Virtualization Technology News and Information
BYOC: Companies Working out Kinks for Seamless Integration

Most business owners and IT personnel have heard about the growing BYOD (bring your own device) phenomenon, and many more have already implemented it in some form. Information technology research firm Gartner found in a 2013 survey that 38 percent of CIOs will stop providing workers devices all together by 2016. A Dell survey that same year found that 59 percent of IT managers said their company would be at a competitive disadvantages if it didn't employ BYOD policies.

BYOC (bring your own computer) differs from the more popular BYOD because it focuses solely on computers, not smartphones, tablets and other mobile devices. BYOC substantially reduces IT costs for companies by completely eliminating the need to supply computers to employees. But there are inherent security risks, particularly when it comes to data integrity, that companies must identify and deal with to effectively take advantage of the financial and other benefits BYOC offers.

Sandboxing & Virtualization

BYOD policies can be seamlessly implemented because mobile devices were specifically built to sandbox different applications. That means individual programs can execute in a confined environment without the ability to access information from all the other apps installed on a particular device. Contrarily, desktop and laptop operating systems aren't built to automatically sandbox apps, which allows any program to access data from other programs at any time.

Joe Schwendt, CTO of, said that virtualization technology is the key to making BYOC work effectively. All business applications can be installed in a virtual machine on employee computers, which creates separate personal and company environments. Some businesses have employees access company data through a virtual private network. Others simply upload everything to a cloud storage platform with file sync capabilities.

Sandboxing is not foolproof however, particularly when it comes to detecting and eliminating malware. Christopher Kruegel, a computer science professor at the University of California Santa Barbara, told Network World that IT managers will continue to be in a virtual arms race with malware developers. Kreugel helped develop Previct, an anti-malware product that uses a technique he calls "code emulation" to better understand the intent of a potential attack. He believes the product is a step in the right direction, but certainly is not guaranteed to keep systems 100 percent infection-free.

Do the Benefits Outweigh the Risks?

The most complex issues for successful BYOC implementation revolve around data security and employee access. Tim Patrick-Smith, CIO of IT management firm Getronics, said via CBR Online that three layers of security are essential for a safe, effective BYOC environment. Use of a VPN or cloud storage is the obvious one, while access security and data rights are equally important.

Written BYOC policies should prohibit access to the network on unprotected Wi-Fi connections. An automated connection verification system should also be in place to maintain consistent access privileges based on device trustworthiness, not individual discretion. Employees will of course sign an agreement binding them to strict compliance of policies, but a BYOC device will also contain personal, non-work-related files as well.

Enterprise mobility management (EMM) platforms give companies the option of remotely wiping data from a stolen computer or one belonging to an employee who has been terminated. But privacy laws differ by state, which can open a company to lawsuits if they erase personal data from employee devices. Tim Dillon, an analyst for Tech Research Asia, told ZDNet that an Australian company was forced to pay a former employee millions of dollars after remotely wiping their computer despite the individual signing the written policy. The laws of the land superseded company policy in said case.

Final Verdict

BYOC can save a company money, while streamlining several businesses processes. But strong written policies must be drafted and implemented with the assistance of a privacy attorney to protect the company. The process can be complicated, but the benefits are worth the effort.

Published Tuesday, November 18, 2014 6:18 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2014>