IT managers who grapple with Bring Your Own Device (BYOD) policies can expect to see an explosion of different smartphones and tablets used by their workers in the next few years.
As a result, IT shops won't be able to keep up with the support demands needed to protect company data used on the various devices, said Gartner analyst Ken Dulaney in a recent interview.
"The number of devices coming in the next few years will outstrip IT's ability to keep the enterprise secure," he said. "IT can't handle all these devices. They're going crazy. They get into fights on whether users should get upgrades or not."
And because IT shops won't be able to keep up, software vendors will be forced to innovate and create what Dulaney called "beneficial viruses" -- software that will be embedded in sensitive corporate data, such as financial or patient information, that's carried on a smartphone or other mobile device. These beneficial viruses would work like Digital Rights Management (DRM) software seen on music and video files, which require a license to play the file, Dulaney explained.
In his conception, however, the beneficial viruses would take things a step further: sensitive data "would be smart enough to delete itself...," Dulaney said.
"It's time for the SAPs and Oracles to begin thinking about doing that, and it's a lot harder than we think," Dulaney said. "Inside every piece of [corporate] data there would be a beneficial virus that whenever the data found itself in the wrong place [such as on an unauthorized device], it would say, 'I don't see a license to be here and I will delete myself.'"
Today, companies rely on different Mobile Device Management (MDM) software companies to monitor which users with smartphones or tablets are authorized to access certain applications and whether they can use the data offline, or outside of the corporate cloud. But Dulaney said that's not a secure enough approach, and he predicted that MDM -- a "tactical invention" won't be viable for more than three years.
"We have to be smarter about security on mobile devices," he said. "Right now, the data relies on protection from the environment that it's in. But there's leakage of data outside the enterprise with too many entry points to the enterprise [often from mobile devices that can undermine enterprise security].
"Buying MDM is a good idea today, but I can't see that the mobile computing industry is ever going to stabilize so that we can do the things we've done with laptops and desktops for years," he said. "People are being driven by fashion to bring in so many new devices."
Dulaney said he's advised thousands of IT managers and CIOs on BYOD policies for years, urging them to give users some choice in smartphones beyond the classic BlackBerry with its BlackBerry Enterprise Server security.
Dulaney's approach is partly designed to keep IT shops from battling with users who want to choose their own smartphone, or more recently, a tablet. "IT shops instill security requirements about devices and to IT, that's value to the end user, but the end user sees it as taking away freedom," he said.