Status Excessu D

My friend, Johnny, recently returned form a business trip and had some insights about work and his use of mobile platforms. He found that even though he brought both his laptop and iPad that he could really have made do with just the latter.

Where was my laptop? It sat in a safe in my room all week long. The dreaded BatPhone call from Commissioner Gordon never came. To be honest, my iPad is capable of accessing work via VPN. I could have easily survived all week long with my work laptop sitting back home.

I’ve had my iPad for over a year and three months after I started using it I found that I no longer used my MacBook. Oh, I still needed a computer for heavy work. I spent as much time on my iMac as I did before getting the iPad but the laptop … it now sits under the TV doing work as a media server. I found that my iPad was the perfect mobility solution for me. I’ve used to compose blog posts, do presentations, and take meeting notes. It is the ultimate productivity tool for the lightweight “managerial” task that I’m employed to do.

Johnny' problem.

The problem is corporate IT would probably have had kittens if they knew I was accessing work in this manner.

I’m part of that “corporate IT” group. While my employer has embraced mobility — they even appointed someone to a new Director of Mobility positions — they’ve done it in a command and control type scenario. While I understand the need for securing the companies assets, I’m constantly at odds with the approach. It’s stifling innovation and creativity and it needs to change.

Currently information security is focused on securing infrastructure. Firewalls attempt to lock out the bad guys and keep the good guys from leaving the fort. Intrusion Detection Systems raise the alarm when there is an attempt to breach the walls or something behaves in an odd way. The rules and the environment are constantly changing and the alarms are always going off. Exceptions have to be made for trusted “partners”. Application access controls ensure authorized access to systems. Anti-virus to make sure malicious code doesn’t penetrate through the least defensible position in the scheme. It’s all wrong.

Yes, these tools protect the network and systems and end points. They also make it very difficult to get any work done. The reason for all the draconian rules around the iPad and other mobility devices is because IT won’t invest in the tools and process for protecting that which is most valuable — the data. In 2009, I wrote a white paper for upper management suggesting that we investigate technologies and process for using Enterprise Rights Management. I don’t know that it will be perfect, nor cheaper, nor easier to implement but I do know that it opens up a world of platform agnostic computing.

People stock their devices with books, movies, music, news, you name it. Some devices store things locally. Some devices store things locally that were synced from something that is remote. Some devices access things stored remotely. Mind you, “remotely” could mean across the world, across the country or even across your living room. In all cases, it has to be stored somewhere. That is a lot of data and it isn’t being accessed in a single manner that is easily quantified. If that isn’t big enough, data is expected to grow EXPONENTIALLY in the coming years. Consumers will be expecting to access it all from anywhere AND everywhere.

The blog post was titled after the song by artist Armin van Buuren & Gaia which was in my iTunes trance playlist while listening to my Grado SR60i headphones.

Author: Khürt Williams

A human who works in information security and enjoys photography, Formula 1 and craft ale. #nobridge