Show 111 – BYOD Isn’t a Technology Problem It’s a Management Issue

20 July 2012 by 7 Comments

This week it’s about BYOD. The user-driven IT fad that everyone is talking about as consumer devices offers features that corporate IT cannot hope to deliver. Or can they ? Can a slow moving, under-funded, under-resourced IT department that is lumbered with low quality products from Microsoft deliver a viable solution ? Can the spawn of add-ons keep it somewhat secure from users who don’t care, will users pay for what they use, and will IT Management be able to step up their game and manage the network of the future ?

All this and more as we get our guests around the table:

Michele Chubirka Packet Pushers

Blake Krone Podcast – NSA Show

Troy Martin : @troymart

And of course, Greg and Ethan make the usual noises.

Show Notes

Greg’s Article – Failure of the BYOD …. As a Narrative

New Podcast – Priority Queue!!!

Don’t forget to subscribe to Packet Pushers – Priority Queue http://feeds.feedburner.com/PacketPushersPriorityQueue

  • Priority Queue is our new high intensity feed that contains shows that are too detailed for the weekly feed, or where we flood out several shows in a short period of time. This week we have published seven shows after attending Cisco Live 2012 in San Diego. .

Click the logo to subscribe in iTunes: Packet Pushers Weekly Podcast

Podcast: Play in new window | Download (Duration: 1:31:13 — 41.9MB)

Filed Under: Podcasts, Weekly Shows Tagged With: , , ,
About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

  • http://About.Me/RonnyLam Ronny Lam

    Great episode! Mr. Ferro is on a roll here. Great input from the guests, especially Troy, who advocates a hand full of acces and management tools for BYOD. I totally agree that this, amongst other things, is a management problem, but I also have to agree with Miss.Y that engineers need to think at least a bit in business terms.

  • http://twitter.com/networkstatic Brent Salisbury

    Great listen gang. Ethan’s point of let the business dictate the sec model rather than this bizarre need to push template driven standard security practices to each vertical. My current employer sums it rather well with “protect the data” rather than trying to protect the whole distributed mess of a so called ecosystem we pretend we have today. Greg, whole heartedly agree with you that VDI is about the only reasonable product today, the rest is chewing gum and duct tape. Seems of the regulatory compliance disasters can be satisfied w/ smart applications and pushing the responsibility up the stack into the applications rather than the cost and complexity of the infrastructure. That would be business and managements decisions which the fermenting distaste that you have been talking about is amazingly fun to listen to. Great cast and pace Mrs Y is always fun pushing sec!

  • taranis

    Really enjoyed this episode – it’s nice to hear other people say “this is not a technology problem, it’s a pplicy issue” for a change! While I share some of Greg’s scepticism, I also agree with what appeared to be the majority view that BYOD is pretty much inevitable.

  • Pingback: Internets of Interest for 23rd July 2012 — My EtherealMind

  • pprintz

    This was a great episode, and while more of a higher level discussion, it still was extremely informative. I think it is helpful to stop and take a step back and look at why we do things as we do and is it the best option. So often, I see things implemented for the sake of implementing them; even though there may be little value added. I strive to trim the fat and change the mentality to do things right and with purpose. BYOD has been brought up, more as a look ahead and if we need something to manage the ever-growing list of devices coming onto our network. Being in Edu though, it can be tough to find the balance between locking things down and not making the provided tools useless. I have looked at several MDM solutions and thought about the pros and cons of even starting any kind of BYOD related project and right now, it is just a back burner item. We have a growing user base that have mobile devices of varying sorts, both college sponsored and personal, and right now we have the capability of doing more, but our setup is lacking. This discussion helped because it shows that this is not just an IT decision, it is a collective decision that management needs to be apart of.

    On another note, I am a user of Beacon, which is a great tool when setup properly. With all of the new devices that need some level of network access, Beacon and similar tools, can help us allow access without having to manually enter in every mac address or statically set every ip. It would be impossible to do that with every device. Between Bwacon, ACL’s, and network policy, a relatively secure environment can be maintained. However, I agree with Greg about advocating with companies like MS that encryption and better security are necessary as more information becomes accessible in more ways and we need the tools to protect it.

  • http://twitter.com/fredhsu Fred Hsu

    Awesome episode, I think there is definitely need for these higher level discussions from technologists living in the trenches. We all love the technical deep dives, but I think more of these policy discussions would be a great addition to the regular podcast repertoire.

  • Ch We

    Brilliant episode. Thoroughly enjoyed it. I will re-listen a second time just to note down some of the hilariously poignant quotes from Mrs Y.

    The non-technical point of view is a very fitting way to approach this topic.

    And on the security topic, here’s an example of BYOD policy enforcement from 6 years back:
    I worked for a very large auto-motive company and one of the company policies included a strict ban on any sort of camera on the company premises.
    And the company premises in this case were comprised of multiple square miles of buildings just for the location where I was at in one of their factories in Germany.
    Every security guard had it as their top priority to watch out for any sort of mobile phone that looked like it could have a camera on it.
    I specifically had to organize a mobile phone without a camera (Sony M600) for this job. And because the specific phone looked from the outside as if it would have a camera built-in, I was getting stopped by security staff numerous times to have my phone inspected …..

    Point of the story being:
    1. The company knew what their most critical assets were: future car designs, concept cars, and similar.
    2. They knew what the biggest risks were: Leak of pictures of concept cars, new models etc. to press or competitors ..
    3. They found the way to mitigate the known risk: Control and contain the ubiquity of mobile camera devices via company policy – i.e. cameras are prohibited on company premises
    4. They trained the existing security staff in order to be able to enforce this policy.

    Noteworthy points:
    0 IT staff were involved in this example
    0 new tools were required
    The policy worked.

    Maybe there’s something we can learn from this example and apply to the BYOD topic …. Don’t buy any new tools. And don’t involve IT staff. ;)