Kaseya Advises Caution On Government’s BYOD Strategy

Jiten Karia,

Liam Maxwell announces government initiative to implement Bring Your Own Device, except in high security areas

The UK government has taken a step towards greater IT efficiency by announcing plans to roll out a Bring Your Own Device (BYOD) initiative.

The strategy was announced by Liam Maxwell, director of ICT Futures at the Cabinet Office, who was speaking at an Intellect conference on Thursday.

The problem with BYOD

“BYOD is coming to government although obviously not in the areas needing the greatest security,” he said. “My laptop was costing £1,600 a year to run but then Chris Chant gave me an Apple Mac and it costs just £350.”

Maxwell said that the government’s G-Cloud programme, which aims to reduce the total cost of public sector IT and of which Chant is director, would help the BYOD initiative develop through flexible management of service contracts.

BYOD represents a positive step from the government to adjust to new trends in consumer electronics whilst cutting costs. However, Koby Amedume, EMEA marketing director at systems management software provider Kaseya, suggests that security must be a priority over cost-cutting in the strategy.

“The concern with such a high profile institution allowing its staff, albeit not those operating in highly sensitive areas, to use their own devices is that the same security practices employed within the four walls of government are not extended to these ‘external devices’, thus potentially opening the floodgates for serious breaches of security,” he said.

Amedume’s concern about BYOD, as some others have argued, is that the protocols implemented by network managers for personal devices can be easily forgotten. He notes that to ensure managers can be confident with the strategy, there needs to be a uniform way of overseeing both ‘traditional’ and personal devices.

“If this policy is to be truly effective, the government, and indeed any other organisation considering a BYOD strategy, must first of all examine the current practices they have in place for managing ‘traditional’ corporate devices and then look to extend these to offer protection to employees’ own mobile devices,” he said. “This is the only way to guarantee the safekeeping of your data and these devices.”