Gregg Eldred

A blog title with not one word in it. [laughs]

What a strange thing to admit, from a company that sells an MDM. Or is this considered "transparency?"

In 2010, like many large companies in recent years, IBM adopted a "bring your own device" policy, meaning that employees who want to work outside the office don't have to use a smart phone provided by the company. Although IBM still gives BlackBerrys to about 40,000 of its 400,000 employees, 80,000 other workers now reach internal IBM networks using other smart phones and tablets, including ones they purchased for themselves.

The trend toward employee-owned devices isn't saving IBM any money, says Jeanette Horan, who is IBM's chief information officer and oversees all the company's internal use of IT. Instead, she says, it has created new challenges for her department of 5,000 people, because employees' devices are full of software that IBM doesn't control.

Dropbox, Box.net, iCloud, Siri, are all banned by IBM. How does IBM enforce their policies? By using 1998 technology, apparently.

. . . Before an employee's own device can be used to access IBM networks, the IT department configures it so that its memory can be erased remotely if it is lost or stolen. The IT crew also disables public file-transfer programs like Apple's iCloud; instead, employees use an IBM-hosted version called MyMobileHub. IBM even turns off Siri, the voice-activated personal assistant, on employees' iPhones. The company worries that the spoken queries might be stored somewhere.

It seems really strange to me that people at IBM handle every personal device that enters the environment. There must be information missing from this article, I can't believe that they have the time or inclination to configure personal devices like we used to do in the early days of PC's. Not when you can publish a policy that states to the effect that in order to connect to IBM's network, which includes mail, calendar, contacts, files, and whatnot, you must install an MDM. And that IBM has the right to wipe the device, and potentially all of the data on the device. I find this whole thing hard to believe especially when IBM markets a product that

. . . helps organizations protect against data loss and other risks caused by device theft, unauthorized access, malware, spyware, and inappropriate applications. It is designed to help mitigate security risks associated with the increasing number of employee-owned and corporate-liable mobile devices accessing sensitive business data. Delivered as a hosted, managed service, clients can put these controls into action without the need to deploy and manage systems or to make a major investment of in-house personnel and technology.

Apparently, they will SELL you products and services that will manage YOUR devices but they don't use it themselves. Bloody brilliant.

On a more upbeat note, @darrenduke points out that IBM *finally* has a marketing plan.



Link: IBM Unveils Mobile Security Service to Protect Sensitive Corporate Data

Link: Technology Review: IBM Faces the Perils of "Bring Your Own Device"