Bring Your Own Device: Should I Embrace or Avoid it?
Bring Your Own Device or BYOD has been a rapidly growing corporate trend, but it is also a common source of debate, with justifiable questions like “Is it safe enough?” “Do the benefits far outweigh the costs?” “How do you secure several personal devices?” and “Is it even right for a company to consider BYOD?”
What Is BYOD?
As its name suggests, it is a new company policy where employees are allowed to use their personal mobile devices to access corporate network and data. The trend is driven mostly by the strong demand and supply of mobile devices and laptops. It is expected that by next year, at least 38% of businesses will no longer offer corporate mobile plans to employers, which means employees have to use their own.
BYOD advocates believe that with this new policy:
Employees become more productive. Steve Blank, one of Silicon Valley’s serial entrepreneurs, believes that the key to any start-up success does not rely so much on technology and its people but rather on its process. In this case, he strongly recommends that people go out of the building—literally. By doing so, businesses are able to know and understand the real heartbeat of the customers.
BYOD helps support that technique by providing employees the needed mobility. Moreover, because they have access to their corporate systems virtually anytime and anywhere, employees are attracted to continue with work even after office hours. In fact, more than 40% of them check their e-mails to reduce their workload.
BYOD improves employee satisfaction. Happy employees make happy businesses. Those who are able to exercise a certain level of control and freedom are more likely to become more creative, innovative, and productive.
This policy also helps the company save money. By adopting BYOD, Cisco, for instance, saves as much as $700 million a year of travel expenses related to trainings and meetings. Increased productivity, meanwhile, brings around $40 million more money into the business. Companies are able to save money since they do not need to spend on their employee devices and plans.
BYOD, however, also carries a high degree of risks. According to a survey, more than 70% of IT managers and CEOs consider security as its biggest challenge in implementing the policy.
Where do these threats come from?
- Mobile theft: At least 10% of Americans with smart phones have become victims of mobile theft. There are many ways a phone can be stolen, and one of the simplest is to leave it on your coffee table while attending to something else.
- Jailbreaking: Many phone users have at least a basic knowledge in jailbreaking, a process that allows users to install apps that are not exclusive to the phone’s system. However, jailbreaking makes the phones less secure, especially since the user may no longer be able to update the firmware. Firmware can carry the necessary patches to fix security issues and bugs.
- Malicious software: Malware is beginning to become more common among apps even if manufacturers impose strict guidelines in app review and deployment. A very high exposure to this threat means one thing: an employee is at risk of downloading apps with malware or virus, which may find its way into the company’s IT infrastructure.
It is up to the businesses to decide which between the benefits and the risks weigh more to them. But for those who wish to implement BYOD, it is essential that a policy is in place.
A policy should focus on the following:
- Audit: Make auditing a part of your regular IT process. By auditing, you can identify potential and existing BYOD problems, particularly those that are security related.
- Compliance: The biggest reason for creating a BYOD policy is to stress compliance. While compliance is often complemented by penalties for failing to follow the guidelines, it can also be paired with rewards. For example, encourage employees to design or pick apps that promote productivity and security.
- Management: Develop a BYOD system that is simple and easy to manage including virtualizing employee desktops. Make policies understandable and consistent.
In truth, there is no corporate system that is 100 percent fool-proof, but that can be mitigated by having a deep understanding of the risks and implementing strategies that can reduce them.