BYOD (Bring Your Own Device), a term coined in 2009 that became prevalent as an emerging trend in 2011, continues to be a hotly debated topic in the workplace for businesses, IT providers and employees alike. BYOD is about employees bringing their own devices into the workplace and using those devices to access privileged company information and applications.
Five to ten years ago, BYOD might have meant having your personal mobile phone at work and accessing it occasionally for things like your list of business contacts. Now, employees are doing much more than referencing their own devices whether laptop or mobile, for one or two task-oriented functions. They are creating, storing and sending company-sensitive information from data to imagery in large volumes.
So clearly, many employees have reached the point of high-level integration where their work and personal preferred device choice is one and the same. It’s one of two scenarios: 1. Employees use company assigned mobiles and laptops for business and personal use or 2. Employees use their own device for personal and businesses purposes. Either way, it equates to risk for a business because security and information is more easily compromised.
BYOD Benefits & Challenges
Let’s just say that the lines are definitely blurred between employer-provided technology and employee-owned devices. It’s easy to note the benefits of BYOD: increased productivity, employee satisfaction and cost savings for the company. However, some, like Peter Waterhouse in this Information Week article, warn companies to beware of BYOD pixie dust. Meaning you can paint all sorts of good case study data around benefits of full-on support of employees using their own devices, but company risk should not be underestimated.
In a August 2014 USA Today article, Elizabeth Weise sums up the BYOD challenge in her observation, “the conundrum for companies is how to let employees use the technology they already own and love for work, while also keeping vital corporate data and systems secure.”
BYOD Risk Management
“As an IT provider in the market for 20 years, we’ve certainly witnessed this shift and the increasing challenges it presents,” says CSI Onsite founder Mark Wheatley. “We’ve always erred on the side of protecting our clients and minimizing their risk factor.”
Wheatley says they’ve had some push back on policies and required security installations when it comes to enabling their cilents’ employees to use their own devices at work. “Typically the business owner is all for it because they understand what’s at stake. The challenge is to educate the employee on why we go to the lengths we do.”
Of course, the sensitivity varies across business types, work-oriented tasks, mobility requirements and employee preferences and work styles. The key is to manage your greatest risks with tight security and allow some openness whenever you can. You don’t want frustrated workers. You also don’t want your largest company secrets leaked.
Bring BYOD into Plain View
An important part of managing the BYOD blurred lines is having a healthy company culture. In a recent post, Own Your Business Communications, we wrote about leadership, culture and sharing best practices on technology use in the workplace. Specific to BYOD, step one is acknowledging that it’s happening and prevalent. Step two is assertively managing this as an employer to mitigate risk.
The USA Today article shares some attention-worthy data surrounding BYOD usage. Alarmingly, 51% of employees say even if there’s a policy restricting use, they’re going to attempt a work-around. It also reports that only 42% of companies required employees to have a security app installed, and only 19% required mandated security supplied by the company.
Companies should not look the other way or feel BYOD is out of their management jurisdiction. By working with an IT provider that understands your business and risk factors, you can comfortably set your security policies and educate your employees. This will bring some of those currently blurred lines into plain view.