Why People Embrace BYOD And What To Do About It
November 28, 2014
Print this page
Today, IT budgets are not growing fast enough to fully keep pace with technological evolution. That’s a primary reason why BYOD has been considered favorably by some IT managers.
They see BYOD as a fast, easy way to overcome the following challenges:
- Allocation of appropriate hardware to employees – since employees themselves chose the device
- High cost of infrastructure upgrades – since employees bear the cost of device purchase
- Getting adequate ROI on IT investments – since the IT department is spending less to get the same amount of work out of employees
The problem with this line of thinking is that it doesn’t take hidden costs into account. The savings to be had from BYOD disappear or are even outweighed by the insidiously-sprawling costs associated with BYOD.
The actual hidden costs of BYOD
There are a number of BYOD related costs that will eat into the IT budget. First, are higher per-user costs – because individual employees will not get volume discounts on their devices; this mostly impacts companies that reimburse their employees.
Second, is a much heavier strain on the help desk – because the IT
department does not have all the documentation for every devices employees would conceivably bring into the workplace.
Finally, BYOD brings higher costs of security – because it takes more effort to monitor the multitude of different platforms that now access the company’s network.
The hidden costs of BYOD are no small matter. Research firm Aberdeen performed an analysis into the true cost of BYOD and found that companies which allow 1,000 BYOD devices into the workplace will spend an extra $170,000 per year in extra device management fees.
So why consider BYOD at all?
The answer to that question is that far too many employees embrace the idea. Let’s look at the factors driving employee support for BYOD
It has partly to do with an increasingly mobile workforce of technophiles. According to Gartner, mobile devices are a firmly-entrenched part of employees’ ownership habits. Note the following figures:
- 58.7% of employees use a smartphone
- 57.7% use a laptop
- 33.1% use a tablet
These figures are all expected to rise as cloud computing becomes ever cheaper and more available. The large install base, coupled with the push towards popularizing cloud computing by industry heavyweights such as HP and Microsoft, further emphasize employees’ views of BYOD advantages. Perceived advantages include:
- Increased productivity from being able to use platforms and
environments with which they have greater familiarity
- Reduced usage costs (if the company reimburses their
- Greater freedom to customize their work environment(s)
- Less governance since (theoretically) the company has no real say in how they manage their personally-owned devices
As an IT manager, it’s your responsibility to educate employees on the true cost and impact of BYOD on their workplace. To fulfill this responsibility, you have to recognize several distinct factors in designing and implementing a proper BYOD policy.
Five MUST-HAVES for any BYOD policy
BYOD is popular for its apparent freedom of choice in workflow, but it cannot be allowed to degrade into an anarchic free-for-all in the workplace. Here are some guidelines that you’re going to have to consider when you design your BYOD policy.
1) You MUST manage your employees’ BYOA
The main functional reason for employees’ embrace of BYOD lies with the availability of Bring Your Own Application (BYOA). After all, they want to make use of apps that they find familiar and/or intuitive. That means that you will have to manage their apps. To do that:
- Install a Mobile Application Management (MAM) solution that manages software delivery, policy enforcement, licensing, maintenance, and usage tracking. Make sure the solution has a software developer kit (SDK). This way, you’ll be able to implement additional insert security features that address specific needs of your company. This is known as app wrapping.
- If you have the resources to do so, create an enterprise app store. The best way to secure user apps is to become the gatekeeper. Create an in-house app store that enables self-service distribution of apps to employees while maintaining a set of role-based corporate security and data protection rules that makes sense to your organization. This way, employees will be able to purchase and install apps that they want to use, even as you retain the power to revoke them in the event of a sudden security threat.
2) Require standardized core features
You don’t want to restrict the freedom of your employees, but you can’t compromise on security either. There has to be a set of core security and configuration features in place to make your job of securing BYOD manageable. To minimize the long-term effort you’ll have to put into maintaining this aspect of device management, devise and implement a single standardized configuration of necessary elements and security measures. This will help mitigate your risk and reduce support requests.
3) Mandate minimum levels of device functionality
Freedom of choice should not mean having the freedom to be hobbled at work. Make sure that you devise a BYOD policy that demands a level of device performance that at least meets the minimum requirements of employee job descriptions.
4) Create an environment of interoperability
As mentioned earlier, the restrictions that you are going to establish are designed solely to protect your company, not hinder its business. With that in mind, the solution is to adopt a cross-platform approach. Cross-platform allows employees to access corporate applications regardless of operating system (OS) or device adopted. Fortunately, the newly-developed HTML5 makes cross-platform activity both possible and easy.
5) Understand the scope
Addressing the four previous factors serves as the foundation of your BYOD policy. The implementation requires a higher-level framework that includes:
- Overall applications management: Implementation, monitoring of usage levels, maintenance of updates, and verification of status (i.e., approved, retired, etc.) of apps are all activities that must be undertaken on an ongoing basis.
- Corporate applications management: The integrity of the corporate applications environment must be maintained – these are the tools and the environment that are essential to the functioning of your company, after all. You must be constantly vigilant for the possibility that any BYOA can compromise your essential assets.
- Governance policy administration: Governance and security policies aren’t static. It’s an ongoing process to ensure that policies address the latest technology trends (and threats).
Despite its popularity BYOD can be risky and costly. Hopefully these tips help you build a policy that works for your organization.
Chris Thierry is president of Etelesolv, the creator of Cimpl, fee-based monitoring service that helps organizations connect complex information IT and telecom and IT assets.