Bring Your Own device, should we slow down to catch up?
Cloud Computing has brought a whole new dynamic to I.T. for both personal and professional use worldwide, increasing both flexibility and convenience for those wishing to stay connected.
This constant connectivity has contributed to a blurring of personal and professional boundaries, with more employees pursuing the advantages of using their own devices in the work place.
Bring your own device (BYOD) has shown significant growth over recent years and according to an Absolute Software survey which was conducted throughout 17 countries, 88% of participants said employees were using their own personal technologies for business usage.
Furthermore, through a recent study of 1500 I.T. managers and executives, Cisco also discovered that globally 48% of companies would NEVER authorise an employee to bring their own device to work. This reason was mainly due to security concerns, with 75% of participants surveyed stating new rules must be established within their business around security and device usage.
More than half of those participants continued to state that in their experience some employees use personal devices without business consent. Employees in the US were the most likely to use a device against company regulation (64%) compared to Germany, which was the least likely with only 49%. This focused drive towards BYOD is inevitably forcing businesses to put appropriate regulations in place, fast.
HR policies and training must clearly define what content and actions are appropriate to undertake on a personal device in the work place. If a personal mobile phone also doubles as a work phone, is it now appropriate to answer personal calls during work hours? All possible answers to this question open up a ‘can of worms’. If your business is not happy for personal interaction with devices during work hours, what would this do to employee motivation? Consequently, if the company is happy for the employee to respond to personal interactions throughout the day, what impact would this have on business productivity?
A traditional-style mobile phone that could only send/receive texts and calls would pose a different issue to a smartphone, which also provides the user with access to social media sites and emails. Could BYOD ultimately lead to more management figures being introduced into the work force to protect the interests of the company?
Security; Do you secure the device, the software, the content, the user? With key questions being asked such as, ‘is the business insured for the theft or damage of a personal device being used in the work place?’ and ‘what happens if a virus is introduced into the business systems through a personal device?’ Should there be a procedure put in place to scan all files before being introduced into the system? Is it security, or is it avoidance of embarrassing positions?
Access levels must also be evaluated through BYOD, if a shared file facility such as Microsoft SharePoint, or DropBox is being used to access files, what permission levels would the individual have? What repercussions would be witnessed if the user was to copy confidential files to their personal device, which was then lost or stolen? A full evaluation of these instances must be completed and plans put in place to protect the company.
In order to guarantee the protection of a business, each possible outcome from using BYOD must be assessed. In most cases this would be time consuming and often costly, with constant updates needing to be made as technology progressed. If you had 720 employees, all on a BYOD policy, each with a 24 month contract for their mobile device; that’s possibly a brand new device every single day of the year! For two years running.
For businesses wishing to implement a strategy it is advisable that BYOD is postponed where possible, in order to complete a full assessment of the business network before implementation, along with a comprehensive security policy being put in place. The end user desire for the latest software facilities vs. the I.T. departments need to catch up with security procedures must ultimately be assessed.