We reported in our HR and business outlook for 2013 the increased emergence and in some cases reliance on BYOD (Bring your own device).
BYOD is the policy and acceptance of allowing employees to bring and use their own IT devices (typically phone, tablet, PC/Laptop) for work use
Recent research has found its use has grown rapidly in high growth markets like Russia and Brazil (where it’s reached close to 75% of companies) while in the USA and other mature markets it’s closer to 50%
You may think that BYOD is something companies have to specifically elect to do (they should), but it was surprising to read that almost half of BYOD use was unmonitored (either ignored by IT or unknown to IT).
So BYOD, whether you’ve implemented it or still on the fence or ruled it out, is here to stay and its use will likely only grow.
Benefits can include
Reduced IT capital spending
Increased productivity / program access
Improved morale/talent attraction – this last one is a bit of stretch. I know I hated my company issued PC’s at my old company but I don’t think it would have stopped me accepting and liking my job.
SaaS based applications like ActionHRM Human Resource Management Solution (HRMS) are a perfect fit for BYOD as no data is stored on the device. Some data could be in cache but easily cleared or controlled.
Headaches / Challenges and Pitfalls of BYOD
- Increased range of devices to support / troubleshoot
- Requirement to manage subsidies / allowances
- Concern for employees about cost of purchase and reimbursement of usage costs
- Ownership of IP data e.g. when an employee leaves
- Data breach risk
- Loss of work life balance (no excuse for 24X7 access)
Pitfall’s 1-4 are fairly easy to resolve. But 5-7 listed above are real HR/IT and company risks. A recent survey in computer weekly in August 2013 found nearly half of the BYOD friendly firms had data breaches. The size and scope wasn’t disclosed but it certainly dimmed my enthusiasm although that said, I don’t think a non BYOD environment can eliminate the same risks. It was positive to hear that about 9/10 of affected firms will continue their BYOD policies. But it’s a clear example and warning of the additional risks and challenges BYOD pose if not properly managed, secured and reviewed.
To have a successful BYOD we recommend to:
Have a listed policy – what devices are supported / allowed, what happens when an employee starts or leaves, clearly define any allowances or subsidies provided to BYOD, state and provide training and acceptance on the access rights and rules both the employer and employee has on a BYOD data.
Establish minimum (and strong) security controls e.g. password strength, lockout, remote data wipe, etc.
Utilise technology to reduce the risk and improve administration e.g. Blackberry Secure Space, Enterproid, VM Ware MVP
Follow-up and review your BYOD policies and outcomes regularly. Get feedback to make you make the most of the BYOD opportunity while minimising risks.