Many headline IT trends are driven by organised marketing campaigns and backed by industry players with an agenda – standards initiatives, new consortia, developer ecosystems – and need a constant push, but others just seem to have a life of their own.
BYOD – bring your own device – is one such trend. There is no single group of vendors in partnership pushing the BYOD agenda; in fact most are desperately trying to hang onto its revolutionary coattails. They do this in the face of IT departments around the world who are desperately trying to hang on to some control.
BYOD is all about ‘power to the people’ – power to make consumer-led personal choices and this is very unsettling for IT departments that are tasked with keeping the organisations resources safe, secure and productive.
No wonder that according to Quocirca’s recent research from 700 interviews across Europe, over 23% only allow BYOD in exceptional circumstances, and a further 20% do not like it but feel powerless to prevent it. Even among those organisation that embrace BYOD, most still limit it to senior management.
This is typical of anyone faced by massive change; shock, denial, anger and confusion all come first and must be dealt with before understanding, acceptance and exploitation take over.
IT managers and CIOs have plenty to be shocked and confused about. On the one hand, they need to empower the business and avoid looking obstructive, but on the other, there is a duty to protect the organisation’s assets. Adding to the confusion, vendors from all product categories have been leaping on the popularity of the BYOD bandwagon and using it as a way to market their own products.
The real challenge is that many of the proposed ‘solutions’ perpetuate a myth about BYOD that is unfortunately inherent in its name, but also is damaging the approach taken to addressing the issues BYOD raises.
The reality is that this is not and should not be centred around the devices or who owns them, but on the enterprise use to which they are put.
The distinction is important for a number of reasons.
First, devices. There are a lot to choose from already today, with different operating systems, in different form factors – tablets, smartphones etc. – and there is no reason to think this is going to get any simpler. If anything, with wearable technologies such as smart bands, watches and glasses already appearing, the diversity of devices is going to become an even bigger challenge.
Next, users. What might have started as an ‘I want’ (or even an “I demand”) from a senior executive, soon becomes an ‘I would like’ from knowledge workers, who now appear to be the vanguard for BYOD requests. But this is only the start as the requirement moves right across the workforce. Different roles and job responsibilities will dictate that different BYOD management strategies will have to be put in place. Simply trying to manage devices (or control choices) will not be an option.
Those who appear to be embracing rather than trying to deny BYOD in their organisations understand this. Their traits are that they tend to recognise the need to treat both tablets and smartphones as part of the same BYOD strategy and they are already braced for the changes that will inevitably come about from advances in technology.
Most crucially, however, they recognise the importance of data.
Information security is the aspect of BYOD most likely to keep IT managers awake at night – it is a greater concern than managing the devices themselves or indeed the applications they run.
The fear of the impact of data security, however, seems to have created a ‘deer in the headlights’ reaction rather than galvanising IT into positive action. Hence the tendency to try to halt or deny BYOD in pretty much the same way that in the past many tried to stem the flow towards internet access, wireless networks and pretty much anything that opens up the ‘big box‘ that has historically surrounded an organisation’s digital assets.
Most organisations would do far better to realise that the big box approach is no longer valid, but that they can shrink the concept down to apply ‘little boxes’ or bubbles of control around their precious assets. This concept of containerisation or sandboxing is not new, but still has some way to go in terms of adoption and widespread understanding.
Creating a virtual separation between personal and work environments allows the individual employee to get the benefit of their own device preferences, and for the organisation to apply controls that are relevant and specific to the value and vulnerability of the data.
With the right policies in place this can be adapted to best-fit different device types and user profiles. Mobile enterprise management is still about managing little boxes, but virtual ones filled with data, not the shiny metal and plastic ones in the hands of users.
For more detailed information about getting to grips with BYOD, download our free report here