In 2015, it has become a necessity for every organisation to consider the pros and cons of BYOD (Bring Your Own Device) in the workplace. It seems that BYOD has been developing informally by employees for some years. Workers have been taking smartphones, tablets and laptops to work, connecting to the company’s Wi-Fi, often without the organisation’s knowledge. Unfortunately, this opens the possibility of outsiders gaining access to sensitive company data.
Nadeem Unuth of Voip.About.com cites a recent study by Harris Poll of US adults that suggests that more than 4 out of 5 workers take their personal electronic device to work and about a third connect to the company’s Wi-Fi with it.
He also mentions some worrying statistics that include:
- Nearly 1/3 of workers who use their personal mobile device for work have allowed someone else to use that device.
- More than 1/3 of respondents don’t use the auto lock feature.
- About 1/3 say that their company’s data files are not encrypted.
- 2/3 of BYOD users admit they are not part of their company’s BYOD policy.
- ¼ of all BYOD users have been victims of malware and hacking.
Most of today’s workforce owns a smartphone, tablet and/or laptop and the number of employers who are developing policies to enable staff to use their own device(s) at work is growing.
Workplaces have differing needs for devices and a BYOD policy must reflect this. Some workplaces will limit BYOD to executives and upper management, while others will include the entire workforce. The biggest hurdle to a BYOD workplace policy is maintaining proper security for the company and its high value data.
BYOD security can be addressed by having an IT policy that details requirements for security for every kind of personal device. This policy will need to address how these devices are used at work and how they connect to the corporate network.
Vangie Beal of Webopedia suggests that other BYOD IT security policies may include limiting activities the employee is allowed to perform on these devices while at work, as well as arranging periodic IT audits to ensure the device is compliant and secure.
The Citrix BYOD test showed that better security is possible with BYOD. Citirix found that employees are more likely to take better care of their own device and as a result, their own IT departments were freed to work on high-value activities. Citrix found that 96% of all participants in their test said they would recommend a similar program to others.
Citrix developed its own desktop virtualisation technology, the Citrix Receiver. The use of desktop virtualisation technology is now considered to be one of the best ways to incorporate personal mobile devices into the workplace.
There can be significant advantages for both employer and employee in developing a policy for BYOD at work. James Kirk of the Creative Social Blog discusses how the BYOD trend represents the values of a new generation of workers. For Gen Y, “millennial” workers, financial security is not the only reason to stay in a job. These days a desire for a work-life balance is increasingly important.
According to the Halogen Software infographic only 2.6% of US employees currently work from home compared to 3 out of 5 Gen Y “millennials” who expect to work remotely.
Advantages and Disadvantages of BYOD
- Employee satisfaction and morale.
- Increased productivity.
- Reduction in hardware and mobile device costs.
- Ability to allow employees to work remotely for part or all of their work hours.
- Allows for networking within the workplace and a stronger sense of friendship and workplace as a “family” by engaging through social media.
- Network and security ramifications.
- Need for BYOD policies and IT support for a wide range of devices.
- Need for BYOD audits by company IT department to ensure compliance with company security measures.
- Likely need to use software for virtualisation desktops.
- Incompatibility issues: version problems, conflicts between different platforms, incorrect configurations.
- Inadequate access rights, hardware that is not compatible, devices that don’t support a necessary protocol (eg. SIP for voice).
- Devices that can’t run necessary software (eg. Skype for Blackberry).
- May require remote device security that allows IT departments to wipe a stolen or lost device of all work related data.
- Personal privacy and data may need to be compromised by the company needing to have a file system open, enabling access to private and personal information.
Legal Ramifications to Consider:
- Do you have a corporate BYOD contract agreement that is strong enough to avoid a counter suit if an employee is sued for personal use of their device?
- Does your BYOD policy cover off site breaches of corporate policy?
Rick Delgado of TechPageOne.Dell.com discusses the potential legal minefield that a BYOD policy can present and suggests that these concerns exist for both HR and IT departments. He also suggests that if your company is only just starting with a BYOD policy, it is worth considering employee involvement to help get staff more invested in the new policies.
As Dawn Lomer of i-sight.com says, it is important to be constantly willing to revisit policies about BYOD as technology will continue to evolve. Security threats will also continue to change as will methods to counteract them.
There are many advantages to a BYOD policy for your workplace. However, it is important to take into account the many security and other issues that can arise when you allow workers to bring and use their own devices at work.