The pre-Daniel Craig James Bond was the ultimate BYOD (Bring Your Own Device) guy with his rocket cigarettes (You Only Live Twice) and fully-equipped shoe heel (Goldfinger). Today, the typical Android or iOS phone a young professional straight out of college owns has more power and capabilities than Pierce Brosnan's Ericsson phone in Tomorrow Never Dies (1997).
Back when I first joined the workforce, the idea of "Bringing Your Own Device" was not only unheard of, but restricted and discouraged by company policy. My idea of subterfuge consisted of bringing my own screwdriver and pen flashlight. When I finally achieved some sort of authority within the company, I graduated to a pathetic 256MB Samsung Yepp MP3 player that doubled as a USB Flash drive and my Swiss Army Knife (which I ended up leaving home post-911). Later responsibilities as a trainer and instructor in various confidential projects made me realize that network/data security was not something to be trifled with and I had to enforce it with as much power as I could muster with my trainees. Back in 2005, a lax training officer actually allowed an external hard drive in his training room to be used by a trainee to siphon off proprietary information for studying at a later time. I promised myself I'd be damned if I would ever let anyone enter my training room with a USB cable, much less a cellphone.
"There's an app for that!"
Screen caps for James Bond's Ericsson phone from Tomorrow Never Dies (1997)
Honestly, however, it was much harder to enforce the dress code of collared shirts and leather shoes than prevent the use of electronic devices back then since most of the employees way back when thought Linux was a fruit and that knowing how to use Adobe Photoshop was being "technical". However, a few years later, I found myself complaining to my company's network administrator buddy about workstation security. I pressed that locking the USB ports via the BIOS was not enough and that shutting down open ports such as Telnet in the Windows XP systems in the training room should be mandatory. Some of the training classes I was conducting by then with various clients now involved client-requested rooms in lockdown with magnetic card locks and a strict policy regarding bringing in any electronic device. I myself made it a habit to leave my Knoppix LiveUSB in my locker before starting off for the day. Before my very eyes,however, the landscape of technical aptitude began to change as the years went by. It may have been overlooked by everyone else, but it was frighteningly fast and furious in the eyes of corporate trainers everywhere. Everyone began to own a cellphone and although most of the employees really didn't know how to leverage Symbian, Blackberry, or O2 OS, their comfort with portable devices became increasingly obvious. People actually learned to find technical solutions on a search engine!
And then the iPod arrived and next came the iPhone, and Android. Today, there's the affordable and powerful tablets and hybrids. I've long left the training rooms but I could imagine the difficulty of preventing employees from bringing in smartphones and devices into the classroom. Even non-jailbroken iOS and Android devices can make use of extremely powerful apps (free or paid) that can access a company's wireless service, break into the corporate e-mail server, and even download torrents without detection. All anyone really needs is iTunes or access to Google Play to get sophisticated and very user friendly Wi-Fi sniffers, decryption utilities, VPN, remote access, file server functionality, and security tools that can circumvent company network security (especially when they're maintained by a bunch of IT guys fresh out of their Cisco courses with nary any experience). I was more surprised by the audacity of that jerk who outsourced his work to China while watching cat videos than his ability to actually do what he did for months on end.
I like to think I'm as non-Luddite as the next guy (though a futurist like Tony Stark is going too far). Issuing out Thinkpads, Macbook Pros, iPads, MS Surface hybrids, and Lenovo Yoga's to employees seems like a generous and forward-thinking approach that could benefit a company but until companies get their security protocols straight and hire thoroughly skilled and trustworthy IT staff that can protect a company's data assets I recommend managers and corporate suits to go old school and go without BYOD. The dependability of both consumers and the IT industry in the cloud makes everyone dependent on their mobile devices - and this is where the hole is and where disaster can strike. Unlike the good old days of the 80s, you don't need years of training and enthusiasm to wreak havok, steal confidential data, and destroy a company's network and credibility. All you need is the Internet and less than $200.00 of hardware or apps.
Screen caps for James Bond's Ericsson phone from Tomorrow Never Dies (1997)
The solution? Go MacGyver and not James Bond. James Bond was around since the 60s but there were half a dozen traitors breaching his company's security in the franchise even before Daniel Craig pulled out his Sony phone to try to figure out where the traitors were in Quantum of Solace (2008). MacGyver, on the other hand, was the quintessential antithesis of BYOD. Despite the ongoing myth about Richard Dean Anderson's popular 80s hero, he hardly ever used his Swiss Army Knife or ducktape in the seven seasons of his TV show (Believe me, I was an obsessed fan who loved even the preachy and public service announcement episodes). Despite the ongoing myth of "MacGyverisms" (a term hated by fans who grew up in the 80s), it wasn't any device that made MacGyver awesome - it was the fact that even if he did tote fancy devices like James Bond, you can trust MacGyver with the security of your network and confidential data. The guy, after all, was a veritable saint. Unfortunately, employees these days armed with smartphones and mobile devices are far, far, far, from being anywhere close to trustworthy.
"Who needs to go BYOD?"
MacGyver pin-up circa 1988
0 comments:
Post a Comment