Bring-Your-Own-Device (BYOD) has become somewhat of a buzzword. With the push generally coming from the top, namely Senior Management and C-executives, there is a lot of pressure on IT to accommodate for the use of smartphones and tablets for work purposes. However, integrating new devices within the business environment is not all easy and straightforward, from an IT point of view.
Before allowing BYOD there needs to be a lot of planning, especially to insure the appropriate level of security. What end users sometimes fail to understand is that with the introduction of personal smartphones and tablets, the security of information which pass through these devices is at risk. These devices can be more easily hacked compared with a company-approved laptop, and they can be stolen or lost. Although there are some measures to wipe data off a device remotely after it has been lost or stolen, there is still the risk that information has already been seen, copied and used for fraudulent activities. Breaching the Data Protection Act will result in hefty fines that can put pressure on the company’s financial position, and it may also damage the most important thing – its reputation.
A BYOD policy will also create new issues for the IT Service Desk. IT engineers who are not familiar with these devices and the operating system they are working on will have to get some training, or more often than not, self-train in order to be able to support them. It takes time to learn new things and create knowledge-based documents for everyone to learn from, and the initial unfamiliarity with the systems might slow down incident resolution rates. Analysts might also get a number of calls regarding things that are out of their remit, such as ‘How do you turn this thing on?’ or ‘I need to download this app…’. All these things will affect the level of service and therefore any metrics, Key Performance Indicators or Service Level Agreements will have to take this into account.
On the bright side, this is also a good opportunity for IT staff to learn and practise new skills, get to know new systems and make their work more varied. It will ultimately increase their expertise and value.
Generally speaking, it is a good idea to introduce BYOD slowly by starting from one feature in particular. For instance, at the company where I am working in a managed service environment, it was only applicable to email on iPhones and iPads. Documents can be read and sent but not saved or modified on the device. Now that this project has been rolled out, gone live and is running smoothly, we are planning to allow document editing on the devices, once we have come to terms with the security concerns.
Companies shouldn’t avoid BYOD policies just because of the technical complexity or security issues involved. The advantages they can enjoy may outweigh those: BYOD creates savings, as less company-approved phones and laptops have to be purchased for employees; increases productivity as professionals are able to easily work on-the-move and while they are away from their office, for instance visiting a client’s site; and gives employees the chance to take on emergency work and answer urgent emails at any time of day and night and from anywhere.
Why is it that certain sectors are so attracted to the prospect of being able to use their own devices for work? In the financial sector in particular, it is not difficult to guess – so many professionals work nearly 24/7, hardly ever switching off. Their personal and professional lives are intertwined and it is a nuisance for them to have to carry around: a personal mobile phone for personal and work-related calls; a work mobile phone to check emails on-the-go; a company-approved laptop to work from a different office or the train; their personal tablet to show clients presentations. If they can have all-in-one on their personal phone or light-weight and easy-to-carry tablet, it makes life much easier for them.
In the future, BYOD is likely to increase, and we might see some environments entirely populated by employee-owned devices, though this is more likely to happen in start-ups and small organisations rather than medium and large-sized companies. There is also an argument that BYOD is driving Cloud services, as the latter represent a more secure way to manage data without taking the risk of saving it onto devices that can be stolen, lost and hacked.
All in all, BYOD can bring many benefits, but needs careful planning and security measures to be adopted correctly. A policy where employees can use their own devices for work purposes should serve as a way to improve productivity. It shouldn’t be an excuse for people to shun secure and approved devices and use expensive and sexy new gadgets just for the sake of being on trend, putting security and efficiency at risk.
Nick Fenton, Team Leader
This article has appeared in the July/August edition of FSTech – Financial Sector Technology: http://www.fstech.co.uk/Digital_fstech/pdfs/digital_fstech_july_aug2012.pdf