Once upon a time, business and personal lives were separate.
You left your work email at work, because there was no other way to access it. You left your phone at work, because you couldn’t have taken it with you. Checking voice mail from home was just about impossible. Leaving the office simply meant leaving everything at the office.
Now, the flexibility of technology means these worlds are more entwined than ever. However developers aren’t necessarily keeping on top of the changes people need to do their jobs – and do them well.
Chaos, or at least embarrassment, reigns when employees mix up their personal and business lives. We’ve all seen what happens when an employee tweets something from the corporate account on their phone instead of the more appropriate personal account.
Much of the time it’s nothing serious. But it presents a problem. What happens when business and personal tools combine, and employees may have access to potentially critical pieces of data from the programs they use everyday?
While some businesses may opt to cut out this type of combination entirely, new additions to existing programs suggest there is a hunger for this type of practice. Apps including Evernote, Any.Do and Dropbox have integrated personal and business accounts, or at least allow access to each one from a single interface.
Employees are increasingly demanding access to this personal tech at work to save them time. How should businesses respond?
The inadvertent tweet
Several businesses have found out the hard way what it’s like to have an employee share some piece of information through personal accounts.
Most of the time, it’s nothing too horrible. Like an incident back in 2011 when an employee of the American Red Cross sent out a tweet describing a night out on the town using the organisation’s official Twitter account, rather than her own. Once the mistake was realised, a prompt apology was sent out.
But it’s not just rogue tweets which show up when business and personal tools combine. Access to email on a smartphone is a simple enough example of where issues can – and have – appeared. It doesn’t take much of a mistake to accidentally reply to a message using the wrong account. And it doesn’t take much to see how that message could include confidential information.
This isn’t new, either. CTOs have been dealing with this in similar ways. The bring-your-own-device (BYOD) trend has caused a huge amount of uproar for those protecting the security of corporate offices. When viruses and malicious software can be spread through something as simple as a USB drive, it pays to be cautious.
This isn’t hypothetical. Recently the International Space Station was hit with a computer virus from a USB stick carried about by an astronaut. Security companies regularly complain this type of scenario happens in offices all the time. An employee unknowingly brings in an unsecured USB derive, and a whole network is affected.
When it comes to using personal and enterprise accounts together, policies are fine but they often aren’t enough. It’s one thing to point out where the user can switch accounts, but another entirely for opening suspicious messages using a personal email account on a corporate network. Education and training, then, is essential for the modern office worker when combining personal and corporate technology. Being able to spot a phishing email in a crowded inbox will become almost as trivial as sending an email.
The developer dilemma
Employers then have their own responsibility, but what of developers? How should software makers identify their focus? Products solely designed for either the individual consumer or enterprise market may have their value diluted by catering for both groups.
Additionally, the development effort associated with catering for different audiences is huge. Earlier this month, Dropbox announce a new enterprise product which could be integrated with personal accounts as well. The company wanted to brand the resulting feature as not two products, but one – Dropbox for business is the same as Dropbox for personal use. By its own account, the endeavour was massive. Chief Executive Drew Houston said the program had been “rebuilt” from the ground up.
Evernote recently embarked on a similar task, adding business functionality. Apps like Any.do and even calendar apps have had this function for quite a while, too, allowing users to add calendars of any kind. However, the risk associated with these types of apps differs wildly – it’s hard to imagine someone causing widesparead corporate embarrassment by making a calendar appointment for the wrong time.
On the other hand, mixing and matching corporate and personal Dropbox accounts could be a recipe for disaster if staff aren’t trained properly. Even a mistake could ensure confidential information is taken out of the company and into someone else’s computer.
The problem which never goes away
The growing combination of personal and enterprise apps means this is a problem which will never quite go away. It can only be managed and maintained.
For developers, the increasing amount of flexibility means they need to consider whether creating programs for only personal or enterprise accounts is viable. Making a decision too late means, like Dropbox, they may have to start over at an undesirable point.
For businesses, this is a problem that will never go away. Employees need to undergo education and practical training to make sure they know how to keep their personal and enterprise data separated.
With employees becoming increasingly comfortable bringing their own technology and accessing personal applications while in office, both developers and businesses need to address the problem sooner, rather than later.