What to Do When Your Biggest Threat to Security is a Well-Intentioned Employee

Unfortunately, employees tend to forget or disregard policies, especially mobile security policies, so they may engage in risky behavior without thinking about it. They’re generally unaware of the potential risks, and often treat their mobile device like their company PC, assuming it’s secured by IT.

By: Rick Derouin, TAC Executive Consultant

We all make mistakes. Often, we don’t realize the full ramifications of our actions until we have that “oh no” moment after something has already gone wrong. In a business environment, there may be a large number of employees with enterprise access and multiple platforms, and society’s constant impetus to move to the latest device (which may not be an “official” device) poses a constant threat to security; especially from well-intentioned but security-challenged employees.

Unfortunately, employees tend to forget or disregard policies, especially mobile security policies, so they may engage in risky behavior without thinking about it. They’re generally unaware of the potential risks, and often treat their mobile device like their company PC, assuming it’s secured by IT. In an interview with The Wall Street Journal, the chief information security officer of Blackstone Group LP stated, “The No. 1 most significant risk to every organization is your well-intentioned, non malicious insider who is trying to do the right thing for the organization and makes a stupid mistake.”

What Makes Well-Intentioned Employees Dangerous

Employee threats are sometimes hard to spot, but there are a few warning signs you can look out for. Does the employee instantly access information on their device? There’s a good chance they’re not using a passcode. Were they hired recently or do they miss meetings regularly? They may not have been counseled on the mobile security policy. Do they use multiple devices or a different device type than you’re managing? You may have an unsecured device problem.

Most employees aren’t malicious. They aren’t a deliberate security threat; they just don’t understand that what they’re doing is wrong. Here are the top six mistakes well-intentioned employees make that are a threat to security:

  • Accessing unsecured Wi-Fi
  • Using login credentials on shared or unsecured devices
  • Failing to use a passcode on devices
  • Saving company information to personal devices or cloud storage
  • Inadvertently forwarding sensitive information
  • Taking company information or login credentials with them when they leave

Mitigating the Risk Well-Intentioned Employees Represent

From a security perspective, people are hard to manage; they do all sorts of things when you aren’t looking and you can’t watch them every minute of every day. Still, there are some things you can do to educate employees and manage devices for a more secure mobile environment. Here are four steps you should take to mitigate the risks of a well-intentioned employee:

  • Create well-defined policies.
  • Set device limits.
  • Implement a mobile device management solution.

The nice thing about malicious threats to security is that dealing with them is black and white. They don’t have good intentions, and you don’t want them anywhere near your data. Dealing with the threat of well-intentioned employees is more difficult, because you want them to have access to information, but there’s always a chance that they might misuse it. It can be hard for IT personnel to understand why employees do the things they do, but remember that not everyone understands the risk. Try to put yourself in their less-educated shoes, and safeguard against their mistakes before they make them.

Rick Derouin, TAC Executive Consultant, has more than 35 years of experience in the IT and telecommunications industries, with the past 12 years focused on increasing clients’ business benefits from investments in communications technology and services and ensuring clients need what they have and are paying the best possible price. He has designed and implemented innovative approaches to performance measurement, benchmarking, and alignment of technology for increased communications (voice and data) effectiveness. Mr. Derouin began his career with 10 years at IBM, in the last 15 years of his vendor career he was Senior Vice President of TeleGlobe, Vice President of AT&T Public Sector Markets, World Wide Vice President of Steltor, and Global Vice President of Oracle’s SWAT Team.

Is the Information You Get the Right-For-You Information?

There’s a lot of information floating around on the Internet. Some of it is good, but a lot of it is bad. And to make matters worse, a lot of the information may look good and be  good, but may not be the right information for you.

Here’s what I mean by that.

Much of the information on the Internet is written by (or commissioned by) vendors and is aimed at and written for Fortune 1000 companies. These companies have vast IT departments and large budgets. They can afford to buy in-context information and hire the full-time personnel with the experience and expertise they need.

But what if you’re not a Fortune 1000 company? What if your IT department is small and maybe even understaffed? Or has a tiny budget or a budget that gets smaller and smaller every year (but the business expects more from you)? Or you’re a government agency or not-for-profit, and have to ‘play by different rules’? How do you get the information and services you need, in context and scaled to fit your circumstances?

As an example, TAC was flooded with questions from clients surrounding iPad adoption in the enterprise (and SMB space) when they first came out. Many clients asked identical questions but were at times given vastly different answers. Why? Because the answer given to a Fortune 500 company could in no way be scaled down to a small or medium-sized business, and conversely, an answer for an SMB may be inefficient and costly if scaled to enterprise sizes.

Answers require more than facts, they require context. and that’s the difference between the right information and the right-for-you information.

Have you ever gotten the right information only to find out that is wasn’t the right-for-you information? We’d like to hear about it.

You Think Your Data is Secure? – Think Again.

Should the prevalence of cyber security stories worry your company or you personally? You bet it should! The scary thing is that even with all of the media attention, there are thousands of breaches taking place daily that do not show up in the news. In many cases the hacked companies and individuals don’t even know they’ve been compromised!

by Jim Noble, Director, TAC International

It is no secret that over the last few months, there has been a torrent of cyber security stories hitting the press:

  • Syrian Electronic Army takes down New York Times website for 24 hours because the Times ran an article on “US Military Options in Syria”.
  • Booz Allen Hamilton, Edward Snowden’s employer, claimed that he had every right to access the sensitive government data in his role as systems administrator, and they couldn’t possibly have known of his support for WikiLeaks.
  • In a three-year operation, hackers linked to China’s military infiltrated US defense contractor QinetiQ’s computers and compromised most if not all of the company’s research. QinetiQ makes satellites, drones, and software used by U.S. Special Forces in Afghanistan and the Middle East.
  • Hackers routinely access the hard drives of the photocopiers in the airport lounges of Hong Kong airport, using the remote diagnostics port.
  • A hacking gang targets vehicles being returned off-lease by CEOs, and downloads the contents of the on-board hard drive to get synchronized smartphone data.
  • Motorola’s new smartphone Moto X just released this month will have an always-on listening mode. The hacking community responded by saying that they have been doing that routinely with most models of smartphones.
  • Social Network passwords compromised – millions of IDs and passwords offered for sale on the Internet. Experts say that breaking your business password could take days, but that can shorten to seconds if the attacker knows your social network password.

Should the prevalence of cyber security stories worry your company or you personally? You bet it should! The scary thing is that even with all of the media attention, there are thousands of breaches taking place daily that do not show up in the news. In many cases the hacked companies and individuals don’t even know they’ve been compromised! The Director of the US National Security Agency said it best with this quote “You don’t know when they were there, when they left, what they took, and what they left behind.”

Let’s face it – there is no realistic way for you to prevent a determined attacker from stealing your sensitive data, other than stopping using your phones & computers. So get used to it;  the cyber genie is out of the bottle and there is no way of putting it back. The sooner that you (and your company) get out of denial and accept that inevitable fact, the sooner you can start to do something constructive about it.

This awakening has already taken place in The White House, NASA, the Jet Propulsion Labs, Sony (PlayStation), RSA, The Wall Street Journal, Lockheed Martin, and the list goes on and on.  What do they all have in common? They have all suffered numerous hacking attacks and have come to the realization that it would be both impossible and cost prohibitive to even attempt to completely prevent a recurrence, and so they have instituted mechanisms to detect and react to future events. These mechanisms take many forms and companies hold these secrets as highly confidential (if they were obvious, or made public, the bad guys would find a countermeasure quite quickly).

What are you doing to prevent security breaches? And is it enough?

Windows Phone 8 GDR2 update with Lumia “Amber” – Windows Phone Gets Even Better

Since April of this year, I’ve been using a Windows 8 phone on the Verizon network; specifically a Nokia Lumia 822. I loved it when I got it then; I’m more in love with it now that Microsoft and Nokia have released their updates.

Since April of this year, I’ve been using a Windows 8 phone on the Verizon network; specifically a Nokia Lumia 822, Verizon’s “free” Windows phone (when I received it – I dislike laying out money for handsets). I loved it when I got it then (Read Windows Phone 8: a Very Worthy Underdog); I’m more in love with it now that Microsoft and Nokia have released their updates.

Included in the Microsoft GDR2 and  Nokia Lumia “Amber” updates are better camera functionality, phone storage improvements, bug fixes etc., but some of the best updates for this user are also the most decidedly simple.

Glance Screen

Nokia has had this feature in the past, and now that it’s back, one has to wonder why it ever went away. Using the camera to sense a change in lighting, the Peek Screen shows the time and battery and ringer statuses without having to press a single button on an inactive phone. Having stopped wearing watches long ago because my phones have had clocks in them, it’s really nice to be able to simply remove my phone from my pocket, glance down at the time, and put it back without going through the gyrations of finding the power button and pressing it to see the time, then pressing it again to shut off the lock screen. When the phone sits on my desk, I simply wave my hand over the phone to see the time. After 10:00 PM, the “night mode” kicks in and the time is displayed in red so as not to disturb others in a darkened room.

FM Radio

Nokia sells its phones predominantly in European markets where monthly data plans are almost nonexistent; most people opt for prepaid services. In order to conserve data, Nokia has included an FM radio on the chipset they use in many of their phones. Windows Phone 7 supported FM radio, but the original Windows Phone 8 release did not. The GDR2 update brings back support for this functionality, and I use it almost constantly. Again, a low-tech feature, but one that lets me listen to ballgames and other local radio stations without using my precious data allotment and some app wanting to gather data about me before allowing me to listen. By plugging in a wired headset which the phone uses as the radio antenna, I can listen anywhere, even when there is no WiFi, or even cell service.

Flip-to-Silence

Another simple feature and another win for Nokia. Have you ever been in a meeting with a client or your boss and your phone starts ringing? You then have to find the “ignore” button, hit it, and apologize. With the Nokia 822 (and other Nokia phones) simply turn the phone over and it goes quiet. One has to wonder why this feature isn’t on every phone.

In Conclusion:

The new update has not been out for long, but I’m already spoiled by the added functionality. It’s like getting a new phone for free all over again. The new functions and improvements, added to an already great user experience, make me very happy indeed that I “took the risk” and went with Windows Phone instead of an Apple or Android product.

If you’re looking for a new smartphone, I would recommend that you at least take a look at the Windows offerings; I don’t think you’ll be disappointed.

Windows Phone 8 – A Very Worthy Underdog

WP8 uses the same “Live Tiles” setup as Windows 8, the OS I currently run on my laptop. If anything, the WP8 experience is everything Windows 8 on a laptop wants to be. The start screen on the phone is easy to use. The OS is blazingly fast using 4G or WiFi and there are plenty of visual themes to play with. Voice recognition is excellent and the phone takes commands and dictation well.

I’ve always been the fan of the underdog. I can go through “March Madness” rooting for one team, and then switch teams in the final game, just because the team I was rooting for became the favorite. I’m a Red Sox fan, and was long before they won a World Series. My tablet computer is an HP Touchpad (now running a dual-boot of WebOS and Android). Until recently, I had what Verizon “lovingly” called a feature phone. When it died, I was faced with the realization that there was really no good replacement for it. I would have to upgrade to a smart phone. So, with the choices available to me, I quickly narrowed the field to one… I went with a Nokia Lumia 822 running Windows Phone 8 (WP8).

WP8 uses the same “Live Tiles” setup as Windows 8, the OS I currently run on my laptop, so I can’t really even say that there was a learning curve at all. If anything, the WP8 experience is everything Windows 8 on a laptop wants to be. The start screen on the phone is easy to use. Tiles can be sized (3 sizes) and arranged so you can group your apps by importance, function, or any other way you feel like arranging them. The OS is blazingly fast using 4G or WiFi (I haven’t been in a situation where I’ve had to use 3G yet) and there are plenty of visual themes to play with. Voice recognition is excellent (at least it is for me), and the phone takes commands and dictation well.

In addition to all of this, the phone comes with Microsoft Office.

TAC (The Advisory Council) recently went to the cloud with Exchange 365, and as I said before, I run Windows 8 so I figured it should be an easy task connecting exchange to the phone… and it couldn’t have been simpler. It was, in fact, easier than connecting my laptop. My contacts, calendar, and email sync effortlessly, regardless of which device I use to enter information.

Let’s talk about the Apps and accounts for a minute. Email accounts set up very quickly, and if you have several accounts as I do, you can link (aggregate) them together in the email app to minimize clutter on your start screen. I have all of my personal accounts under one tile, and my business email under another one. Calendars are also aggregated under one app, with selectable colors for each calendar so your personal calendar events appear differently than your business ones.  Appointments are as easy to set on the phone as they are on a laptop with Outlook.The “People Hub” aggregates your contacts from Exchange, Facebook, and pretty much anywhere else you have contacts located. Just like with email, you can link contacts together so you don’t have 5 John Smith’s in your address book, all of whom are the same person. Getting your content (pics, music, movies, etc.) on and off the phone is done through an app that sits on your Windows 8 laptop or desktop. again the app is well designed, and easy to use.

While the app store is not as full as Google Play and Apple’s App Store, it has the apps that I need; primarily productivity and social media apps. There are even several “Siri-like” apps that work very well, although they don’t have Siri’s sense of humor. LinkedIn, Facebook, Twitter, and WordPress all have apps, and where an app is missing, there is generally a third-party one to take its place.

True multitasking (something you still can’t do on an iPhone) is simple; switching between open apps requires a “long hold” on the back button exposing the open apps, then scroll to the app you want and tap it. The only quirk in WP8 is that the only way to shut off an app is to completely back out of it, or go to the phone settings and kill it there. One would think that a swipe down or an “X” in the upper right hand corner would be appropriate, maybe it will be included with the next Windows Phone release.

As for the handset, the Nokia Lumia 822 works for me. For one thing, it was free (with a two-year contract and $30/month Data plan), and I don’t like paying for stuff when I don’t have to. I find the screen to be bright and easy to read, the screen size is more than adequate, it feels good in the hand and it’s not too big in the pocket. Memory is expandable; the unit will take a microSD behind the removable back cover – which means that you can also replace the battery, two things you can’t do with an iPhone. There are an adequate number of ringtones and alert tones, both from Nokia and Microsoft. An 8 megapixel camera with 1080p video is included, as is a front facing low res camera for video calls and “selfies”.

In all, WP8 is what a smart phone OS should be all about; fast, intuitive, customizable, and easy to configure and use. Being late to the mobile game, Microsoft is truly the underdog, but has the pedigree to make believers out of iPhone and Android fans.

I’m rooting for it.

A Learning Curve for Windows 8? Much Ado About Nothing, but Stick With Windows 7 for the Enterprise

Windows 8 really doesn’t bring anything new to the table of advantage to the enterprise. From a productivity standpoint, why introduce change and a learning curve, steep or otherwise, that returns no net return on productivity? The new Metro “Apps” have no useful place in the enterprise and were designed primarily for the consumer market, and for administrators, locking down these apps looks daunting.

I try to be an early adopter, as long as the cost is low. So when I had the opportunity to upgrade my personal laptop to Windows 8 for $15 (I had recently purchased 2 laptops, and Microsoft offers the $15 upgrade to recent purchasers of machines running Window 7), I took the plunge. After reading about the increased security, I knew I should do it for that reason alone. And after reading all the reviews about a steep learning curve, new “Apps”, and how it would be so different running it on a laptop as opposed to a tablet or touch screen device, I decided to do the upgrade anyway.

The upgrade itself was no big deal. The installation was effortless (I created media from which to do the install, one of the options available) but took a long time, since I elected to keep all of my files and settings. Once the laptop rebooted, I took to conquering the so-called steep learning curve, how the new Metro interface would change things forever on the laptop.

For anyone using a tablet of any kind, the learning curve is minimal. For those that have never used a tablet, the learning curve could be steeper, but it really isn’t that daunting.

Microsoft has essentially set up an “invisible” start button in the lower left hand corner of the screen that, when clicked with a mouse, opens the start screen instead of a start menu. Microsoft also starts you on the start screen instead of your old desktop. When on the desktop, nothing at all changed for me. It looks the same as my windows 7 desktop, minus the start button. All of the old keyboard commands and shortcuts work as they used to, all of my applications are the same, the only two real changes were that there is no “Aero Glass” look to the windows, and all the rounded corners are gone.

I haven’t really come up against anything I don’t like about windows 8. Boot times are much faster, the start page is easy to navigate, and the opening screen, with clock and background apps, gives me a great first glance at the day ahead, without even unlocking my account.

That being said, I would stay with Windows 7 for new desktop and laptop upgrades for the enterprise. Here’s why:

Eye candy aside, Windows 8 really doesn’t bring anything new to the table of advantage to the enterprise. From a productivity standpoint, why introduce change and a learning curve, steep or otherwise, that returns no net return on productivity? The new Metro “Apps” have no useful place in the enterprise and were designed primarily for the consumer market, and for administrators, locking down these apps looks daunting. The new version of IE10, while pretty, also takes time to learn to use properly and effectively, another learning curve with no net gain.

So while I will use Windows 8 on my own personal laptop, Windows 7 remains the choice for the enterprise.

BYOD Hurricane

You are not going to stop BYOD from happening. Failure to actively support it will simply lead to security exposures and dissatisfied users (some undoubtedly in senior management). Moreover, unless you currently pay the mobile service charges for company-owned devices, and refuse to pay them for BYOD, IT costs are going to go up.

by Peter Schay, President and CEO of TAC.

I live on the East Coast of the U.S. When it comes to natural disasters, this part of the country rarely gets tornados or earthquakes (at least not damaging earthquakes), but every few years we do get a hurricane.

As natural disasters go, hurricanes have a “feature” not shared by tornados or earthquakes — you know when they are coming. As such, you can prepare for them.

In this regard, bring-your-own-device is like a hurricane. You can’t stop it, but you can be ready for it.

Unless you have a extraordinarily regimented (e.g., military) organizational culture — and the IT and physical security to match — you are not going to stop BYOD from happening. Failure to actively support it will simply lead to security exposures and dissatisfied users (some undoubtedly in senior management). Moreover, unless you currently pay the mobile service charges for company-owned devices, and refuse to pay them for BYOD, IT costs are going to go up.

TAC thought leader Beth Cohen advises, “Rather than attempting to halt the demand, the smarter path is to embrace BYOD’s by providing a safe and secure framework for their use. This framework should have two complementary components: a BYOD policy and the technology framework and administration software to enforce it. An official corporate BYOD policy would not be dissimilar to the corporate security policy. To make it easier, some companies just incorporate their BYOD device policies directly into their standard security policy that all employees are expected to adhere to. The key to successful enforcement is the implementation of the proper MDM [mobile device management] software.”

You may not like it (after all, who except weather junkies likes hurricanes), but you can put in place the BYOD policies and mobile device management technologies to successfully weather the BYOD storm. TAC has helped clients successfully address BYOD issues (policies, device management, security, etc.) in industries ranging from manufacturing to professional services. If you’re struggling with BYOD issues, contact us — we can also help you.

Windows Reimagined

Windows 8 is about moving real Windows (in contrast to Windows CE derivatives such as Windows Phone) downscale — to mobile, consumer-oriented devices. The disruptive “Metro” user experience is the most visible aspect of this strategy, but only part of the big picture.

by Peter Schay, President and CEO of TAC.

The first television ad for Microsoft Windows 8, ending with the tag line “Windows reimagined,” appeared this weekend. With its rapid video cuts, high-energy music, exploding laptop PC, children and teens playing games and videos, humorous photos, children creating artwork, etc., the ad says a lot about Microsoft’s strategy with Windows 8.

The term “reimagine” is one that Microsoft has been using since the first public demonstration of Windows 8 in June 2011. Windows 8 represents the most dramatic change in Windows since Windows NT in 1993 — but in a very different direction.

Windows NT was about bringing robust, enterprise-class operating system technology to what had previously been a fragile kludge-tower of inherently limited and insecure software. Ironically, key capabilities of NT, such as the Hardware Abstraction Layer to simplify porting to multiple processor architectures, and the ability to support multiple simultaneous API subsystems (including POSIX and OS/2 subsystems in early versions of NT), have been underutilized for years, but are the foundation for Windows 8 support of the ARM architecture and side-by-side WinRT and Win32 API subsystems.

In contrast to Windows NT, with its focus on moving upscale, Windows 8 is about moving real Windows (in contrast to Windows CE derivatives such as Windows Phone) downscale — to mobile, consumer-oriented devices. The disruptive “Metro” user experience is the most visible aspect of this strategy, but only part of the big picture.

Although the development of Windows 8 began almost a year before the appearance of the Apple iPad, one helpful way of thinking about Windows 8 is as an iPad competitor that also runs legacy Windows applications. The usage model of the iPad is as a mobile, consumer device used primary for entertainment and education (reading books, watching movies, playing games, video chats with friends, light editing and sharing of personal photos, web browsing, etc.), on which one can also read and reply to e-mail. The Metro/WinRT environment is designed for that usage model.

With PC sales essentially flat, success in the mobile device market is a strategic imperative for Microsoft. That does not, however, necessarily make adoption of Windows 8 a strategic imperative for enterprise or small/midsize business IT.

As I wrote in previous blog postings, the primary near-term opportunity for Windows 8 in business is as a platform for internal-use tablet applications — where a credible business case can be demonstrated for those applications. Unlike iPad and Google Android-based tablet devices, Windows 8 devices can be programmed and managed with tools already familiar to IT development and operations teams, significantly improving the practicality of enterprise tablet deployments.

Notwithstanding the various bells and whistles which have been added for the desktop environment in Windows 8 (faster boot, improved file explorer, improved task manager [my favorite], file history, etc.), none of them are compelling enough to put users through the disruption of introducing the Metro environment — which is unavoidable even for those whose intent is to “live in the desktop.”

The big open question about Windows 8 is the extent that it will succeed at making Microsoft a major player in the consumer tablet market. We will know that when end users start asking IT to add Windows 8 to the bring-your-own-device list.

Two-Thirds of IT Pros Say BYOD Connectivity Increases Company Costs — Duh!

BYOD isn’t about cost reduction; it’s about responding to psychologically driven demands from end-users. Employees in today’s consumer-oriented culture expect to be able to “have it your way,” regardless of whether there is any financial benefit to the business.

by Peter Schay, President and CEO of TAC

I recently saw an article which quoted from an obviously self-serving vendor survey of attendees at an industry conference that, “67% of respondents think that BYOD increases IT and security costs.”

Give me a break. Does anyone really think that bring-your-own-device would reduce costs? BYOD isn’t about cost reduction; it’s about responding to psychologically driven demands from end-users. The vendors of smartphones and tablets, led by Apple, have developed devices with wonderful visual and functional appeal, and have marketed them consummately. Employees in today’s consumer-oriented culture expect to be able to “have it your way,” regardless of whether there is any financial benefit to the business.

IT leaders inevitably have to be responsive “to the business,” but BYOD — far more than PCs in the 1980s — conflates end-user desires with actual business needs. Since business executives are likely to be among those end-users demanding support for some sexy smartphone or tablet, political imperatives require support for BYOD lest — as is so often the case among business executives — IT be perceived as once again obstructionist.

Costs could conceivably go down with BYOD, but only if two policies are implemented: (1) employees with BYOD are on their own when it comes to wireless carrier charges, while the enterprise absorbs the carrier charges for company-owned devices, and (2) “support” from IT is limited to allowing BYOD connection to the enterprise network, without IT involvement in the management of the device. The problem, of course, with policy (2) is the huge security exposure it creates. Also, even if an organization is willing to live with security risks of (2), how likely is it that BYOD users are not going to call the help desk when they have problems?

TAC has helped clients successfully address BYOD issues (policies, device management, security, etc.) in industries ranging from manufacturing to professional services. If you’re struggling with BYOD issues, contact us — we can also help you.

Windows 8, BYOD, and IT Leadership

The arrival of the Windows 8 Release Preview — with its corresponding app development tools — heralds a new phase in the acceptance of mobile form-factors into enterprise computing.

by Peter Schay, President and CEO of TAC.

The arrival of the Windows 8 Release Preview — with its corresponding app development tools — heralds a new phase in the acceptance of mobile form-factors into enterprise computing.

For several years, IT organizations have faced an acceleration of demand for “bring your own device” (BYOD) support — first for smartphones, then for tablets — driven by the consumer appeal of devices such as the Apple iPhone and iPad. While superficially “driven by the business,” expenditures on IT resources to support end-user BYOD demands usually violate the second principle I wrote about in my previous blog posting: IT projects should only be initiated when there will be a measurable financial benefit to the enterprise.

BYOD is a different issue, of course, from those leading-edge enterprises, primarily in consumer markets, that have developed mobile apps for marketing and customer-service purposes. One could presume that they did so only after developing credible business cases for those investments (although I suspect that many were done to “get on the bandwagon” without a convincing financial analysis).

One of the challenges facing IT when it comes to embracing the current dominant mobile platforms — Google Android for non-Apple smartphones, and Apple iOS for iPhone and iPad — is that these systems are alien technologies to their current staff. Also, these platforms were not designed with a goal of fitting easily into enterprise architectures. These factors have, I believe, discouraged IT leaders from thinking proactively about how mobile technologies can be used within the enterprise to create business value.

Windows 8, on the other hand, will shift the balance, particularly with regard to internal tablet applications. With most enterprises in the throes of Windows XP to Windows 7 migrations at the desktop, we expect that it will be several years before enterprises give much thought to a desktop migration to Windows 8. For tablet applications, however, Windows 8 brings a whole new ball game. Although the programming style for Windows 8 “Metro” apps is different than for traditional Windows applications, Windows 8 is designed to fit seamlessly into current enterprise environments, using the same applications development and systems management tools with which IT organizations are familar.

This gives savvy IT leaders — those who have followed our advice and “kept their ear to the ground” by maintaining close relationships with their business peers, and understanding the problems the business is facing — the opportunity to think creatively about how tablet devices (running Windows 8) could be used internally to drive business value. It is time for IT leaders to get out in front and lead, not just react to the BYOD clamor.

Please let us know if you would like to discuss these ideas with one of our Experts.