Melbourne, 9 April 2010 – More and more of us would like to use our personal computer at work, but how can companies allow that while keeping their internal networks secure? AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, shares its thoughts on this.
Did You Know?
- End users, not the IT department, will be responsible for 50 percent of business IT procurement in 2010
- Virtualisation specialist Citrix has a “Bring Your Own Computer” program which saves the company money
- One-third of the new generation of workers want to choose their hardware and applications
Why Traditional Anti-Malware Solutions Are No Longer Enough
Given the P in PC stands for ‘Personal’, it’s not surprising that many consumers have a close relationship with their computer in a way that isn’t traditionally associated with other appliances. Very few heated conversations over coffee centre around one brand of one washing machine being cooler than another. Conversely, put a Mac and PC fan in close proximity, and things will eventually get ugly.
This emotional bond to personal technology – which also extends to mobile phones, MP3 players and notebook computers – means businesses have increasingly had to adjust to requests from staff to use their own technology at work.
According to research by technology analyst group Gartner, by 2010, end users, not the IT department, will be responsible for 50 percent of business IT procurement decisions. Management consultants Accenture focused their research on a group of young workers it calls “Millennials” and found around one-third of this new generation of workers not only wanted to use the computer of their choice at work, but also wanted control of the applications they use too.
“The message from Millennials is clear: to lure them into the workplace prospective employers must provide state-of-the-art technologies,” said Gary Curtis, managing director of Accenture Technology Consulting. “And if their employers don’t support their preferred technologies, Millennials will acquire and use them anyway.”
Businesses are reacting to the trend towards personal technology at work in a variety of ways. For the more traditional firms, the idea of giving staff carte blanche to bring their own technology to work is totally unacceptable. Allowing an employee to bring his or her sticker-festooned game-spec laptop to work is tantamount to a written invitation to stop working and indulge in personal surfing during business hours. More progressive companies realise that allowing personal computers in the office is just another step in the blurring lines between work and home.
However, while some companies might want to reduce the restrictions on consumer technology at work, there are issues that go beyond cultural concerns – namely IT security. The requirement to standardise technology across a company has some financial benefits in terms of volume buying, but studies by some companies have shown that giving staff a stipend to buy their own device and effectively support it, can result in a lower cost than realising the savings from large scale procurement and paying IT support staff to maintain the devices.
Instead of focusing on saving cash, some companies insist on a homogeneous approach to PC procurement across the business, as it is perceived to be the easiest way to ensure that PCs and mobile phones can be secured effectively. The more standard the hardware, the more easily it can be monitored, patched and updated centrally.
The emergence of so-called virtualisation technology however, offers a potential solution to the problem of allowing staff to use their own technology without compromising the security of the company’s network and data. Traditionally, desktop computers have only been capable of running one operating system at a time, but with virtualisation, they can run multiple instances (virtual machines) of the operating system on the same piece of hardware.
Analysts like Gartner advise companies to use this virtual machine (VM) approach to effectively create a safe compartment within an employee’s personal computer, or even mobile phone, so that any interaction with the company’s network is limited to that safe-zone. Instead of loading company applications onto their home machine – and creating licensing issues – staff can access a secure and virtualised set of applications held on the company’s servers. This also prevents users from infecting the company network with any malware that might be on their machine, and from copying and storing sensitive data outside the firewall.
Gartner believes that there are other strong motivations for organisations to consider employee-owned notebook programs based on a locked and well-managed VM approach: “They provide a mechanism for ‘containing’ the operational environment of existing rogue users. This category usually consists of executives and key knowledge workers, whose personal influence is sufficient to be able to flout corporate policy (with exceptions permitted on the basis of trust).”
Businesses that are already using a virtualised approach to managing employee-owned devices include Citrix, which launched a “Bring Your Own Computer” program in 2007. This plan makes use of the company’s own virtualisation technology to allow staff to use their own hardware at work. Employees install software called the Citrix Receiver onto their computer, and are then able to access corporate applications and data securely.
The increasing adoption of virtualisation for desktop machines means that more and more companies may be able to cut the ties between hardware and software and allow users to bring their own technology to work. However, as technology becomes more prevalent, it unfortunately becomes a greater target for hackers and cyber criminals. As you can imagine, the personal connection between computers and their users is unlikely to diminish anytime soon, so as the bad guys find the chinks on the virtualisation approach, the security community will strive to evolve fresh ways to protect the devices we need and love.
Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said, “This kind of thing was seen as sheer madness by IT departments a few years ago as they focused on standardising everything. But now more applications used by staff at work and home are available in a web form, such as e-mail. The trend toward cloud computing means it will be quite difficult to stop the blurring between work and home life from happening.
“Companies need to embrace this change and begin to address the governance challenges so as to minimise security risks,” Borrett continued. “They should encourage their staff to use a comprehensive security solution on their computer, like AVG Internet Security, and include it as part of their remuneration package.”
About AVG (AU/NZ) Pty Ltd — www.avg.com.au
Based in Melbourne, AVG (AU/NZ) Pty Ltd distributes the AVG range of Anti-Virus and Internet Security products in Australia, New Zealand and the South Pacific. AVG software solutions provide complete real-time protection against the malware, viruses, spam, spyware, adware, worms, Trojans, phishing and exploits used by cyber-criminals, hackers, scammers and identity thieves. AVG protects everything important and personal inside computers — documents, account details and passwords, music, photos and more — all while allowing users to work, bank, shop and play games online in safety. AVG provides outstanding technical solutions and exceptional value for consumers, small to medium business and enterprise clients. AVG delivers always-on, always up-to-date protection across desktop, and notebook PCs, plus file and e-mail servers in the home and at work in SMBs, corporations, government agencies and educational institutions.
AVG products actively protect over 110 million users worldwide, including more than 4.6 million users in Australia and New Zealand.
AVG (AU/NZ) has more than 3000 resellers across Australia, New Zealand and the South Pacific.