WASHINGTON — Remember when working on the go started with your company’s IT person handing you a work phone?
Now it’s often BYOD — bring your own device.
“The days that employers handed out a Blackberry device to their employees are over,” says Omer Eiferman, CEO of the mobile virtualization company Cellrox. “Now everyone comes with their own private device, whether it’s an Android or iPhone or something else.”
Some national security or corporate security jobs require employees to turn in their personal phones while in the workplace, but that’s rare. Forty percent of U.S. consumers who work for large companies use their own smartphone, tablet, or desktop for work, according to statistics from Gartner, as reported in ZDNet.
Employers face a trade-off — on one hand, they know employees may spend company time cruising social media sites; on the other, they know they can reach their workers outside the 9-to-5 window.
Employers also face an even more serious problem — digital security.
Eiferman says younger employees — the ones most likely to want to use their own smartphones — balk at inconvenient security barriers.
“Specifically, millennials don’t care about security,” says Eiferman; “they care about usability.”
While in years past, a firewall on a laptop could protect information security and monitor worker productivity, the power of a computer in an employee’s pocket can be challenging in maintaining the security of, for instance, a company’s email.
“The problem is, those devices are a jungle, because anyone can put almost everything,” says Eiferman. “The challenge is how you can you have secure email, for example, on a BYOD device when the employee just downloaded a game that included malware?”
The answer in many cases is mobile device management — an industry term for administering mobile devices when linked to a corporate network.
One phone, two personas
Rather than requiring employees to carry a work phone and a personal phone, Eiferman’s Israeli-based company can split a device into two or more zones, called personas.
“Instead of finding the very delicate balance between security and usability, we split the device into two or more zones, which we call personas,” says Eiferman. “Let’s delegate one persona to the work-related, and the other for the private stuff.”
Then companies can crank up the security solely on the work-related persona, with encryption and restricting the applications that can be used.
Passwords can be enabled on the work-related persona but not on the personal side, preventing a user from having to enter a passcode before making a call to a spouse.
So an employee bringing a phone to his company’s IT person for configuration can say: “Let me create a work persona. I don’t want your stuff to see my stuff. I don’t want management to check my browsing history at 12 midnight. I want to keep my privacy and freedom.”