Photo: Luke Wroblewski
What are the real implications of the Bring Your Own Device movement in the modern workplace?
In 2011, the number of wireless devices connecting to the US network exceeded the country’s population for the first time. Since that watershed, the ‘smartphone revolution’ has continued apace, while tablets and more recently ‘phablets’ have entered the market with resounding success.
As complex applications have migrated from PCs onto sleek devices that slip into a pocket, and with almost three quarters of us sleeping with our phones in reach, enterprises of all shapes and sizes are looking at ‘Bring Your Own Device’ (BYOD) policies for their employees. But as with many disruptive innovations, there are reasons to be cautious. Understanding and overcoming those stumbling blocks will be crucial for enterprises hoping to make the most of the potential of BYOD.
The Rising Tide
Technology research firm Gartner estimate that, by 2017,half of the world’s employers may impose a mandatory BYOD policy that requires employees to bring their own laptop, tablet or smartphone to work. The stratospheric rise in uptake of BYOD policies is driven by two concurrent trends: a growing need for employees to be connected and responsive in an increasingly globalized world and a wish on the part of enterprise to save money by not replicating a device that employees already own.
With BYOD becoming an ever-more viable option, many employers have been quick to tout the upsides. One of the biggest advantages of BYOD is its potential to speed up processes and communication in the same way that mobility — the availability of apps and information on mobile devices — has undone geographical boundaries. Employees can be connected and switched on at all times, ready to react anywhere and at any time in the event of an emergency. Then there’s convenience: employees won’t need to carry more than one device; they interact with a familiar interface; and they can bend work around other needs.
Alongside convenience and productivity, mobile devices increasingly have ease of use in their favor too. As processing power increases, mobile apps are becoming more effective, intuitive and enjoyable to use. For employers, the advantage is that apps which aid work are now likely to require very little in the way of a learning curve and have the potential to massively boost productivity.
Finally, as mobile devices and tablets have grown in popularity, mass production has brought prices tumbling down. As well as reducing cost, the ramping up of production has led to more standardized parts and products, which are easier to wed to a corporate network.
In essence, BYOD has the potential to make employees more productive, more flexible and better able to manage varied schedules on apps that are becoming more seamless by the day.
So often with big rewards, there are a number of associated risks. Moving to BYOD raises significant questions about privacy, cost and security, as well as a host of technological issues.
One of the biggest concerns is how to keep personal and company data separate on a single device. If a smartphone picks up malware, how can an organization ensure that their data is not affected? How do companies prevent sensitive information being passed along to the wrong parties from the device? And when an employee leaves, how can all corporate data be wiped while maintaining personal information?
Along with privacy, security figures as a major concern. Where virtual private networks are effective in maintaining the security of computers on a network, the technology is still immature for smartphones. Lengthy authentication and security checks are one option, but they make BYOD a less attractive option. There are also questions on cost: companies must establish who pays what when the device belongs to the individual but its use is stipulated by the employer. Do companies give their sales team bigger stipends because of their roles? Is personal use subsidised by the company? And where does the budget come from?
Alongside these generic issues are specific technological concerns one of which is how to cater to a fragmented marketplace. Operating systems tend to be — but are by no means limited to — Android or iOS, , and catering to all of them would put a significant strain on IT, requiring very highly-trained technicians. App creation is also made difficult by the breadth of operating systems, as company developers must design individual elements for each one. Equally, developers must cater for small screens where real-estate is at a premium. This dictates a heavy emphasis on simplicity in designs, and marrying this with the functionality required in complex corporate apps is a difficult challenge to overcome.
Even if employers can clear those hurdles, they still have to grapple with employee expectations. Personal use of smartphones typically involves tapping away at a sophisticated, seamless app created by a major technology developer. But companies are unlikely to be able to compete with those interfaces when it comes to work-related apps. There is a risk, then, of creating user-unfriendly apps which disincentivize the entire practice of BYOD.
These issues, complex though they are, should be understood as teething problems rather than chronic ailments. There are a number of ways companies can mitigate the risks, starting with setting clear parameters and rules. Malware can be averted if a clear set of approved applications are laid out by enterprises. Employers should also define a list of approved devices, giving them greater control over security issues and enabling them to develop apps for a specified set of operating systems.
Advancing technology is making it easier to separate personal and corporate data, too. Virtual partitions can be created that split the two entirely; for more granular divisions there is application containment, which subdivides applications into separate areas, or ‘sandboxes’.
Technology is also improving options for security and maintenance: mobile device management allows companies to track and monitor devices and individual components, while mobile application management does the same for each app. Security lapses can also be reduced by putting controls on sensitive documents, such as restricting who they can be sent to and how.
Too Big to Miss
With IT firm IDC estimating that 1.3 billion employees will be able to work from mobile this year, there are strong incentives for businesses to invest in employee-facing apps and encourage their workforce to use their own devices. But understanding and minimizing the above risks is pivotal for any success in doing so. While each challenge will take work – whether writing up new rules for device management or upgrading IT systems – the only risk not worth taking is eschewing the BYOD opportunity altogether.