BYOD: Can everyone bring toys to the office?

Back to Hints & Tips
Banner image

“BYOD” denotes “Bring Your Own Device”; whereby employees bring their own home-purchased technology into work. It’s a phenomenon that’s here to stay. Jessica Keyes, Ph.D. is president of high-tech management consultancy, New Art Technologies, Inc., and an Honorary Lecturer at the University of Liverpool. She says, “Technical wizardry is no longer purely the domain of the IT department. Geeks are now everywhere. Many of them have grown grow up with computers from birth. These workers want to make their own technology choices, whether they are on the ‘approved’ list or not, and whether the company pays for it or not.”

This is, surely, a win for your business. Employees pay for their own equipment, and pay to maintain it, too. It’s also usually up to current specifications: better than you might be able to afford; and likely full of current software and apps, too. Plus, your team are happier, because they get to use kit with which they’re already comfortable. There’s no need for training or familiarisation; indeed most users of consumer IT won’t even have bothered to read the manual. It’s a world of turnkey computing.

Keyes adds that the comfort factor can directly lead to productivity gains: “It has even been suggested that employees will work longer hours because they will be able to interact with their systems, using their tools of choice, at any time of day or night.”

So, what’s not to love? Well, imagine if you ran a taxi firm, and any driver could turn up with any old jalopy and start ferrying passengers about. This is a good analogy for the sort of challenges associated with unregulated BYOD. Here are just some of the considerations, as outlined by Cesare Garlati, Co-Chair of the Cloud Security Alliance Mobile Working Group:

  • Getting everything to work together. When a business could dictate its technology, it was always consistent. Homogenous technology is cheaper to buy, maintain and connect. But with everyone connecting different smartphones, laptops, tablets and even home computers to the company network, it makes managing them – and the many different applications they may be running - very complicated.
  • Controlling security. Whether you have an IT department (as large companies do), an IT contractor (as midsize companies do) or you try to juggle technology for yourself (as small businesses do), BYOD represents a security nightmare. You can’t completely prevent your employees from accidentally uploading nasties like viruses or spy-software onto their machines; or visiting dodgy websites. Garlati adds, “Plus, the technology and applications are both consumer-grade, not enterprise grade; and will need third party security products which previously would have been provided by the IT team”. As these devices are mobile, that security regime needs to be delivered over the air, too. A range of new services like Microsoft’s Windows Intune deliver systems management from the Cloud, and are evolving to include mobile device security regimes. It’s not a moment too soon: as Keyes notes, “McAfee, the security company, says that over 4% of smartphones are lost or stolen each year. Each unsecured stolen or lost phone opens the organization up to the chance of a breach of corporate systems and/or data.”
  • Providing support. If you do have a support contractor or in-house function, the cost of trying to solve problems on users’ home machines (which might even be their problem, not yours…) can easily outweigh all the cost savings derived from having them use their own equipment.
  • These, however, pale into insignificance next to the operational and legal challenges which could be presented by the lack of an Acceptable Use Policy (AUP) which accounts at least in some way for BYOD. If you don’t have one, BYOD should be your cue for action. That said, you’re in good company: Garlati says that, having conducted over two years of extensive research in large organisations, less than 10% of businesses had BYOD-specific language in their Acceptable Use policy, leaving at least 80% exposed to employee litigation. See ‘Design your BYOD Acceptable Use Policy’ for more details.

So, should we panic and close the doors to outside kit? Keyes says no: “Despite all the brouhaha over BYOD, the world has not radically changed.” The key to successful BYOD is a comprehensive policy, plus some good technology. Says Garlati, “Management of the device needs to be non-touch, somehow, because either you don’t have an IT team, or if you do, they won’t be able to cope anyway. So the Mobile Device Management layer is crucial.” Luckily, says Keyes, “traditional asset management has been improved just for this purpose. MDM functionality typically includes over-the-air distribution of applications, data and configuration settings for all types of mobile devices, company-owned or BYOD.”

Working never looked so good. Surface lets you connect, collaborate, and create in style.