh reality is without good user policy, and protective safeguards from the user and/or the environment this phone is not that flashy new device we see on Apple’s glossy commercials it’s just a very expensive portable email client.