BYOD on corporate terms

The bring-your-own-device trend isn't going anywhere and organisations better figure out quickly how they are going to support it without sacrificing their peace of mind.

The topic of bring-/buy-your-own-device (BYOD) is increasingly being discussed within business circles and a recent poll conducted by Avenade shows that more than 80 per cent of the 605 C-level executives surveyed  are using personal technology for business purposes. Meanwhile, a survey by Absolute Software, a company specialising in the tracking, management, and recovery of stolen computers, maintains that 64 per cent of IT managers think it is too risky to integrate personal devices into the business network. The contention highlighted by these figures makes for an interesting conversation about who makes and who enforces the organisation’s IT rules and policies, but the real question is how are they going to support (or fight) this growing trend.

Budget constraints are creating an IT ‘investment gap’

From an IT perspective, most employees are content to use whatever PC or laptop they were given by the IT department to do their jobs. However, an increasing percentage of tech-savvy users are calling into question the suitability of the traditional PC or laptop for their roles. Despite Microsoft’s decade-long tinkering with slates, tablet computers, and stylus devices, the evolution of the corporate Windows laptop appears to have stalled in recent years, and the arrival of the iPad has exposed a new modality that we all knew existed but that no mainstream technology company had been able to successfully exploit – until now. Flat or decreasing IT budgets have undoubtedly resulted in a technology investment gap, and it is this gap that a growing band of end users are willing to fill using their own devices – if only the IT department would allow it.

The drive to BYOD

A substantial percentage of corporate computers are still running Windows XP, and although Microsoft and its partners in the IT security industry have worked hard to address the innate vulnerabilities of this operating system, the IT department has been left with little choice but to lock down desktops to prevent malware infestations. With access to USB ports blocked and the ability to install useful apps revoked, end users are starting to use their personal devices to get things done.

Consumer-centric file synchronization tools, document collaboration services, and social networking sites are increasingly being used for business purposes. This suggests that the traditional enterprise collaboration market is not serving the needs of business users particularly well. However, concerns over data leakage and employee time wasting have led to many organisations blocking access to these websites. Frustrated by this, employees are once again turning to their smartphone or tablet devices to be collaborative and productive anytime, anywhere.

All employees are consumers

The marketing of consumer-centric, high-tech equipment, software, and services has grown steadily in the last five years, and the “millennial” generation is now as tech conscious as it is fashion conscious. The eagerness of young professionals to stay connected, participate, and make an impression has helped fuel the sale of smartphones and now tablets.

The middle managers above them, mindful of being seen to be “moving with the times,” have also embraced these more easy-to-use devices. With consumer demand primed and a glimpse of business potential in view, business leaders now have to consider whether they are to ride or break the BYOD wave, the size of which could be of tsunami proportions. We at Ovum don’t believe there is currently any hard evidence to support the argument of a true cost benefit, but there may well be an untapped business benefit or opportunity.

Managing the “dual personality” of devices

Accessing work email via a personal device is how most organisations and their employees experience BYOD today, but the fact that most IT managers feel it is too risky to integrate personal devices into the corporate network should be of concern to CEOs and employees. The ability to perform a “remote device wipe” operation on a mobile device means organisations have some control over intellectual property and business-confidential information contained in email messages.However, what if a sensitive file attachment, such as a spreadsheet or company report, is detached from the email and stored on a device that is being backed up to the cloud?

Most employees using a smartphone to access work email will have agreed to an IT department-initiated “device wipe” in the event of the device being lost or stolen. However, what if that employer becomes an ex-employer and decides to send a remote wipe command to your personal device and it is not being backed up in any way? You now have a factory default-condition device, and those photos you took are lost. Managing the “dual personality” of devices operating under a BYOD policy presents some real challenges, and although it is still early days, we are seeing a growing range of solutions targeting this area.

The BYOD trend is not a fad

Any business thinking about rolling out a BYOD scheme should develop a policy that takes the following into account: specific data security requirements, employee demand, which devices enhance productivity and value, and which devices best suit the tasks at hand. Any policy needs to have buy-in from employees; if their personal devices are liable to be accessed remotely, wiped, or requisitioned by the company, they need to understand the terms and have given consent. The BYOD trend is not a fad; it is set to continue, at least in the medium term. Employees will want to bring in new devices regularly, so CIOs need to stay up to date on consumer product launches and closely monitor what is being brought onto the corporate network.

Richard Edwards is a principal analyst at Ovum.