BYOD: Freedom, Trust or just another Buzzword
There was a time where the IT department of any enterprise used to drive the technology by deciding the devices the employees would be using, the level to which the enterprise data will be exposed to the employees. While the IT laws are still mainly driven by the IT department and the Business, but with the Consumerization of the IT revolution, the employees are the first to get exposed to the latest smart devices, cutting edge technologies and they want to bring those to work to avoid switching between devices. The Bring your own device (BYOD) is an IT policy where the employees and the business partners are encouraged to use their smart phones / Notebooks and even PCs to access enterprise data and systems.
As we have noticed that the employees upgrade to the latest smart devices faster than the company level upgrade which is generally tedious. Folks are happier to use the same cutting edge device for work if allowed.
1. Economically viable for the companies: The BYOD program generally results in the enterprises saving dollars as the cost of the device and the data service is significantly transferred to the employees. But these are just anticipated savings and need to be carefully planned at the time of actual implementation.
2. Productivity is increased and Innovation encouraged: Employees get comfortable and are more expert in using their personal devices which make them more productive. As employees are more likely to use a more cutting edge device, the enterprises can benefit from the latest features of the device. The up gradation to the latest features will also be more frequent.
3. Enhancement of Employee satisfaction: People will be happier to use the device they have selected for carrying out their work than the devices that has been forced by the IT Department. Hence the overall satisfaction level of the employees will also be enhanced.
BYOD Challenges: Having seen the benefits of BYOD, let's take a look at the challenges in the road to implementing it in the enterprise.
1. Lack of Control by the IT department: With the devices issued by the IT department, it is easier to roll out upgrades, data policies and check the misuse of the devices. These will become challenge when the employees will use their individual devices. It has to be made sure that the devices are complaint to the policies of the enterprise covering the minimum data security standards and also the mandatory security tools have been installed. In the event of employees leaving the organization, the segregation and retrieval of the company data will be a challenge. There must be a policy in place which will govern how this data will be retrieved from the employees.
2. Personal Cost for the employees will increase: As BYOD would require the cost of the device and the data services to be partially or completely borne by the employees, this may create resistance amongst the employees who will expect the cost to be borne by the company as they will use to perform official work.
3. Will require investment from Enterprise : With multiple devices running on different platform will get connected to the enterprise network, companies will have to ramp up their Help Desks and also educate them as there will be flood of the support related queries.
4. Maintaining Data Integrity and Access Control: There are certain roles which require access to very sensitive data and also organizations such as in Healthcare require to be complaint with HIPAA etc. In these cases IT departments need complete control over the devices which has related data and applications. This will become a bottleneck in the BYOD.
5. Inconsistency in the Capabilities of the Device: Different devices have different operating speeds and the OS they use. IT department will face issues in rolling out company wide application and they have to be made compatible to varied devices.
6. Security Risks: Outside the company network. Employees may download few application and software's which can possess malwares and viruses and when they connect back to the company network, it can be serious threat to the data integrity and network security of the company.
BYOD Policies to Implement:
With so many challenges in the path of BYOD, let us have a look at some of the practices which can minimize those and help us reap the benefits of BYOD.
1. Clearly specify the list of devices that will be permitted: In the initial days, it has been a notion that BlackBerry is used for work, and that was it. Now there are many device choices, from iOS-based phones and tablets and Android handhelds to Research in Motion's Playbook and many others. It's important to decide exactly what you mean when you say "bring your own device
2. Security policy must be followed by all devices: Since the devices will be connected to the corporate network, it will have access to several sensitive information and hence the stringent security policy has to be put in place to protect the data. The devices and applications must be protected with appropriate level of authentication and the passwords must be strong as per the definition put by the organization.
3. Establish a Help Desk Support: With so many varied devices being connected to the network, the help desk team will need to be trained. Also they will have to clearly state what will be covered and what will not be covered in terms of Application upgrade, physical damage, loss of device and crash.
4. Define clear ownership of App and Data: With both personal and professional information on the same device, there must be clear ownership of what apps and data will be owned by the enterprise and what are the personal data which should be only owned by the user. In case of Data required to be wiped out, will it also include personal pictures, music. In case of device recovery, will it also cover personal data? Also clearly list out the apps that are restricted.
5. Clearly define the Employee Exit Strategy: Define how enterprise will erase the company related data from user's device once the employees decide to leave the company