Ministers in our new government are worrying about rather more prosaic technology issues than the big Whitehall IT contracts that attract all the headlines.
According to one government CTO, some new ministers who are being offered a standard-issue Blackberry for ministerial communications are complaining and asking why they cannot use an iPhone instead.
This is typical of a problem that many IT leaders increasingly have to face. Tech-savvy users – especially but not exclusively the younger generation of workers – are frustrated by a perceived functionality gap between their corporate IT and their personal technology. More and more often they are asking why they can’t just use their Macbook, or their iPhone, or their home laptop, instead of the locked-down, strictly controlled environment usually beloved of IT departments.
It’s a question that is being raised ever-more frequently – at almost every gathering of IT leaders I have attended lately, the topic comes up in one form or another.
Last week, Computer Weekly co-hosted a roundtable debate in association with 360IT – The IT infrastructure event, and gathered a group of senior private and public sector CIOs to share their experiences of this topic – one of whom slipped in the revelation about ministers.
The debate was conducted under the Chatham House rule which forbids me from identifying any of the participants, but there were a number of important points that came out of the discussion that are worth highlighting here.
“It’s our problem to solve”
There is a cultural issue for IT departments to overcome in dealing with the demands of users to be able to use or choose their own portable IT such as laptops and mobile devices. Some delegates at our event were eager to list the reasons why it cannot be done – in particular security and data protection. But others – in particular those who have started to tackle the issue in their organisations – were more pragmatic and realised they have to find a solution, and not simply highlight the problems.
“We have kidded ourselves that the perimeter is a defence mechanism – it isn’t,” said one IT leader from a major multinational manufacturer.
Smart CIOs are realising they need a different approach, and that the use of users’ own devices inside and outside the corporate firewall is inevitable.
For example, another of the Whitehall IT managers present said that the CIO at the government department he works for ultimately wants all its civil servants to use their own mobile phones and to eliminate desktop phones completely.
As applications become web-enabled, there is less need to store data locally on mobile devices, so the use of smartphones as user access devices starts to become feasible.
The multinational manufacturer’s IT leader quoted above talked about a project in his firm to equip staff in Eastern Europe with their own equipment, offering them £300 towards the purchase of whatever they want to use. He said it is easier to prove the concept with a workforce less indoctrinated to the status quo. “Nearer to the centre of big corporations, the harder it becomes and the resistance [to change] is greater,” he said.
But he pointed out that the data protection issues can be overcome by a different approach to the problem: “You need to segment users between those who need the data security of, for example, a Blackberry, and those who need less security with an iPhone.”
As part of the massive public sector cost cuts that are already underway and are likely to increase, Whitehall IT staff are being asked to look at ways of increasing flexible working – and so reduce the amount of office space required.
Again protection of sensitive data is an issue, but the government is pursuing a policy of greater openness, and information once considered secret is being made publicly available.
“What are the Crown Jewels in our data? What do we actually need to protect? Is it really all sacrosanct?” asked the government CTO.
In The Netherlands, workers are eligible for tax breaks if they purchase their own mobile phones for business use – an offer that has been taken up enthusiastically, and led IT departments to give serious consideration to how best to respond.
“The business case needs to be made – but it is likely to be impressive,” said one delegate.
“HR will be the minefield we have to walk through”
Once that business case has been made, finance directors are likely to want to pursue the cost benefits – but delegates agreed that the key to success in introducing “bring your own (BYO)” IT policies will be the HR issues.
If companies offer to subsidise the purchase of kit, there is an administrative overhead – as well as checks needed to ensure that people are buying what they say they are buying, and not over-claiming for less functional devices.
There are also force majeure issues such as dealing with broadband performance problems – if everyone worked from home on a Friday afternoon, watch how quickly bandwidth would degrade.
But those who have already explored these issues said a similar approach to that adopted for company cars should work, supported by suitable employment contracts.
Staff who receive a car allowance instead of a company car are expected to ensure the vehicle they buy is fit for purpose. If they work from home and drive to the office, traffic jams are not an excuse for not working – they have to make up the time.
It’s the same for BYO technology. Equipment has to meet minimum standards and staff have to accept the use of approved security tools, such as remote wipe software if a device containing corporate data is lost. And if they have connectivity problems from home, they have to make up the time out-of-hours or make their way to the office.
“We will eventually have to give employees responsibility for their own ability to use and access IT, otherwise they will have to be in the office,” said one of the IT leaders.
But ultimately, it is not the technology that is the real problem.
“The most flexible device of all is also the biggest risk,” said one CIO. “It’s your mouth.”
But the rise of consumer technology in the workplace is not going away, and it is a challenge every IT leader will have to face – and soon.