Bring your own device (BYOD) has been around for a while, but that hasn't made it any easier for organizations to manage it. Keeping personal and corporate data separate on those myriad devices is a difficult process, as is setting up the right governance and security policies.
In this Ask the Expert, Derek Gascon, executive director at the Compliance, Governance and Oversight Council, talks about BYOD and mobile data management problems that face modern organizations. Gascon also discusses how organizations should equip their mobile governance programs with the right policies and processes and how new data management and security tools can help.
BYOD is not new, but it's still causing information governance problems for organizations. What are some obstacles to mobile data management, and are there any new tools or processes that can help overcome these concerns?
The major obstacle that still exists is the intermixing of corporate data with personal data on personal devices that are being used for business purposes. The other thing is how you ensure that you're maintaining the delineation between what is corporate data and what is personal data on that device. That's a huge obstacle.
It could be beneficial for people to use their own device, but sometimes they don't want to hand over control to the organization. In some organizations, in order for you to use your own personal device, you're effectively giving them control of the device and the data that's on it, because the company needs to manage it.
The other one is email, which has been used and has been the easier one to deal with on personal devices. But when you start talking about shared file services, where you can now share files from what you generated internally, and you are able to open it on your tablet or your smartphone, how do you ensure that the data is going to the right place, that it is secure and that privacy controls are in place? That's another aspect that organizations are struggling with, because they have to ensure that only certain data gets out to these personal devices, and once the data is out there, that they can effectively manage it.
One way organizations are looking at that is to get their governance programs in place to deal with this unstructured file data and then apply those policies to the distribution endpoints, whether it's a personal laptop and tablet or a smartphone. Get the right policies in place so that once you open that up and individuals do have access to their file share, the rules and the security measures are already in place to validate that only the user or users who are allowed access to the data are the ones getting to it.
There are some new tools coming out. Primarily, they have been focused on being able to do collections from the personal devices. New technologies we are seeing allow for the distribution of data on the devices themselves, but they are fairly new. Tools are still evolving. Organizations should be looking at getting their information governance programs in place so that information is managed appropriately with the right policies, rules and privacy built into them so that they are able to allow access from individuals' personal devices. They should also be evaluating tools and technologies that are starting to come out that allow for more security on the devices themselves. The security and privacy on the devices themselves are areas that will continue to cause concern until we start to see that some of those technologies are securing the data itself.
As told to Ben Cole, site editor.
Learn how to ensure security, privacy in your mobile data management policy
Find out how to best manage mobile devices in a connected organization
Dig Deeper on Information technology governance
Related Q&A from Derek Gascon
As 'dark data' piles up, so do its associated risks and information governance issues. In this Ask the Expert, Derek Gascon offers steps for ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.