A familiar anti-pattern to anybody who knows anything about security is “security by obscurity”. The idea of security by obscurity is that you can rely on withholding details of how a security protocol operates to increase the security of the protocol.
The simplest example might be if you store passwords “encrypted” but you don’t tell anybody that you are only decrementing each letter by one – so if your password is “IBM” it becomes “HAL” when “encrypted”. This isn’t a true, nor secure encryption; and keeping the details of the encryption secret don’t make it more secure.
This brings me to the “bring your own device” (BYOD) trend. This is basically the idea that employees, rather than using company issued work stations, could simply bring their own computing device and access corporate systems from that.
Too many people are focusing on the risks of BYOD rather than the opportunities. Do we have to code for multiple devices? What about security on their device? What happens when they resign? What right does the company have to the personal property?
But the reality is this is just like security by obscurity. We have been living in a world deluded into thinking that things would be simpler, and more efficient, if we all conformed. If only everybody had the same desktop environment, and we didn’t let anybody change anything without calling (and being told “no”) by the IT help desk.
We were living with the illusion of what I call “simplicity by conformity”. We choose an arbitrary object – our work stations – and decided everything would be better if they were all the same. But this simplification never happened. People had to find work-arounds to the rules that tried to create this conformity. And they weren’t finding work arounds for the fun of it. They were finding work arounds in order to try and simplify areas that actually mattered: servicing customers, working efficiently, collaborating with their teams.
So I see BYOD as the end of “simplicity by conformity”. By taking control of the device out of the equation we are forced to create rules that simplify things that actually matter. Real simplicity.
One last point – people working on their own device expect it to operate like their own device. If the attention economy has taught us anything it’s that we’ll shift our attention to things that are more entertaining – or those that have greater usability. Imagine how difficult it is to keep yourself from distractions as you work on your computer at work – and then magnify that by each distraction you’ll find on your own device.
The challenge of distraction is another hidden false assurance. We can no longer pretend that boring, meaningless work will be done efficiently because there is nothing else to do. BYOD will reignite the need to create engaging work. Conformity by engagement, perhaps? Perhaps not. But engagement around things that actually mater.