BYOD and the Cloud: The Dilemma Facing IT

Nathaniel Borenstein, Chief Scientist, Mimecast and one of the pioneers of the MIME standard, gives his view of the challenges posed by the Bring Your Own Device movement – and how forward thinking organisations can overcome them.

The bring-your-own-device movement is a warning to businesses that their core is about to get more complicated.  What IT needs to consider now.

The late Einar "Stef" Stefferud was fond of explaining one of the most fundamental principles of Internet architecture this way: "Push complexity to the edges, keep the core simple." As a general principle, that’s a view that applies just as well to enterprise technology.  Complexity at the core of your operation only makes sense if it's part of your core value proposition as well - especially given the rise of cloud computing.

Cloud computing brings the potential to outsource almost every non-mission-critical complexity in an IT infrastructure, one by one. The outsourcing simplifies a company’s operations but doesn't further complicate the cloud provider, which already handles that complexity as its core business.

Which brings us to the complexity inherent in asking IT departments to support employees using all manner of new devices to interact with the IT infrastructure. A "Bring Your Own Device" (BYOD) movement can look like open revolution when viewed from the CIO's chair. Just how many people will an IT department have to hire to arrange secure access for iPhones, iPads, Android phones, Android tablets, Windows Mobile devices, the evolving Blackberry product lines, and the many other amazing devices likely to be just around the corner?

The answer should be "none." Depending on your current strategy, you might be able to redirect a few employees to more productive tasks. For many, it requires a major change of mindset and a certain amount of trust in the face of shifting business risks.

A recurring theme in the history of IT has been the shifting boundaries between in-house and outsourced IT expertise and services. It's a safe bet that when Remington Rand (now Unisys) sold the first UNIVAC to the Census Bureau in 1951, the Census Bureau became a major employer of programmers. Sixty years later, I'd venture that the vast majority of companies that use computers don't employ a single programmer. Along the way we've seen all manner of technical and support services migrate into service bureaus and software companies of every shade and hue.

But, until the Internet and cloud computing came along, there were a few firm boundaries. Data —at least a primary copy—generally stayed on premises, on machines under the control of a company's own employees. And most importantly for companies of nearly any size, has been the presence of a sophisticated firewall separating "inside" from "outside."

That distinction is increasingly blurred.

In the era of cloud computing, more and more of a business’ critical data is being stored on remote servers under someone else's control. If an organisation is keeping the most critical data on the outside—and yes, it's still a good idea with the right vendor—what exactly makes the inside so special?

The BYOD movement closes the circle. Now there are mobile devices that are "outside" (in many cases inevitably, by virtue of commercial network architecture) communicating with key data and applications, which are also "outside." Eventually, the "inside" of any IT infrastructure may be nothing more than an Internet access point and a few wireless routers within the building.

How a thousand different kinds of devices communicate with a cloud service shouldn’t be your problem — unless you work for the device or cloud vendor, of course. It's their job to make sure that employees can use almost any device with almost any cloud service. If a few combinations don't work, a few device types can be crossed off the acceptable device list, or the business can swap one service provider for another. No big deal, as long as the organisation has enough of an IT staff to stay on top of what's happening and make alterations to the lists of devices and contractors as needed.

The BYOD movement is a big red flag, telling businesses that their core is about to get much more complicated unless it’s made much more simple. If you want your company to be in the business of supporting hundreds of device types, start hiring. If you don't, start outsourcing your IT services to the cloud, and let the vendors deal with the challenge.

Views are the author’s and do not necessary reflect those of Logicalis.

As always, please do use the comment feature below to tell us what you think, or share your experience of dealing with BYOD.  Look out for two new blogs, covering EC Data Protection and DNS Poisoning – watch this space…

Tags BYOD, Cloud Computing