Everyone’s jumping on the mobile bandwagon, especially the Bring Your Own Device (BYOD) generation. Advertisers are trying to harness its ability to be in front of this constantly connected audience; developers are trying to build compatible apps every user wants (ahem, shameless plug for Gander); businesses are looking for new ways to best tap into this market. There’s one group, though, that hasn’t overlooked the security challenges and additional costs this new trend brings: your dedicated, behind-the-scenes IT team.
VentureBeat wrote an article last week on the mobile BYOD trend, citing the increase in employees using their personal devices (often more than one device) to access sensitive company information and the frustration of the IT departments.
“A massive majority of companies, 81 percent, now allow employees to bring and use their own devices, and 56 percent of companies have codified that into their corporate guidelines, according to a new study by iPass and MobileIron.”
If you’re like me, you would think having employees use their own devices would lower company costs. However, factor in multiple data plans across multiple devices and things start to get messy. Not to mention the potential for stolen devices and consequently company information. To get a better idea of the shift to a more mobile employee brigade and if it indeed posed frustrations for IT, I went snooping around our IT department to see what they had to say. Here’s what I discovered:
1. What are some of the challenges you see working in IT with the Bring Your Own Device (BYOD) trend becoming more popular?
From my perspective, BYOD, or even device-choice, comes with some very real considerations, not the least of which is that you are automatically supporting multiple platforms. This means there are more chances for things to go wrong. In a BYOD scenario, you cannot establish a baseline for what device performance is (or you’re going to have to upgrade users as well). For example, you can’t ensure that everyone with an Android device is running at least an ICS (4.0), which poses problems looking at deploying applications such as a VPN client. It really just increases the management hassle.
2. What are some of the security risks you have to be aware of?
As far as security goes, the tools for managing mobile devices has gotten better, but they still don’t have fine-grained control. I can issue a remote wipe of a managed device, but that not only removes all corporate data, but all personal data as well. The biggest security implication is that data is now outside the aegis of corporate control. Once your email goes out to a device, anyone can access it. You can mitigate this somewhat by forcing a security policy on the device such as a pin code or lock screen, but those can be bypassed. It’s not all doom-and-gloom, but for companies that have very real security or IP risks, these are things that could be elements of concern.
3. Is it more costly to have employees bring and use their own devices?
From a cost perspective, you’d think that having everyone bring in a device would be cheaper, right? Sadly, BYOD is often associated with higher costs, certainly on the mobile side. For one, you can’t control the carrier that employees come in with, that means that you could be faced with supporting 2+ carriers, which limits your ability to negotiate a better pricing structure. Secondly, you’re turning up and down numbers/lines as employees join or leave your company meaning that you’re often faced with higher numbers of termination fees. If you keep devices within the company, you can control the cost structure by turning up and down lines only as needed and recycling old lines/numbers to new employees, potentially saving the company money.