BYOD Roundup: The “BYOD for You” Book, Liability, and Shadow IT

A New Book: BYOD for You

byod for you cover

Most BYOD guides we’ve seen cover BYOD from management’s or the IT department’s point of view; BYOD for You is the first we’ve seen that covers it from the rank-and-file employee’s angle. Written by Daniel Lohrmann, who blogs at Government Technology and has a site at, this Kindle ebook is a quick read that helps you determine an organizations BYOD maturity level, secure your BYOD mobile device and maximize its benefits, and how to cope with the way personal mobile devices are handled where you work.

BYOD for You is an easy lunchtime read; it’s divided into eight chapters, most of them about a half-dozen pages long, which cover these topics:

  1. Categorizing your BYOD enivronment: Gold, Silver or Bronze?
  2. Your workplace’s BYOD program, or the lack thereof
  3. Security: How to safely use your mobile device at work and home
  4. MDM
  5. Privacy and other legal considerations
  6. Maximizing the financial benefits of BYOD
  7. Ethical dilemmas and proving you deserve your mobile device
  8. Building a personalized BYOD plan that outlives your device

Each of the chapters end with a section that provides suggestions on how to handle its topic depending on the BYOD maturity level of your organization. Lohrmann’s model for BYOD maturity has three levels, which are explained below:

  • Bronze: An organization operating at the Bronze BYOD level has employees who bring their own devices to work, but doesn’t have an official BYOD policy. It’s unclear about what happens when company information security policies and personal devices collide, if employees’ personal data will remain private, or if their work-related activities on personal devices will get them in trouble. Employees also bear all costs of using the device, even for work-related purposes. MDM is practically or completely non-existent.
  • Silver: In organizations operating at the Silver BYOD level, there is a basic BYOD policy that spells out how its data can be accessed, as well as issues of security and privacy, and there is tacit permission for employees to access their work email from their devices. Employees can choose between all-expenses-paid COPE devices or BYOD devices without any reimbursement for operating costs. MDM is limited; it’s often something basic, like what’s provided by Microsoft Exchange ActiveSync.
  • Gold: At the Gold level of BYOD, there’s a full BYOD policy, and employees are fully reimbursed for all device costs. All devices are under full MDM.

Even though it’s written for end users at a workplace, it’s a useful guide for managers who are new to the idea of BYOD and want to get a grasp of the major issues that can arise when employees bring their own devices to work. I expect that we’ll be using this in our consulting work and recommending it to our customers.

There’s a special deal if you buy it today (Wednesday, April 17, 2013): it’s selling at a dollar off — a mere CAD$3.03 at, and USD$2.99 at

BYOL: Bring Your Own Liabilities


Mobile technologies bring new capabilities, but new complications as well. The CIO article BYOL: Bring Your Own Liabilities points out that the dual nature of BYOD devices — owned by the employee, but used part of the time on behalf of the company (and possibly subsidized) — present some new potential legal issues, whether or not your organization has a formal BYOD program. The article lists a number of ways you can reduce the risk of legal exposure in your BYOD program; the article goes into more detail, and we’ve summarized the main points below:

  • Policy: The article says that a policy defining your organization’s BYOD program is most important element of any BYOD strategy, and we’re inclined to agree. Such a policy should clearly define how your BYOD program will operate, specify the risks and responsibilities of the organization, employees and third parties, and define acceptable technologies and acceptable use. Most of it shouldn’t have to address legal issues, but having such a policy will help reduce your legal exposure. (By the bye, we’re pretty good about crafting mobile device policies, and we even have a guidebook to help you build your own.)
  • Liability issues: Figure out whether your organization or your employees are liable in certain cases, such as: Who’s responsible for misplaced or stolen devices? Who’s responsible in the event of a malware attack? Who pays for support?
  • Licensing: Are the apps on mobile devices — both company- and employee-owned — properly licensed?
  • Insurance: Will your organization’s insurance policy cover devices that it doesn’t directly own or lease?
  • Data security: As the article says: “Two topics generally colour the legal framework in the context of data security; these are confidential information and litigation obligations, both of which are concerns for any mobility based system.”
  • Confidentiality: We take our mobile devices (especially our smartphones) everywhere, and sooner or later, they’ll get lost or stolen. You need to consider the implications of missing mobile devices, from the loss of your organization’s sensitive information, to inadvertent breaches of confidentiality agreements with other parties, to remote wipes, to the consequences of remotely wiping an employee’s personal data. Along with the issues that come with confidential or sensitive data on the device, there’s also the issue of such data off the device, stored with third-party cloud services like Dropbox.
  • Discovery obligations: Data stored on mobile devices used for work may be subject to electronic discovery, the pre-trial phase in litigation where each party can get evidence from the opposing party. You may need to take measures to keep work and personal data separate, keeping in mind that your organization can’t object to producing some information in the discovery process simply because it has some personal employee information mixed in.
  • Privacy: One reason to try to keep work and personal data separate is to preserve employee privacy, especially when backing up information. Ideally, you want to back up only the work-related information and store no personal employee information (such as their address book or photos) on your organization’s backup system.
  • Surveillance and tracking: The ability to remotely track a device is a useful thing to have when it’s lost or misplaced, but it can be a cause for concern about its use for tracking employees. The article recommends the use of a data surveillance policy that clearly spells out how devices will be tracked, and if your organization will record information stored or transmitted by the device.

BYOD and Shadow IT

the shadow strikes

From an earlier article:

Shadow IT sounds like some kind of future slang that [William] Gibson would’ve coined, but it’s an office term referring to the set of applications and systems that are used in organizations without that organization’s approval, and especially without the approval of the IT department. It’s usually the result of one or a handful of employees discovering an application, service or system that solves a problem in a way that seems more effective, expedient, and more free of red tape than if it were solved by IT. Shadow IT usually starts off as an ad hoc solution, but if it becomes popular within an organization, its use can become standard practice, even without the approval or oversight of the IT department.

When people talk about shadow IT, they usually talk about the security issues. Mike Foremen in Huffington Post UK writes about another equally important issue: the creation of data silos, where information vital to the business lives in places where it can’t be found.


My Easy-Peasy Bitcoin Mining HOWTO

bitcoin - the dream vs the reality

Over on my personal blog, The Adventures of Accordion Guy in the 21st Century, I’ve posted a layperson-friendly article titled How to Mine Bitcoins for Fun and (Probably Very Little) Profit. It provides a description of what Bitcoins are and how they’re mined that should be comprehensible by non-techies, some easy-peasy instructions for turning any old Windows machine into a Bitcoin mining rig, and a quick guide to figuring out how much (or how little) money you’ll make on your mining venture.


Ads for the Samsung Galaxy S4

samsung galaxy s4With the North American debut of Samsung’s new flagship phone — the Galaxy S4 — coming soon, the advertisements can’t be far off. Stefan Constantinescu has been continually searching YouTube for any Galaxy S4 promos and found some in Samsung’s official YouTube channel for the Netherlands; he links to them over at Android Beat, and I’ve posted them below.

Each of three videos he found focus on one Samsung-specific software feature:

  • Sound shot: a feature that lets you record the surrounding sounds as you take a photo, so you can do things like take a photo of a busy downtown square and include the sounds of the traffic and people.
  • S Translator: lets you speak one language into the Galaxy S4, hit a button, and have the S4 repeat what you said in another language. It reminds me of the idea behind the “Mandarax” in Kurt Vonnegut’s Galápagos.
  • Group Play: links together several S4s so that they play the same song, in sync. I’m not sure how useful this is, but I can see some potentially interesting uses for flash mobs or group activities.

There are a couple of notable things about these ads:

  • There’s no mention of or poking fun at the iPhone or its dedicated fanbase. Keep in mind that these ads are “international” ones; they may yet go with the iOS-bashing tack with the ads for North America.
  • These ads show people enjoying the Galaxy S4 user experience. Each ad basically says “Hey, look at this feature: here’s what it does, and here’s how people are enjoying it”. Rather than simply listing features or showing off specs (which are useful to most people), the ads tell a story.

Here are the ads:

Sound Shot

S Translator

Group Play

Meanwhile, Android Central has uploaded this ad to their YouTube channel. This one does a lot of ooh-ing and aah-ing over the hardware:

Galaxy S4 Teaser

this article also appears in mobilize the cts blog


Should You Use a QR Code?

should i get a qr code

Found via Matt McDougall.


Why I’m Not a Windows Phone Developer [Updated]

SharePoint: When 24GB and the Fastest i7 Won’t Cut It

For some people, there’s no thing as having too much hardware. I know a few guitar players who’d salivate at the chance to get their mitts on this beast:

12-neck guitar

12-necked guitar created by Yoshihiko Satoh.
Click the photo to see the full story.

It may be the same case if you’re a SharePoint developer. Here’s an excerpt from an article written by Sahil Malik titled Upped My Main Dev Machine, where a developer talks about what he did to speed up some painfully long build times (with some formatting and emphasis added by me):

Last Friday, I was busy compiling a big project in my consulting life. I realized, it takes a good 5-10 minutes for the project to compile and deploy.

scumbag sharepointOn my main desktop, I was pimping 24G of RAM and a Core i7 930 processor.

The problem wasn’t those 5-10 minutes, the problem was, I got distracted, started watching funny dog videos on youtube, and well – lost time, lost track of what I was doing. Quite unproductive.

So, I got in my car, drove to a local hardware store, and bought new computer parts. 3 hours later, I have my new rig running.

I now have a gigabyte x79 up4 motherboard, Corei7 3930K processor, and 64G of RAM.

I can understand needing that kind of setup for computationally intensive work — weather simulations, AI, protein folding, controlling the flight of SpaceX ships — but for compiling  Sharepoint applications? We’re not talking about multidimensional matrix math, Fourier transforms, or Watson-style artificial reasoning, but building the sort of applications that SharePoint was meant to host: web applications and sites, document sharing, blogs and forums, and list management.

Requiring such big iron to build relatively mundane applications is like requiring all the architecture, engineering and construction teams behind the Burj Khalifa in Dubai to renovate your kitchen.

elliott electronic computer

It shouldn’t be surprising that many people have started looking for alternatives:

box sharepoint billboard

Click the photo to see it at full size.

Why I Don’t Develop for Windows Phone

Since I was once a Microsoft developer evangelist specializing in Windows Phone and a designated Windows Phone Champ, I’m occasionally asked why I don’t do Windows Phone development anymore.

One of the reasons is quite simple: I can’t. I’d need new hardware. Even more so than SharePoint developer Sahil Malik. At worst, he has to wait ten minutes for each build. I can’t even do that.

Here’s my best Windows machine at the moment: a late 2008-era Dell Latitude E6500 with 8 gigs of RAM, with a Core 2 Duo P8700 running at 2.5 GHz. It’s hardly top-of-the-line, but when it was used as a developer demo machine at Microsoft, it had no problem building Windows desktop apps, web applications with ASP.NET MVC or Windows Phone 7 apps. Later, after it was given to me as a fabulous parting gift, it proved to be a fine machine for building PHP, Rails and CoffeeScript apps under both Windows and Ubuntu. Even though it’s not my main development machine, it still performs yeoman service at my home office.

dell latitude e6500

My other Windows machine is my living room entertainment/casual hacking box, a 2009-era HP IQ526 TouchSmart touchscreen all-in-one with 4 gigs of RAM, powered by a Core 2 Duo T6600 processor. I used a similar machine at Microsoft to demo Windows Phone 7 app and Android app development.

hp iq625

Both of these machines are powered by processors that don’t support SLAT — Second Level Address Translation. The current version of Windows’ Hyper-V virtual machine, on which the Windows Phone 8 emulator runs, requires SLAT. i3, i5 and i7 processors have SLAT, but not the older Core 2s. My Windows machines may not be new, but they do a fine job running 64-bit Windows 8, the current edition of Microsoft Office, Adobe CS6 applications and more. Oddly enough, I can develop Windows 8 desktop and tablet apps with them; I can even develop Android and BlackBerry apps. I just can’t use them to develop Windows Phone apps. And I’m not the only one in this boat.

Beside my HP Touchsmart is this 20″ iMac that’s even older — it’s from mid-2007 and sports a Core 2 Duo T7300 processor. I’ve maxed out its RAM beyond the advertised 4 gigs; it turns out that you can take it up to 6:

2007 imac

This machine came out almost six years ago. That’s around the same time as the original iPhone and three years before the iPad. In spite of its “age”, it runs the current version of MacOS (10.8, a.k.a. “Mountain Lion”) as well as Xcode and JetBrains’ AppCodesimultaneously (that’s AppCode 2 you’re seeing on the screen right now). Along with being a fine Rails, Django, and all-those-crazy-JS-frameworks dev machine, it does a fine job of building iOS apps for present-day devices, whether via Xcode, Xcode + AppCode, Appcelerator Titanium, RubyMotion or what-have-you. It’s also a nice Android development machine.

And Then There’s the Market

stop trying to make windows phone happen

If my hardware problem wasn’t a big enough barrier, there’s also Windows Phone’s standing in the market. Here’s a chart that was published yesterday in a Splat F article, Microsoft’s Mobile Comeback Isn’t Happening:

microsoft mobile comeback not happening

Click the graph to see it at full size.

In spite of the fact that Windows Phone is outselling the iPhone in Elbonia, there just isn’t enough demand, either in terms of quantity or quality. Windows RT’s prospects are even worse.

I’ve decided that the best mobile development self-education approach for me is: teach myself iOS development first, Android development eventually, perhaps Appcelerator, and barring any dramatic changes in circumstance, don’t bother with anything else. I’d love to learn how to develop for all the mobile platforms, but I just haven’t got the time.

Update: I added the graph from Splat F, which David Janes pointed me to. Thanks, David!


Finally, a Car for Pair Programmers!

pair programming car

Click to see the photo at full size.

Whether you’re an agile developer or a backseat driver, this vehicle’s got your name on it.


Programmers Being Dicks, and Other Related Tales [Updated]

annoyed picard

Sometimes, when I read stuff on the web, it makes me want to do this.

I’ve seen technology make some great leaps over the past three decades. As for some technologists, they’ve remained stuck in the stone age.

“She’s Only Here Because of Her Tits”

who are you to say she's not

Here’s the start of game developer Andy Moore’s most recent blog post:

Last night was the end of an amazing GDC trip. A handful of remaining friends and I made a journey out to JapanTown and we had an amazing meal. It was a great way to end the trip.

One of my friends, and a fellow game developer, was there for dinner.  Her trip to GDC was planned last-minute, thanks to someone obtaining her a (very expensive!) all-access pass.

When recounting this chain of events, a male game developer at the table said that she only got the GDC pass “because of her tits.”

The table largely responded with aghast looks and silence. It was brought up that perhaps her ticket was thanks to being an award-winning game developer.

The same male responded with the ever-classy “sure, award winning tits.”

Ah, the “fake geek girl” accusation, just in slightly different form. As this Atlantic article puts it, it’s not really about female duplicity, but male insecurity.

For even more jack-assery, read the post and check out the comments. Zoe, the female game developer who got the pass and was the target of the dickish remark, tells the story from her perspective, and another game developer named Phil — who at least in the beginning seems to have good intentions — effectively tells her to “man up”.

And we wonder why the industry is such a god-damned sausage party.

Programmers Being Dicks

programmers being dicks

Andy Moore’s story would fit very well in the tumblr of similar stories called Programmers Being Dicks. It’s been around for just over a year, and you get three guesses as to what it’s all about.

Navigating the Sausage Party

girl among boys

Shoreditch Works has a great collection of advice on how to navigate the male-skewed tech industry and tech conferences, and even some good advice for guys from Aanand Prasad, which I’ll repeat below:

No-one is without privilege, but as a man, you’ve been dealt a truckload. It’s difficult to acknowledge it without feeling ashamed or defensive, which is probably where that ridiculous idea of the “man-hating feminist” comes from. Just remember:

1. Your privilege isn’t something to be ashamed of– it’s something to be aware of. Being a man doesn’t make you a bad person – not giving a shit about it makes you a bad person.

2. Your privilege isn’t going to go away just because you’re aware of it: It’s always going to be there, clouding your perceptions and simplifying the world for you. Remain vigilant!

3. There are some things you should simply never do: Never tell a member of an oppressed group they’re not oppressed – you’ll do more harm than good, without fail.

4. Be careful not to hijack discussions: Men are taught to speak with authority even when they have none, even when others are more qualified to speak. Conversely, oppressed groups are taught to doubt their authority. Shut up and listen.

5. If you have any doubt in your mind as to whether to make a joke: don’t. You have nothing to gain. If you genuinely believe you can’t be funny without alienating people, you’re a desperately unimaginative person.

The Distress of the Privileged / “But I Was Okay With It!”


The topic of privilege — especially male privilege — often brings up indignation or eye-rolling from guys who’d otherwise seem to be upstanding people. The problem is that privilege is one of those things that you don’t notice when you’ve got it, even though it seems like it would be obvious if you did (“How can I be privileged? The mayor’s never given me the key to the city!”). Blogger Doug Muder does a great job of summarizing this feeling in The Distress of the Privileged. He uses a scene from the movie Pleasantville to make his point, hence the WIlliam H. Macy screencaps above.


Another worthwhile read is the last item in Cracked’s article, 5 Ways You’re Accidentally Making Everyone Hate You. All five ways, it turns out, end up being variations on the theme of power dynamics between people. The relevant item’s titled “But I Was Okay With It!”, and here are the key excerpts:

This will happen to you. You will be on one side of a conflict that does not feel like a conflict to you, because that is the conflict. Trust me, there’s a great chance you’ll be oblivious to it until it’s too late. Entire governments have fallen this way.

In many cases, they mean it honestly – “I’m not angry at anyone, I just want to leave things the way they are.Which incidentally involves me having all of the power.

Snow Crash and Sexism in Tech

snow crash cover

And finally, here’s the full text of an entry I made earlier in my personal blog, The Adventures of Accordion Guy in the 21st Century

It’s been over twenty years since Neal Stephenson’s “cyberpunk” novel Snow Crash was first published. A young Cory Doctorow, then working at the sci-fi bookstore Bakka Books, saw me in my engineering jacket from Crazy Go Nuts University and convinced me to buy it.

As is the tradition with the best science fiction, Snow Crash is is densely packed with all sorts of interesting ideas about present-day society, somewhat disguised in the wrappings of what was then the near future. Stephenson has a gift for illustrating them, and a number stand out in my mind even years later, such as how children’s pajamas of that near future could either be fireproof or non-carcinogenic (but not both!), or how every guy under 25 secretly believes that under the right circumstances, he could’ve been the biggest badass in the world.

I first read the book in late 1992, soon after it was published. It had been only a couple of years since the killing of fourteen women at Montreal’s École Polytechnique, a couple of months since Anita Hill’s testimony at Clarence Thomas’ confirmation hearings, and Naomi Wolf’s The Beauty Myth and Susan Faludi’s Backlash: The Undeclared War Against American Women were often-discussed topics on my university’s campus. All this, along with my own sense of social justice, is likely why of all the interesting ideas that Stephenson put into Snow Crash, the one that stands out most for me was how men in tech viewed women in tech. 

Here’s the excerpt, with some added formatting. Given what’s going on in the world of tech today (including the surprised reactions at the discovery that the person who runs the wildly popular I Fucking Love Science Facebook page is a woman), it’s still spot-on:

Her name is Juanita Marquez.

Hiro has known her ever since they were freshmen together at Berkeley, and they were in the same lab section in a freshman physics class. The first time he saw her, he formed an impression that did not change for many years: She was a dour, bookish, geeky type who dressed like she was interviewing for a job as an accountant at a funeral parlor. At the same time, she had a flamethrower tongue that she would turn on people at the oddest times, usually in some grandiose, earth-scorching retaliation for a slight or breach of etiquette that none of the other freshmen had even perceived.

It wasn’t until a number of years later, when they both wound up working at Black Sun Systems, Inc., that he put the other half of the equation together. At the time, both of them were working on avatars. He was working on bodies, she was working on faces.

She was the face department, because nobody thought that faces were all that important — they were just flesh-toned busts on top of the avatars. She was just in the process of proving them all desperately wrong. But at this phase, the all-male society of bit-heads that made up the power structure of Black Sun Systems said that the face problem was trivial and superficial.

It was, of course, nothing more than sexism,the especially virulent type espoused bymale techies who sincerely believe that they are too smart to be sexists.

Update: A Reader Responds, and Daddy Takes Him to School in the Car of Pain

zapp brannigan

Zapp Brannigan, the personification of Mosolotshane’s attitude.

In the comments, a socially developmentally-delayed reader named “Mosolotshane” replied:

Apparently, women are sensitive, delicate creatures who must be shielded from coarse language lest they abandon their dreams of becoming a software developer and seek the shelter of being a stay-at-home-mom.

Before I could reply, one of the other grown-ups, Reg Braithwaite, responded with a great essay, I am Obviously Pissed, on his site. You should read the whole thing, but here’s the meat of his response:

In the 1950s, men did whatever they wanted and women had to put up with it. They also lived according to a strict set of rules about propriety that involved wearing a suit to work, cutting their hair, and so on. And no, they couldn’t say whatever they liked. here were very strict rules about what kind of language was appropriate and what wasn’t, where you could use a word like “whore” and where you couldn’t.

Despite claims to the contrary, if you wore a tie to work you were not expected to make jokes about penises on the job. That was a blue-collar thing to do. Sexy pinups were acceptable at work, if you also wore a hard hat and/or got grease on any part of your clothing.

Now it’s 2013, and you and your kind are trying to have it both ways, you greedy fucks. You want to insult and belittle people just like they did in the 1950s, but you also want to be free to wear whatever you want and say whatever you want in the workplace and/or at conferences where people are working.

There is no free lunch, and I am here to be the adult in your stinking playpen and tell you that. Now, either you invent a time machine and go back to that halcyon time where everyone feared atomic death from the skies, or you embrace the fact that times have changed.

Well put, Reg. I salute you with a filet mignon on a flaming sword!

Thanks to my friend Peach Flambee for the Zapp Brannigan reference!