The acronym BYOD has recently gone viral in business circles. It refers to an unstoppable trend in the connected world -Bring Your Own Device – meaning that employees use their own personal electronic devices in the workplace.
It is theoretically a win-win practice, but one which raises many questions for business and particularly IT departments. While BYOD offers obvious benefits in terms of productivity and flexibility, the corresponding risks for IT security are in sharp contrast to its advantages.
How can we best take leverage this trend?
New Trend Brings Business Perks
The growth of BYOD is fueled by several trends: the current high penetration of computer devices, the hyper-connected Generation Y joining the work force and increased employee mobility, to name a few.
ThreatMetrix surveyed U.S. business managers and IT executives and found that 25% of employees in the departments studied brought their own devices to work. This trend is still gathering strength and can’t be ignored. In any event, it’s inevitable since mobile tools continue to blur the line between home and office.
Faced with these new realities, businesses are beginning to assess the benefits of BYOD:
– increased flexibility and responsiveness from employees who remain connected to work regardless of their location
– employees are more productive using their own familiar—and often faster—devices
– hardware savings since the purchase, maintenance, management, and accessories for these devices are gradually shifted to employees.
Express Energy Services has implemented a BYOD policy for its 2,000 employees. Before this, the cost of managing 1,700 devices had increased to $182,000 per month, or $2.2 million per year. After the new policy was in place, the company was able to reduce its costs to $120,000 per month. In return, the company adopted an equipment subsidy policy. Employees use a company allowance to purchase the equipment which best meets their needs.
This BYOD utopia does, however, have its limitations. This phenomenon brings new challenges to company leaders who must now manage their employee’s applications while protecting company data. These changes must therefore be implemented hand in hand with strict security policies.
Managing the Risks
The principal danger of BYOD is that it poses a threat to company data: when external connections are not controlled by IT, the risk of data leaks or infiltration becomes very real. Understanding the phenomenon leads to better management:
1. Identify BYOD risks to the company as well as to its customers
– Potential risks
– Potential solutions
2. Set up a dedicated BYOD adoption team within your company
, headed by the IT department and responsible for:
– preparing information on best IT practices
– defining the procedures to be used in the event that personal devices containing company data are lost or stolen.
3. Clearly define a company BYOD policy covering:
– the connecting of peripheral devices to the company network
– application control
– cloud storage security
– access rights allocation
– IT security and data leak prevention.
4. Communicate Clearly with Employees
All employees must understand their rights and responsibilities with regard to the BYOD policy. Employees must recognize and keep in mind the risks to the company and foster a spirit of collective responsibility.
At a time when the line between home and office is becoming very fuzzy, BYOD is proliferating and offers real opportunities for business. BYOD reduces costs and leads to rapid gains in employee productivity. However, it can’t be implemented without a plan and a clearly established strategy that is understood and accepted throughout the company.