It's a BYOD workplace party
Take the steps needed to ensure 'bring your own device' doesn't proliferate into 'bring your own disaster'
Linda White, Special to QMI Agency
According to a recent survey by market intelligence firm IDC Canada, 48% of Canadian consumers take their personal phone, tablet or laptop to the office and use it for work purposes. — Fotolia
As the trend towards BYOD becomes increasingly commonplace, IT professionals are urging companies to take the steps needed to ensure "bring your own device" doesn’t proliferate into "bring your own disaster."
“The No. 1 risk is security,” says Ahmed Etman, Cisco Canada's vice- president of borderless networks. “With the BYOD trend, you have more data with more people, more devices and more places … Organizations are waking up and recognizing that security is a big challenge.”
According to a recent survey by market intelligence firm IDC Canada, 48% of Canadian consumers take their personal phone, tablet or laptop to the office and use it for work purposes. “It’s definitely happening” and companies can no longer ignore the fact that it’s probably impacting them, says Krista Napier, senior analyst of mobility.
The advent of apps is just one example of how BYOD can pose security risks. Perhaps an employee is using consumer apps for business purposes without the proper licensing. “There are all kinds of ways that can cause complications,” says Napier.
But solutions exist, she says, pointing to Samsung KNOX as an example. “It allows you to segregate business content from personal content, which allows an organization to wipe the business content if they need to for security purposes without impacting the personal content.”
BYOD can open the door to countless other potential security breaches. Consider an employee who leaves the company with a personal device containing company applications and other data. What about ownership of a phone number? If a sales rep leaves the company for a competitor, customers calling his/her number could lead to a loss of business.
Those potential risks underscore the importance of defining and implementing a BYOD policy, says Darryl Wilson, director of enterprise mobility at Dimension Data Americas. “If an organization decides to implement BYOD, the employee must sign off on that policy. Not every employee will be able to accept that.” An organization must also be able to enforce the policy through such measures as network access control.
Education and health care have been leaders in adopting BYOD but it’s not a policy all companies will roll out across their entire organization. “It works really well in certain verticals, such as sales and marketing. You can use a BYOD tablet to showcase information with customers — the kind of information that would be publicly available anyway,” says Napier.
But employees dealing with very sensitive information — mergers and acquisitions, for instance — may be required to continue using corporate-issued devices because the organization wants to retain complete control over the information they use on that device.
In addition to security, an organization must consider how employees connect to its infrastructure to access the information they need. Will it be able to support all end users who together may be using dozens of different devices? “Defining the operational model is very important,” Wilson says.
When BYOD began to gain momentum, proponents often cited cost savings as a benefit because companies no longer needed to invest in a fleet of phones – though some cover the cost of their employees’ data plans or provide employees with an allowance.
More and more, most agree the biggest benefits are recruitment, retention and productivity, especially among the new generation of workers. “They want a single device that blurs the line between work and play,” says Wilson. As the trend matures, some companies are even creating their own mobile apps for some of their business functions.