The official hub of The Enterprise Mobility Foundation
Want more than just blog posts? Login or Sign up for a free acount and get research, videos, slide decks and more! Join the online social network for Enterprise Mobility.

Facebook Home And What Han Solo Can Teach You About Your BYOA Mobility Policy

I am admittedly a little late in the game in writing this missive, but I put the blame squarely on the newest addition to the Winthrop Clan who has now made sleep a privilege and not a right for me.  Watch out world, in a decade (or two), you’ll hopefully hear from yet another rabid enterprise mobility enthusiast. Oh wait, I’ve already said more than once that enterprise mobility as a standalone concept will be gone by then.  As usual, I digress.

In any case, I wanted to share some thoughts with you regarding Facebook Home.  Unless you’ve been living under a rock (or dealing with a newborn), you’ve surely heard that Facebook has launched a new application that, for all intents and purposes, takes over your Android smartphone (and soon your Android tablet) to provide a “unique and immersive” Facebook experience.

Because of the ever present consumerization of IT, Facebook Home will have a direct impact on the mobile workplace.  However, Facebook Home – should it take off – will radically shift the conversation from VoEM (I still can’t say what it really means) to BYOA (Bring Your Own Apps).  The problem is that Facebook Home, and any other application that follows its path, will radically change how you use your mobile device…and more importantly how it behaves.  I’ll argue that it’s like putting your mobile stack in a blender and pushing the “Puree” button.

That’s pretty disconcerting to me, at least from an enterprise mobility perspective.  In fact, my good friend Jack Gold from J. Gold & Associates was quoted in CSO Magazine saying:

“It’s an Android device under the covers, but what has Facebook done?”

Only Facebook (really) knows.

The key issue is that apps like Facebook Home could potentially fragment an already highly fragmented market.  How is the workplace supposed to handle this potential information security risk?

This is why I believe that BYOA could actually be an even bigger threat to the mobile workplace than what we have already experienced with the BYOD (crap, I said it) Tsunami.  With the BYOD Tsunami (I said it again), there have certainly been challenges, but at the very least, you have certain handset manufacturers (notably Samsung) that have stepped up and developed specific APIs to help organizations better manage and secure those mobile devices.  But what about individual applications?  Is Facebook going to provide APIs for ILP/DLP?

Not. Bloody. Likely.

So what is an organization to do?  In theory, you could wrap your apps in a secure container, but are you going to do that for EVERY consumer app?  Of course not.  That’s just not tenable.  You could, in theory, put all these “uber-apps” in a secure container, but I’m not sure that this approach is truly feasible, pragmatic, or in the best interest of the user.

Admittedly, I can’t offer you in this missive a silver bullet that can address these new “uber-apps,” but I can at least offer you one suggestion.  Include these new “uber-apps” in your mobility policy. Call them out specifically in your mobility policy and inform your workforce regarding whether they are approved or not.  In fact, make sure your mobility policy makes specific reference to the BYOA phenomenon and consider offering a list of (dis)approved mobile applications.  (What’s bigger than a Tsunami by the way?)

In any case, BYOA is going to be as big, if not bigger than that other enterprise mobility acronym.  To quote Han Solo though, “I’ve got a bad feeling about this.”

One Comment

  1. Posted April 17, 2013 at 12:42 | Permalink

    I agree with you that BYOA is inherently dangerous. But, based on my experience of looking at the Mobility Policies in various large organizations, I can safely say that most large organizations keep the threat to a minimum by specifically calling out apps that are not approved. Some of them deploy mechanisms to prevent the use of such apps (e.g., MDM, MAM), some build a security layer around such apps (e.g., Mocana), and some separate the enterprise part from the personal part in a BYOD situation. Mobility is here to stay and enterprises are doing their best to understand and mitigate associated risks. At the end of the day, mobility is inherently risky and there is no alternative to a tight, well-understood set of policies to handle BYOD (and BYOA) risks.

    Thumb up 0 Thumb down 0

Post a Comment

You must be logged in to post a comment.