Do you use your own iPad or phone at work? If so, you are part of the growing trend of people who BYOD. That’s Bring Your Own Device – and it’s a trend that is affecting all industries.
The problem is that corporate budgets can’t keep up with the shifts in technology. We issue everyone with iPads, and then the iPad 2 comes out. Phone models change more frequently than I cook a roast dinner. And if you work with IT developers or gadget-loving project team members, they probably have something in their handbags which is more up to date than what is available frm the corporate catalogue.
I talked to two experts about how the BYOD is expanding, and how it affects project managers.
“BYOD has exploded over the last couple of years due to the constant release of new, trendy mobile devices on the market,” said Chris Smithee of Lancope. “From the iPhone to the iPad, consumers cannot get enough, and they are increasingly expecting their employers to allow them to bring these devices to the office and use them for business purposes.”
Chris pointed me in the direction of data from Aberdeen that shows 75% percent of companies currently allow employee-owned smartphones and/or tablets to be used at work.
“BYOD has moved from a concept to an integral part of IT strategy in just about every organization,” said Jonathan Dale, product marketing manager at Fiberlink. “The blocking of devices is clearly shifting to enabling them.” This is backed up by research by Gartner that shows that about a third of companies offer technical support for devices owned by employees.
This explosion means there is also a high possibility that you or your project team are accessing project-related information from your own personal devices, and that brings a potential security risk.
The problem of security
“Securing corporate data is by far the biggest challenge and concern for organizations,” Jonathan said. “A growing concern is about end user privacy as it relates to seeing personally identifiable information on these devices such as applications a user has installed and any location based information.”
92% of people in a Fiberlink survey (last slide) said that securing corporate data on employees’ personal devices was their biggest concern. “To compound the issue, mobile users are frequently circumventing corporate security policies and measures to obtain convenient access to business applications on whichever device they desire,” said Chris. “According to the Cisco Connected World Technology Report, 7 out of 10 employees admit to breaking security policies with varying regularity.” Three out of five employees believe they are not responsible for protecting corporate information and devices.
That’s scary, and I hope it isn’t you and your team who have contributed to these figures.
And that’s not the only problem…
BYOD has other challenges too. In fact, it’s a technology nightmare for administrators. Companies are struggling with:
- limited knowledge of each type of device, and operating system that wants access to the network.
- limited control over device security because it is the employee who has admin rights and who can add or remove programmes and data.
- incomplete information about who owns the device – is it the employee, or is a family member, or have departments bought their own pool devices for team use?
- lack of visibility into what the device is doing – can you monitor it, and how does this monitoring fall within the law when there are also personal emails and transactions happening on the same device?
- lack of visibility about what confidential corporate and project data is on the device and where this is going.
“This leaves administrators struggling with the decision to either provide the business and employees with the resources they are asking for, or to provide a secure, locked-down environment,” said Chris.
What it means for projects
“With new, high-profile attacks in the media nearly every week, now is the time for enterprises to re-evaluate and strengthen their mobile security strategies,” said Chris. That means more projects: either implementing mobile device management solutions or putting in place policies and education programmes for employees.
There is also work to do setting up software libraries that list the software applications employees are authorised to download on to their personal devices, such as project management apps. Then there is the long term support of these devices. Does you helpdesk know how to respond when someone rings up with a query about their own personal hardware? Given that 56% of companies don’t reimburse employees for their own kit, why should the helpdesk give them any support? Gartner, however, is predicting that 90 percent of organizations will support corporate applications on personal devices by 2014, so as the trend increases you better have projects in place to implement these new ways of working in a secure and supportable way.
Do you use your own device at work and if so, is there a company policy you had to sign up to? If this hasn’t happened yet all the signs show that it soon will!