BYOD policies are a recipe for disaster

I can’t help thinking that the IT staff who will have to support these employee-owned devices had little say in this decision (Leeds City Council secures mobile devices).

It’s all very well encouraging staff to use their own devices at work, but how do you support and secure these? The answer, of course, is you can’t.

The devices do not belong to the council, so the IT department has no right to tell users what software they can run on them. If the device is already compromised before adding encryption, then that encryption will be ineffective. All it would take for a serious security breach would be for a user to connect their device to a public WI-FI network where someone is sniffing all the traffic.

The people making these decisions know nothing about IT or IT security.

Jon Donnis