+44 (0)1753 797100 info@logicalis.com

BYOD and the Cloud: The Dilemma Facing IT

| 27th February 2012 | 1 Comment

Nathaniel Borenstein, Chief Scientist, Mimecast and one of the pioneers of the MIME standard, gives his view of the challenges posed by the Bring Your Own Device movement – and how forward thinking organisations can overcome them.

The bring-your-own-device movement is a warning to businesses that their core is about to get more complicated.  What IT needs to consider now.

The late Einar “Stef” Stefferud was fond of explaining one of the most fundamental principles of Internet architecture this way: “Push complexity to the edges, keep the core simple.” As a general principle, that’s a view that applies just as well to enterprise technology.  Complexity at the core of your operation only makes sense if it’s part of your core value proposition as well – especially given the rise of cloud computing.

Cloud computing brings the potential to outsource almost every non-mission-critical complexity in an IT infrastructure, one by one. The outsourcing simplifies a company’s operations but doesn’t further complicate the cloud provider, which already handles that complexity as its core business.

Which brings us to the complexity inherent in asking IT departments to support employees using all manner of new devices to interact with the IT infrastructure. A “Bring Your Own Device” (BYOD) movement can look like open revolution when viewed from the CIO’s chair. Just how many people will an IT department have to hire to arrange secure access for iPhones, iPads, Android phones, Android tablets, Windows Mobile devices, the evolving Blackberry product lines, and the many other amazing devices likely to be just around the corner?

The answer should be “none.” Depending on your current strategy, you might be able to redirect a few employees to more productive tasks. For many, it requires a major change of mindset and a certain amount of trust in the face of shifting business risks.

A recurring theme in the history of IT has been the shifting boundaries between in-house and outsourced IT expertise and services. It’s a safe bet that when Remington Rand (now Unisys) sold the first UNIVAC to the Census Bureau in 1951, the Census Bureau became a major employer of programmers. Sixty years later, I’d venture that the vast majority of companies that use computers don’t employ a single programmer. Along the way we’ve seen all manner of technical and support services migrate into service bureaus and software companies of every shade and hue.

But, until the Internet and cloud computing came along, there were a few firm boundaries. Data —at least a primary copy—generally stayed on premises, on machines under the control of a company’s own employees. And most importantly for companies of nearly any size, has been the presence of a sophisticated firewall separating “inside” from “outside.”

That distinction is increasingly blurred.

In the era of cloud computing, more and more of a business’ critical data is being stored on remote servers under someone else’s control. If an organisation is keeping the most critical data on the outside—and yes, it’s still a good idea with the right vendor—what exactly makes the inside so special?

The BYOD movement closes the circle. Now there are mobile devices that are “outside” (in many cases inevitably, by virtue of commercial network architecture) communicating with key data and applications, which are also “outside.” Eventually, the “inside” of any IT infrastructure may be nothing more than an Internet access point and a few wireless routers within the building.

How a thousand different kinds of devices communicate with a cloud service shouldn’t be your problem — unless you work for the device or cloud vendor, of course. It’s their job to make sure that employees can use almost any device with almost any cloud service. If a few combinations don’t work, a few device types can be crossed off the acceptable device list, or the business can swap one service provider for another. No big deal, as long as the organisation has enough of an IT staff to stay on top of what’s happening and make alterations to the lists of devices and contractors as needed.

The BYOD movement is a big red flag, telling businesses that their core is about to get much more complicated unless it’s made much more simple. If you want your company to be in the business of supporting hundreds of device types, start hiring. If you don’t, start outsourcing your IT services to the cloud, and let the vendors deal with the challenge.

Views are the author’s and do not necessary reflect those of Logicalis.

As always, please do use the comment feature below to tell us what you think, or share your experience of dealing with BYOD.  Look out for two new blogs, covering EC Data Protection and DNS Poisoning – watch this space…

Nathaniel Borenstein

About Nathaniel Borenstein

Nathaniel Borenstein is chief scientist for cloud-based email management company Mimecast. At Mimecast, he is responsible for driving the company’s product evolution and technological innovation. Dr. Borenstein is the co-creator of the Multipurpose Internet Mail Extensions (MIME) email standard and developer of the Andrew Mail System, metamail software and the Safe-Tcl programming language.

Previously, Dr. Borenstein worked as an IBM Distinguished Engineer, responsible for research and standards strategy for the Lotus brand, and as a faculty member at the University of Michigan and Carnegie-Mellon University. He also founded two successful Internet cloud service start-ups; First Virtual Holdings, the first Internet payment system; and NetPOS, the first Internet-centric point-of-sale system.

One Response to BYOD and the Cloud: The Dilemma Facing IT

  1. I was about to say: Is there really any difference? An MSP can deliver Cloud Services, both public, private and hybrids, depending on their offer? A Managed Service is most often assumed to be connected to a physical device but all services has to be managed by someone at some point, even Cloud Services. But to keep things apart I would say it is easier to keep the definition Managed Service when managing a physical device, even though it can be part of a cloud solution, and then often a private cloud. But why should a service be defined as a Managed Service if systems is connected to a physical server and as an Cloud if a system is connected to virtual server? That definition is new to me. At our company (TeleComputing) most of our services are Managed Services mainly delivered in or through private clouds. We deliver Managed Clients (DaaS) but they are managed from a SCCM ran on a VM. I “assume” this is an IBM-site but if we take Win Intune as an example it is a cloud service managing OS on physical clients. So maybe; is there really any difference? InMaxmind.com

Leave a Reply

Your email address will not be published. Required fields are marked *