The concept of “bring your own device” – BYOD – is a growing trend for business IT. There are a variety of benefits to allowing users to supply their own PC and mobile devices, but there are also some concerns. Make sure you understand both in order to embrace BYOD with confidence.
It used to be that IT departments drove technology, but that has changed dramatically in recent years. The consumerization of IT revolution -- sparked by the iPhone -- has shifted the IT culture so that the users are the ones getting the latest, cutting edge technologies first, and they want to bring those devices to work.
Businesses that embrace BYOD have some advantages over competitors. For starters, BYOD programs generally shift costs to the user. With the worker paying for most, or all of the costs for the hardware, voice and/or data services, and other associated expenses, companies save a lot of money -- as much as $80 per month per user. You might expect users to revolt against paying for the devices and technology they use at work. Not so. The Good Technology State of BYOD Report states, “50 percent of companies with BYOD models are requiring employees to cover all costs -- and they are happy to do so.”
That brings us to the second significant benefit: worker satisfaction. Users have the laptops and smartphones they have for a reason – those are the devices they prefer, and they like them so much they invested their hard-earned money in them. Of course they’d rather use the devices they love rather than being stuck with laptops and mobile devices that are selected and issued by the IT department.
There are two corollary advantages that come with BYOD as well. BYOD devices tend to be more cutting edge, so the organization gets the benefit of the latest features and capabilities. Users also upgrade to the latest hardware more frequently than the painfully slow refresh cycles at most organizations.
BYOD isn’t all wine and roses, though. There are some issues to consider as well. By embracing BYOD, organizations lose much of the control over the IT hardware and how it is used.
Company-issued IT typically comes with an acceptable use policy, and it is protected by company-issued security that is managed and updated by the IT department. It is a little bit trickier telling an employee what is, or is not, an “acceptable use” of their own laptop or smartphone.
Make sure you have a clearly defined policy for BYOD that outlines the rules of engagement and states up front what the expectations are. You should also lay out minimum security requirements, or even mandate company-sanctioned security tools as a condition for allowing personal devices to connect to company data and network resources.
There is also an issue of compliance and ownership when it comes to data. Businesses that fall under compliance mandates such as PCI DSS, HIPAA, or GLBA have certain requirements related to information security and safeguarding specific data. Those rules still must be followed even if the data is on a laptop owned by an employee.
In the event that a worker is let go, or leaves the company of their own accord, segregating and retrieving company data can be a problem. Obviously, the company will want its data, and there should be a policy in place that governs how that data will be retrieved from the personal laptop and/or smartphone.
If you’re not already taking advantage of the BYOD trend, you should definitely consider it. Just make sure you’re aware of both the pros, and the cons, and address any potential issues up front.