Enterprise Security Trends Blog | HP Blogs
Keep up with the latest cyber, consumerisation, collaboration and cloud enterprise security trends from the team of HP information security professionals.

Securely managing the consumerization of IT

By Simon Arnell, Security Analytics Service Director


In many conversations we’re having with clients the topic of consumerization is discussed, to illustrate how quickly this area has evolved, let’s look back a few years. It wasn’t that long ago that the concept of the consumerization of IT was a theoretical topic, first being discussed by the Leading Edge Forum in 2004. Even then, the authors of that paper recognized the potential business benefits rather than the risks. The paper concluded:


“The ‘consumerization’ of information technology is a powerful trend that promises many significant long-term business consequences, including radically lower costs, greatly improved functionality and successive generations of users who are ever more technology-savvy.”




The consumerization of IT has come a long way since that first discussion, emerging as one of the most significant trends to affect IT in the past 10 years. It’s no longer a question of if enterprises will choose consumerization, it’s a question of how CIOs will manage and secure IT consumerization and Bring Your Own Device (BYOD) as part of their overall business strategy.


Some early lessons-learned about the consumerization of IT include:

  1. The impact of consumerization is unpredictable and varies across types of enterprise and sector.
  2. BYOD doesn’t always guarantee cost savings in terms of hardware purchases; employees may be reluctant to replace a broken device if they have to pay for it again.
  3. Public sector organizations may resist consumerization for fear of accusations of misuse of public funds and high sensitivity to security issues.
  4. No one can be sure that data on a ‘controlled’ consumer device is ever 100% safe.
  5. Consumerization is about more than hardware devices as personal cloud computing and social media dominate consumer behavior.
  6. As far as the enterprise is concerned, we are all consumers now.

A recent paper from HP titled “A Secure Approach to Consumerization discusses taking a risk-based approach to IT consumerization, including 6 points to consider when assessing the ACTUAL risk of employees using consumer devices:

  1. Underlying email and data services -- can they be securely managed in a device-agnostic infrastructure?
  2. Can Web and cloud services support a device-agnostic approach?
  3. Can ownership of consumer devices serve as a corporate asset?
  4. Are users prepared to accept responsibility for ownership of personal device?
  5. Will users accept the installation of agents on the device that protects corporate data and email?
  6. How do you manage ‘rogue’ devices?

Another HP whitepaper titled “Protecting Data and enabling the mobile enterprise provides a summary of current mobility drivers, trends, risks and concerns for large enterprises including a 5-step CIO guide to a creating mobile security plan.


What steps are you taking to realize the benefits of consumerization while maintaining a secure enterprise environment? I’d love to hear your approach, as well as what’s working for your enterprise and what’s not?


To learn more about the HP’s risk-based approach to the consumerization of IT, check out these resources:



TSchreider | ‎09-28-2012 03:45 PM

I have found within my customer set that consumerization is more a buzzword than an actuality.  BYOD is fine as long as its the device IT has pre-authorized, true BOYD is likely never to happen for the vast majority of clients.  BYOD has however, raised the national debate about making IT more open and useable for its constituency.  And, its working!

Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.