BYOD: Bring your own device – or demise?

Nitin Bhas from Juniper research discusses the impact bring your own device (BYOD) polices are making on the enterprise

BYOD or "bring your own device" is the growing trend of consumers who are becoming accustomed to bringing their own mobile computing devices – such as smartphones and tablets – into the enterprise and accessing corporate assets. 

Depending on employee permissions, these assets can include internal company documentation (including sensitive financial data), work calendars, employee and client contact details and emails. This trend is itself building on the blurring line between business smartphones and consumer smartphones. This intrusion of the consumer device into the enterprise space can be problematic, to say the least.

The combination of increased data connectivity and the consequent need to be connected anywhere and everywhere has prompted a change in employee attitude towards their use of devices to access work-related documents (and of their employers to permit such access). A prime example here is employees checking their work emails on their mobile devices while waiting to pick up their kids from school. The fact that most services themselves are now cloud-based and thus accessible via multiple devices is another factor contributing towards this growing trend.

What is driving the BYOD trend?

The use of personal mobile devices to access work-related spreadsheets, emails, calendars and other files should depend on individual company policy – assuming the company in question has articulated such a policy. The number of consumers using personal devices at work is increasing by the day – surveys indicate that a significant proportion of employees are presently using their own mobile devices for both work and personal use.  

Several factors feed into this growing trend of BYOD – the development of the mobile device market and increased penetration (and usage) of mobile devices in general within the enterprise; wide network connectivity and always-on devices providing access to files and emails anywhere and everywhere; and, critically, the availability of a greater variety of mobile apps and solutions designed for the enterprise.

As the demand for ubiquitous enterprise mobility increases, the scale of this usage is only going to increase: consequently, according to our latest forecasts, the number of employee-owned smartphones and tablets used in the enterprise will more than double by 2014, reaching 350 million, compared to almost 150 million this year.

Download Juniper’s research on BYOD

In Juniper Research’s recently published report, Mobile Security Strategies: Threats, Solutions & Market Forecasts 2012-2017, the analyst house anticipates mobile security issues escalating as the BYOD trend highlights and exposes security loopholes.

Computer Weekly readers can download an exclusive version of the report here.

Security implications

The next question should be whether this is a win-win situation for the employees and employers? While this approach can bring productivity benefits to businesses, it also poses security risks. The threat from unprotected employee mobile devices is of significant importance: the potential for financial loss, legal liability and brand damage from unprotected devices is one of the most underestimated risks facing enterprises.

There are a number of issues and implications that need to be addressed and measures have to be taken via new device management policies and security measures. Enterprises need to be aware of the different activities on their employees’ mobile devices (including emails, files and documents stored and installed apps) and so a mobile device management platform will be the umbrella under which important security and management functions will fall, including policy management, strong authentication, data and device protection.

While most employees are happy to use their own device, most of those devices do not have any form of security or protection. So, while BYOD has become an inevitable trend for the enterprise, businesses need to create new end-user IT policies and address the key security issues emerging. New security measures along with device management policies need to be put in place. Are enterprises ready for this challenge? They have to be.

The impact of BYOD

There is an increasing number of employee-owned or consumer-owned devices in the enterprise. However, some public sector organisations and government organisations have been critical of adopting BYOD strategies. For example, the Ministry of Defence in the UK has ruled out any sort of bring your own device schemes as a matter of policy, due to the highly sensitive nature of the MOD's data.

However, this does not mean government organisations are completely averse to BYOD: local government councils have already allowed council employees to use their own devices at work. For example, Norfolk County Council in the UK is one of the latest council organisations to adopt BYOD in both schools and council offices as part of a new ICT strategy.

Juniper Research believes that, even though the public sector is largely reluctant to embrace BYOD, many of its organisations will ultimately be later, rather than non-adopters of the policy. So it is fair to say that, with technology advances and depending on the level of risk associated with each organisation, adoption of BYOD strategies will only continue to increase in both private and public sectors.

Read more on Security policy and user awareness