Is BYOD here to stay?
IT professionals up and down the country are pulling their hair out and Apple is to blame.
Well, maybe that’s a bit strong but as the company often cited as the catalyst for the consumerisation of IT, the roots of the BYOD phenomenon were planted by devices such as the iPhone and the iPad. BYOD has been a massive buzz word in the corporate world for some time now, reaching way beyond the realms of technology departments.
In case you have had your head firmly stuck in the silicon over the past two years, BYOD stands for Bring Your Own Device and it refers to the trend of employees wanting to use their own consumer devices for work and potentially accessing emails and other work related data on these devices outside of work.
Deloitte conducted a survey recently and found that there has been a massive spike in internet searches relating to BYOD in 2012 reaching four million.
“There has been a huge surge in interest and a lot of excitement around it for various different reasons but it is disrupting the existing order – new devices are coming in and changing the way we work,” says Paul Lee, global director, technology, media and telecommunications research, Deloitte.
But while there is much excitement around the trend it is also a great cause for concern among many because with BYOD comes security issues. The loss of an employee’s personal phone with their information on it is one thing, the loss of an employee’s phone with sensitive company data on it is quite another.
A research into the opinions of IT specialists carried out by Lieberman Software in 2012 found that 67% of respondents thought that BYOD increased IT and security costs and 43% worried that BYOD could lead to a virus infecting the organisation.
“Whilst this is a cheap way for a business to enable flexible mobile interaction with their employees there are obvious security risks and there is much debate about how these risks are managed,” says Simon Ebdon, director Hays the leading recruitment expert.
“Just as when cloud storage providers such as Dropbox and Google docs etc. became commonly used and IT departments had to quickly react, IT Managers and Directors are again reacting to, rather than setting, the IT agenda within a business. Having to deal with a rise in BYOD is a potential unforeseen drain on employees’ time and departmental resources.”
The Deloitte research paper identified three different courses taken by companies in dealing with the BYOD revolution. Clamping down on it completely was seen as an action taken by certain types of organisations such a governmental departments but certainly not as an option for all.
Many see this option could simply push the trend underground completely eradicating the ability to control. One report found that opinion held among the younger generations is mobile device BYOD is a right not a privilege with one in three admitting they would break BYOD rules if they were enforced.
But while BYOD can be a cause for concern – many companies are embracing the trend which also comes with a great number of positive benefits for companies.
“At Cisco we have encouraged and applied a BYOD policy since 2009. Giving employees the freedom to use their personal devices (tablets, smartphones etc) alongside their work devices harnesses the power of accessing information whenever and wherever they want,” says Ian Foddering, CTO & technical director, Cisco UK.
“Since introducing a BYOD policy, there has been a significant uptake in people using their own device at Cisco – 20% have an additional piece of self-funded IT beyond their company-issued devices. This is leading to greater productivity, greater satisfaction, reducing overall cost of IT.”
Providing a managed BYOD programme appears to be the best solution for the vast majority of companies – offering a compromise between user experience and security. There are a number of ways in which the security risk can be managed effectively.
Some companies put restrictions on which apps can be used and which websites accessed. A common agreement between employees and employers is the ability for the IT department to manage the device remotely with the potential to remote wipe the data from the device should it be lost. Security against cyber attack is also essential.
“The key to effective security is to combine protection with the ability to detect unusual activity which may indicate successful attacks, says Vincent Geake, director, Secure Mobility at BAE Systems Detica.
“These can be delivered through a combination of measures to manage the device and protection within the network to protect the data. It is becoming ever easier to integrate device and network security, and so firms should consider supplementing their device-centric security with a data-centric approach – e.g. monitoring data flows between the device and the network for any suspicious activity.”
Uptake of BYOD has been gaining momentum across the board but a study by Dell, “Evolving Workforces” found that the smaller companies were adapting quicker than the larger ones with 40% of UK small business workers being able to choose which device they work on compared with 20% of large enterprise workers.
Managing the security risks across smaller companies is clearly an easier task. Many however, expect this to balance out as IT departments get to grips with the new way of working which might well lead to greater demands in certain areas of IT.
“BYOD is inevitable and will continue to become more common,” says Simon Ebdon, director at Hays the leading recruiting expert.
“Whilst some businesses are ahead of the curve in terms of offering financial benefits to employees who BYOD in return for registering that device, most work places are exposed to some extent. Whilst we are a starting to see an increase in security related roles, we aren’t seeing the volume that suggests security is yet among the top priorities of IT Departments therefore this becoming the next growth area in IT skills.”
Whatever happens, what everyone is agreed on is that BYOD is here to stay so this is a time for action.