“The map is no longer the territory”. The ‘map’ in this case represents the inventory and network diagrams that used to tell IT people where all the systems and endpoints were on their network. The ‘territory’ on the other hand represents reality, in terms of what’s actually out there and connecting in. Prior to the mobile and BYOD explosion the map and the territory were pretty much the same, give or take, but I believe this is no longer the case and is becoming less so every day. The unstoppable trend is that more employees are using their own smartphones and tablets for work, creating an upward surge of consumer mobile devices accessing corporate networks and storing corporate data. Organisations must therefore prepare themselves for a world where the dominant endpoint is not a desktop computer, but a mobile device.

Latest research shows nearly three-quarters of smart device owning professionals are using those personal devices to access company data, yet more than three-quarters of organisations are failing to manage that activity effectively. Some time ago I wrote an article entitled ‘You can’t protect what you don’t know you’ve got’, and this challenge of finding out what, where and how myriad personal devices are connected and what amount and value of your corporate data is on them, is the primary question you need to answer before attempting to secure anything.

The definition of what constitutes the “personal cloud” remains an area of intense debate. Most purchasers of popular smartphones will be automatically granted access to a personal cloud like Google or iCloud for backing up and providing extended storage for their device, and this is therefore a good starting point in defining what the personal cloud is, and where some of your corporate data might already be.

MDM is certainly a route to take if BYOD is identified as a growing risk, but where you start depends to what degree BYOD has already been allowed to creep in by stealth. Most devices connect wirelessly and many employees have connected their device to the network by finding out the wireless password. So once you have MDM in place you might consider changing all the wireless passwords to force users off the network before allowing them back on in a more controlled, inventoried and secured way.