My friend Rich Mogull (ex-Gartner) recently posted an article in Dark Reading  called “iPhone Smackdown: Security v. Consumerization” that nicely summarizes the security problems that will arrive when employees being powerful consumer devices (like the iPhone) to work. His basic point is, “get over it; this stuff is coming whether you like it or not.” He then recommends three strategies IT departments should take to deal with it.Rich’s point is sound. It echoes what we at Yankee have been saying for over a year: consumer technologies are transforming IT. This is as inevitable as gravity, and the underlying reason is simple: the consumer technology experience is better than what corporate IT can offer. And the gap will keep getting wider. Consider that corporate capital depreciation cycles are three years. Consumer electronics product cycles have now compressed to about 6 months, one year max. That means, by definition, that the average employee is going to “feel left behind” two-thirds of the time. The same perceptual gap is present in software, too. Why buy (and capitalize) an expensive SPSS license when Swivel works does 90% of what you want? Or implement Remedy when GetSatisfaction.com is good enough? And of course, why tote around a clunky corporate Treo when you can smuggle in an iPhone that is half the thickness, lighter, nicer looking and a whole lot more fun?The key to dealing with rampant consumerization is to move to what we call Zen IT: an architectural approach that puts the right amount of scaffolding in place to allow employees to support themselves, regardless of what kind of shiny object they bring to work. With respect to security, Zen IT demands that enterprises master five key competencies:

1. Manage assets regardless of ownership
2. Make user identities portable
3. Control access to network resources
4. Control content as it moves
5. Secure customer-facing webware

Yankee Group described these strategies in detail in the April 2007 (!) presentation, Securing the Anywhere Enterprise (available to Link Research subscribers). I’d also point readers to colleague Josh Holbrook’s excellent report, Zen and the Art of Rogue Employee Management, to which Sheryl Kingstone, Zeus Kerravalla and I contributed.