In love, war and the boardroom, it’s important to know when you’re beat and when it’s time to give in gracefully and simply try to negotiate the best possible outcome you can. BYOD (Bring Your Own Device) is one of those situations. You can’t win the war; employees’ phones, tablets or iPads are no longer just tools to get things done, they’ve become part of their identity. Employees’ choice of device is as personal as their choice of glasses or jewellery.
While you can’t stop the trend for BYOD, it is essential that you manage it effectively and minimise risk. This is particularly true in the public sector, where the reputational fall-out of letting sensitive public data end up in the wrong hands would be huge. And there are benefits: employees are probably more expert at using their own personal device and therefore potentially more productive; the devices are usually more cutting-edge than company ones and employees are likely to be happier. There are also possible cost savings for public-sector organisations, but these are by no means guaranteed and should not be the reason for adopting BYOD.
Time to act
The time to embrace BYOD is now. The situation will only get worse as technology, such as smart watches or Google’s Glass headset, which can take hands-free images and video as well as run apps, just round the corner. So, the longer you wait the more devices you will have to deal with. By 2016, Gartner predicts that 38% of organisations expect to stop providing devices to their employees.
There is a third approach that treads a path between BYOD and company-owned devices. Research analyst firm Forrester suggests many local government employees and organisations will share the cost of devices. The advantages for employees are that they get to pick and choose the tablet or other mobile device they want and be able to use it at work and home.
Either with the hybrid or ‘pure’ BYOD approach the challenges remain the same.
More than technology
The first thing to realise is that BYOD is far wider than a technology issue. You will need first to find the answers to a welter of organisational questions: which teams use which devices already; what information and applications do each division have to access and at what level of security; what are the data usage requirements; what are the compliance and regulatory requirements?
And that’s just starters. Privacy, control, usage, policy, security and data protection issues all need to be addressed. This has to be an official programme with all risks, both from a legal and IT perspective, nailed down.
Public sector organisations need to be very clear about what is permitted under the BYOD scheme, who is taking part in it (will this be a voluntary scheme or will only certain individuals be able to take part?) and they need to communicate all of that effectively with employees.
You cannot expect your IT team to support every device under the sun. So the IT department will need to establish which devices and specific operating systems it is able to support, and to decide the level of support it is willing to give to personal data and applications on those devices.
Theft or loss of devices is going to happen, so make sure you have a plan in place for how to protect or remotely wipe data from any lost devices. This will also be an issue when an employee leaves the company. You need to ensure that there are specific plans in place to prevent them walking away with sensitive information.
Data confidentiality is key. So it’s important to put in place a mobile device management (MDM) solution, ensuring that corporate enterprise applications are fenced off completely from personal data and permitting only authorised uses to access the enterprise applications. Organisations would have to also protect the personal data on the device as well as the work stuff. Alongside MDM, the market is also beginning to embrace Mobile Content Management (MCM) and Mobile Application Management (MAM) which together are becoming known as (surprise, surprise) yet another three-letter acronym: EMM or Enterprise Mobility Management.
The important point to focus on is management. BYOD is impossible to stop, so you must work out what level of device freedom your company is comfortable with and actively set up policies and manage them.