Bring your own device – just don’t think about using it

A good BYOD policy needs to find a comfortable middle ground for employers and IT functions alike, says Steve Weston, Hays CIO 

“What is the point of banning a device that could help me get more work done, faster, wherever I am?”

It’s a good question, and the frustration is palpable among the many employees who have phones, tablets and laptops that are newer and more advanced than the technology confined to their desk.

All of us have mobile devices that are always on and always near. People can easily be responding to work emails, scrolling through spreadsheets and working on presentations during their daily commute, or when they get home at night. And there is no time wasted transitioning from one computer to another if you can simply plug the same piece of hardware in at home as you do at work.

Seamless working

According to a recent survey from Cisco and BT, 36 per cent of organisations already support ‘bring your own device’ (BYOD) and 32 per cent more intend to do so in the next 12 months. The vast majority see a competitive advantage in it and a boost to productivity from smart devices.

Unsurprisingly for a technology giant, Cisco is leading the way. By the end of 2012, it was supporting 60,000 employee-owned smartphones and tablet computers, including 14,000 employee-owned Apple iPads – not bad for a device that was released only three years ago.

And it isn’t just technology businesses. The London Borough of Camden is offering work access on 8,500 Android and Apple staff phones, and football body UEFA is reportedly considering a BYOD policy for the 7,000 volunteers at the Euro 2016 tournament.

Back to reality

It all sounds great, but where the employee craves choice and freedom and flexibility, the IT function values control. Individuality and productivity are fantastic incentives, but stolen or lost devices, misused data, transmitted viruses and a lack of oversight over valuable corporate information are all very sensible, and very real, concerns.

And that’s not even considering the heavy costs associated with building or buying technology, such as enterprise mobile device management (MDM) tools, which can support the many different devices and operating systems a modern, global workforce want to use.

Implementing an effective BYOD scheme is about finding a middle ground, where choice and control can comfortably co-exist.

That will mean concessions on both sides of the employer-employee relationship, and strict security. This might sound like an imposition, but as soon as a personal device is brought into the work context, rules need to be enforced. And nobody is forcing anyone to bring in their iPad if they don’t want to.

Blurred lines

Well, not for now. David Willis, an analyst at IT market research company Gartner, predicts that by 2017, around half of employers will require employees to supply their own device for work purposes.

Without proper legislative guidance at a national level, a smart IT leader should be seeking their own balanced approach to both protect corporate information and enable the workforce to perform at its best. They will need to decide:

– Scope: Not every employee needs or wants to bring their own device to work, so first you must explore the real demand, and recognise that different roles call for different approaches

– Support: You need to consider how IT can monitor and manage employee-owned devices centrally. Enterprise MDM technology can bridge many brands and operating systems, but it isn’t cheap

– Depth: Knowing which corporate information should be accessible, from offline access to emails to real-time access to sensitive financials, means balancing the risks and the rewards of individual cases

– Security: Setting an appropriate level of password-protected and for employee-owned devices is one priority, but establishing centralised access control could be a larger concern if authorised members of the IT team ever need to wipe compromised devices remotely

– Clarity: With such strong policies on the cards, employees should be signed up to an acceptable usage policy that outlines their responsibilities towards the corporate data, explains who they should inform if the device is lost or stolen and spells out the access control rights they must concede to the IT department, even over their own devices

As tricky as finding the answers to these questions may be, keeping your head in the sand could be damaging, too ­– to the company’s reputation and to its appeal as an employer for smart, proactive people.

Please join our IT Industry Insights Group to discuss the most pressing challenges and opportunities in our sector.

Search for mobile device management jobs in the UK here. To find opportunities for mobile device management roles where you reside, visit Hays in your country.