95% of US leaders said yes to BOYD
BYOD, or bring your own device, is a policy in which companies allow employees to use their personal mobile devices (laptop, smartphone, tablet, etc.) in a work environment to access company resources such as email, file servers, databases, networks, etc. Though the method has seen a trend of rising popularity (check 2012’s IBSG Horizons Study of 600 US IT and business leaders in which 95% of those polled said their organizations support BYOD in some capacity) it offers a number of potential advantages and disadvantages to prospective users.
While BYOD does allow for (potential) increases in cost efficiency, productivity, and mobility, it is not without flaws. For example, BYOD can potentially lead to increased costs (due to a variety of devices), lower productivity, and greater security risk. While adopting this method is ultimately up to the user, it is important to consider all the possibilities the method allots for. To help better weigh the options, we’ve compiled a simple pros and cons list.
Cost Efficiency: Though the BYOD model may require an initial upfront investment (to create infrastructure), it is much more cost efficient in the long run. By adopting a BYOD policy, businesses shift the cost of hardware, voice and data services, and other services towards the user. In doing this, the business is able to cut expenditures on a monthly basis. While businesses no longer have to pay the charges associated with service and hardware (procurement, maintaining, and upgrading), it becomes the employee’s responsibility. Though this may seem harrowing, many employees are happy to foot the bill as they can use the technology they are most comfortable with. The Good Technology State of BYOD Report states, “50 percent of companies with BYOD models are requiring employees to cover all costs—and they are happy to do so.” In addition to cut service and hardware costs, the BYOD method diminishes IT support costs as well. Aside from the BYOD model, there is the Stipend model in which companies provide an allotted amount of money for users to select and purchase their own device (which can be used for personal and professional activities).
Worker Satisfaction: As mentioned above in the Good Technology State of BYOD Report, many workers are happy to pay for their own services and hardware as they are able to use the hardware they prefer. BYOD optimizes this preference and eliminates the stress of having to learn a completely new and different operating system/device. In doing so, the method allots for greater satisfaction amongst workers. According to the “Evolving Workforce Research” study, 60% of employees believe work would be more enjoyable if they were able to provide input into the technology used in the workplace, and 60% also felt they would be more productive with better technology and devices. BYOD adoption can enable greater satisfaction as it provides a more flexible work environment, which gives employees the freedom to work both in and out of the office from their devices. Often times, employees will feel a greater sense of trust within companies that allow for BYOD. This in turn leads to a healthier work environment, as well as a boost in loyalty and morale.
Improved Efficiency and Productivity: As worker satisfaction increases so does overall efficiency and productivity. In adopting BYOD, employees are able to use whatever devices they are most comfortable and familiar with. As users know how to navigate devices, they can quickly perform tasks that may have taken longer on a standardized device. For example, the 2012 Asia-Pacific “New Way of Work Study” commissioned by VMware and conducted by Acorn Marketing & Research Consultants, found that across 10 countries “64% of employees in multinational corporations (MNCs) across the region said their efficiency had improved thanks to the use of personal devices to complete work tasks.” Additionally, 63% of the workers polled also said that they had actively sought out further web applications to boost their own productivity. Aside from comfortablity, workers are also able to better optimize time (with BYOD). “Productivity increases when people know they have the freedom to fit things in when they need to,” states Denise Deveau of the Financial Post.
Additionally, BYOD adoption can make a company more appealing to prospective professionals. According to Cisco IBSG, the average number of connected devices per knowledge worker is projected to hit 3.3 by 2014. With this number it’s easy to see how quickly the method is spreading. As it continues to spread, it allows businesses (that adopt it) to appear as forward thinking, which in turn attracts more attention and enables more progressive growth.
Greater Mobility: As employees use their own devices, they can move with them more easily (as they are their own property). BYOD, along with Remote Desktop Connection allows for office connection anywhere and anytime. An employee can access the company’s network from their own device through the Remote Desktop Connection. This in turn allows employees to access company information and applications at any point and place. Though there are security risks in allowing this, there are also a number of precautions that can be taken.
Security: IT professionals have a complicated relationship with BYOD adoption. The IT staff benefits from BYOD in that there is a simplified infrastructure, lower end-user device management, and less troubleshooting and support needed; however, BYOD also challenges IT professionals in security. As mobility is increased through the usage of Smartphones and laptops, data moves in and out of the company much more easily. As a result, security areas such as access control, policy enforcement, and the security of confidential data on users’ devices are open to much greater risks. Additionally, other risks exist as well, including: lost devices, personal usage, multiple device types and operating systems, modified devices, portal usage, social media access, applications, and lack of control over data.
While security breaches can be extremely harmful, the fear of security breach can hinder the productivity the model allows for. According to the 2012 Blue Coat Mobility Study, out of 350 respondents, 83% allow employees access to company email and 56% allow instant messaging on personal devices; however, only fractions open other services to mobile devices that are not corporately owned. “Organizations are clearly uncertain about mobile malware and employee acceptance of the IT organization placing security controls on employees’ personally owned devices, but that also means those organizations are not fully realizing the business productivity potential of mobility.“ states Timothy Chiu, director of product marketing at Blue Coat.
Though some devices offer extensive security solutions, others may not. This leads to greater network vulnerability as security is not evenly distributed amongst devices connected to the network. In order to combat this, there are some companies and applications that offer solutions such as mobile app controls to better ensure tight security measures. One company that does such is Blue Coat. Blue Coat offers WebFilters, which analyze web pages or URLS and assign them to one (or more) than 94 pre-defined categories. Also application policies allow companies to control the way users interact with web and mobile applications. Additionally, Blue Coat allows companies to take information from the WebFilter databases (for example App name, app operations, and app category) to identify apps and operations and create policy for end-users, groups, or the entire organization.
IT Control: As stated above, BYOD adoption does not require as strong of an IT presence; however, this lack of presence can lead to a loss or lack of control over the IT hardware and how it is being used. Company supplied devices typically come with acceptable usage policies and company security, which are maintained and updated by the IT staff; however BYOD does not offer this level of involvement. Instead, companies must come to implement their own user policies. “Practices will need to be put into place and there will be a need for transparency in respect to IT Decisions. Or the consumerisation of IT could back-fire,” states Fergus Murphy, marketing director, client solution, Dell Europe. In doing this, however, companies may have a harder time dictating and enforcing acceptable usage policy for devices that belong to the employee. Also, even If policies are implemented, the owner is likely to find their way around it as they are more comfortable with the system.
Compliance and Ownership of Data: Businesses that fall under regulatory scrutiny of agencies such as PCI DSS, HIPAA, or GLBA must retain certain requirements in regards to information and data security. Companies need to enforce these rules even when adopting BYOD method. If an employee is terminated, or leaves on his or her own accord, retrieving the data on their device may be tricky. The company will want its data at the end of employment; therefore, rules and regulations that dictate data ownership must be put into place. Some compliance strategies that can be implemented to better combat potentially harmful situations are: acceptable uses policies, security policies (passwords/encryption), social media policies, wireless access policies, remote access policies, remote working policies, employee code of conduct, Incident response policies, and privacy policies. Additionally, in companies searching through employee owned devices, there are legalities they must adhere to. For example, in order for companies to search a device there must be work-related purpose.
Melding Professional and Private Life: While BYOD increases mobility and allows employees to do work in the office or from home, this blending of interests may not be the healthiest option. While work and mobile phone/laptop addiction is something that is commonly seen, it can work in reverse as well. BYOD can sometimes lead to or worsen a lack of focus amongst employees. This goes back to the previous concern dealing with IT control. This again goes back to security, as devices that are used professionally and privately are susceptible to more risks; therefore, businesses need to implement acceptable usage policies for employees to avoid any potential employee conflict of interests.
BOYD to be monitored properly
BYOD can be very advantageous if it is utilized and monitored properly. Though there are a number of potential concerns, most have precautionary recourse attached to them. In order to ensure that maximum potential is being optimized, it is crucial that the company implementing this model is aware of all that is required (regulatory and security measures).
While above information does a number of potential advantages and disadvantages of BYOD, it is not holistically inclusive. BYOD adoption tends to be individualistic; therefore, companies should thoroughly research all the necessary information before selecting this model.