September 19, 2014 By Rick M Robinson 2 min read

Enterprise information technology (IT) security specialists might have quietly jumped for joy when a California court ruled that companies would have to reimburse employees for the work-related use of personal cell phones. Some observers suggested that the ruling would put the brakes on the bring your own device (BYOD) trend that has upended traditional enterprise network security measures.

But the forces driving the BYOD trend are probably too powerful to be upended by legal complications. In particular, employees themselves are the great drivers of BYOD, choosing to use their personal devices for work tasks, even if a company-provided alternative is available. This means that, one way or another, enterprise IT security will need to take the trend into account.

California Court Hands Down Ruling on Bring Your Own Device

As Tom Kaneshige reports at, the California Court of Appeals ruled in mid-August that companies must reimburse employees for the required work use of their personal devices. Ruling in Cochran v. Schwan’s Home Service, the court stated, “We hold that when employees must use their personal cell phones for work-related calls, Labor Code Section 2802 requires the employer to reimburse them.”

The court ruling does have the potential to substantially derail BYOD; because it was made in California, where the tech industry is especially prominent, its impact will surely be extensive. It could also give firms justification for limiting BYOD in order to protect themselves from reimbursement claims.

Yet BYOD has not been driven by firms requiring it of employees in order to save on company-issued mobile devices. Far more often, the pressure for BYOD comes from the employees themselves, who prefer the convenience of using their personal devices.

Rethinking Network Security in the Mobility and Cloud Era

All of this means that the BYOD challenge to enterprise IT security is not likely to go away on its own. Executives and security experts alike will have to come to grips with it.

Moreover, according to Erik van Ommeren, Martin Borrett and Marinus Kuivenhoven in their new e-book, “Staying Ahead in the Cyber Security Game,” the BYOD trend is expanding in the cloud era to become “bring-your-own-IT-capabilities,” or BYO-IT. Employees cannot only log on with their personal devices, but they can use those devices to access enterprise-strength cloud resources, such as complete customer relationship management solutions.

The traditional model of IT security was built primarily around endpoint protection, and endpoint security remains important. However, security must now embrace the entire technology stack; it must be centered on data and context. For each attempt by a user to access data, the system must ask, “Can the user, at this time of day, at this location, through this device, for this purpose have access to this functionality using this specific data?” according to the e-book.

This approach suggests layers of security. Some sorts of data are readily available to users, while other uses of data may be highly restricted. For many enterprises, “choose-your-own-device” (from a menu of allowed options) may be as far as it is now practical to go.

Download the free e-book: Staying Ahead of the Cyber Security Game

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today