Member Article

The case for BYOD

Garry Sheriff, managing director of data centre experts ITPS, explains the case for Bring Your own Device.

The rise in popularity of ‘bring your own device’ (BYOD), where staff use their own laptops, tablets and smartphones to access company data and applications, saw it become the new normal for many workplaces last year, and industry experts Garner predict there will be twice as many employee rather than employer-owned devices in use by 2018.

Alongside cloud services, BYOD is one of the most radical shifts in the IT world since PCs landed on our desks. It illustrates the consumerisation of IT, giving people what they want how, when and where they need it but concerns around security and employee privacy still present a challenge for businesses as they seek to balance the benefits with the risks.

BYOD can see productivity rise as people have the ability to deal with things immediately rather than waiting until they are back at their desks, and can lead to lowered hardware and support costs. It can even boost morale, as staff are given more choice over how and when they work.

The challenge for businesses is to create integrated and easy to manage systems architecture that supports multiple operating systems across fixed and mobile IT, and keeps up with employee preferences for certain tablets and mobiles. That means IT managers working alongside HR, operations and other teams to address the issues and embrace the change.

Understand the risk

The most important factor in successful implementation is that the company and individual users understand the risks, responsibilities and obligations involved, which should start with a wide-ranging review of how BYOD would be implemented and used.

Security and management

Security of applications and data is the biggest issue for businesses trying to balance accessibility with security. A typical scenario might see sensitive company data stored in a secure or encrypted container on the device, allowing the company access to the information without the legal and data protection implications of having visibility of the personal data held on the device.

At the core of BYOD should sit a Mobile Device Management system that allows the business to analyse, audit, log and control access for all devices joining the network. This needs permission levels agreeing for access to network resources, along with procedures for how devices will be added to the network and how restriction of any less secure devices will be handled.

Soft issues

Alongside connectivity security there are soft issues to take into account, one of which is situation awareness, for instance you often see someone on a train switching between work and personal content on their laptop, in full view of fellow passengers. We are all used to having anytime, anywhere access and flipping back and forth between home and work mode, and you may need to carry out some staff training to support a shift in thinking and encourage staff to become more mindful of which mode they are in.

Other issues include defining responsibility for any illegal or offensive material stored on the device, and who is liable if it is used on the company network. People change jobs and devices can be lost or stolen, so for optimal security the company should have the capability to remote wipe the device. This is essential from a data security perspective but has implications for the users too.

ICT infrastructure

Many of the businesses we work with have found switching to virtualised IT infrastructures has put them ahead of the race by giving them a ready-made platform for BYOD, with a secure common environment for PCs, tablets and smartphones, and policies in place for controlling data access and storage. That is not to say non-virtualised environments cannot equally successfully implement BYOD, but there is no doubt that the two approaches bring combined and immediate bottom line benefits.

BYOD is a big step for any enterprise. Our advice is to tread carefully and choose an IT partner experienced in working alongside organisations of all sizes, helping them to decide how they can implement BYOD without compromising the business.

This was posted in Bdaily's Members' News section by ITPS Ltd .