|Issue:||North America 2013|
|Topic:||Consumer IT in your business?|
|Organisation:||Hudson & Yorke|
Harry McDermott, Chief Executive and Co-Founder of Hudson & Yorke, has 25 years experience in the technology sector, 20 of which have been as a consultant and trusted advisor to senior IT decision-makers in large multinationals. Prior to launching Hudson & Yorke, Mr McDermott was a Director at Deloitte Consulting and a Director of Mason Group (now Analysys-Mason).
Harry McDermott is a graduate of Trinity College Dublin holding a postgraduate MBA and undergraduate degrees in Electronic Engineering and Mathematics. Mr McDermott was a multiple academic prizewinner, receiving awards for outstanding technical and business project work.
Business technology deals with business needs. Consumer technology is market-driven; it sways in the winds of consumer demand for the ‘thing’ of the moment. Consumer technology strives to please end-users with their choices. For IT user devices, the market is a Darwinian playing field - competiton to please the user is paramount and only the best survive. So it is no wonder that employees prefer their BYOD handsets and tablets - they are easier and more pleasing to work with.
The workplace has changed irrevocably in the last ten years. The influx of personal smartphones, laptops and tablets that connect to corporate resources creates is a huge challenge for companies to balance the demands of their employees and need to secure their company’s data. This consumer-led movement is transforming offices everywhere by perpetuating the idea that 21st century employees could and should work from anywhere, at anytime, outside of the traditional corporate structure and on their chosen device.
Many key industry analysts including Gartner and Forrester have already identified the consumerisation of IT and BYOD (bring your own device) as potentially the most disruptive IT trend of the past ten years, and enterprises that try to resist this trend may find that they lose out.
Consumerisation of IT is increasingly allowing employees to select and procure their own devices for use at work. Those in favour see it as a way of liberating their employees, increasing creativity and restoring work/life balance. Opponents however, believe it leads to inconsistency, manageability issues and information security risks. The truth is probably somewhere in the middle: many employees at all levels enjoy being able to use the latest consumer devices rather than traditional business supplied models, and the consumer devices deliver clear opportunities for improving collaboration.
Nevertheless, strong governance and recognition of potential problems are needed to ensure that benefits are not lost and IT leaders can maintain control. The challenge for IT is to be able to embrace consumerisation where it is appropriate, while at the same time minimising any business or security risks.
Mitigating the risks
Consumerisation is still a hot topic in IT departments and there are many questions that need to be addressed by organisations before attempting to embrace this trend. Organisations should develop a clear strategic approach covering security risk management, support management, device and data management, organisational policies, implementation planning and the expected business benefits of consumerisation.
Security remains one of the most important considerations for the use of mobile devices in enterprises. Regulated industries and public sector organisations cannot risk deploying services that could compromise data or breach compliance. If personally owned mobile devices are incorporated into an organisation, it may require employees to hand over control of sections of their devices to enable remote management, a remote wipe facility and segmentation of work and personal information to satisfy data security requirements.
The security risks of BYOD are acknowledged, as is the fact that they are increasing. For example, a report by GFI software recently found that the OpFake family of Trojans has become a major threat to mobile handsets. The virus disguises itself as a well-known application in order to dupe the owner into downloading it onto their device, paralysing the handset and making fraudulent calls to premium-rate numbers without the owner’s permission. As attacks of this kind become increasingly commonplace, IT departments and users need to alert and educate themselves to these risks in order to keep the danger of revenue or data loss under control. In North America, according to ISACA (Information Systems Audit and Control Association), 36 per cent of IT professionals believe that increasing risk awareness among employees is the most important action an enterprise can take to improve IT risk management,. Although mobile malware is a relatively new frontier for cyber criminals, it is rapidly catching up in terms of sophistication.
Compared with traditional corporate hardware resources, employee-owned devices are more prone to theft and loss because of their value, size and portability. Tracking and wiping sensitive corporate data off stolen or lost personal devices can be a major headache for many organisations that lack the resources to properly implement such policies. A survey by Ponemone & Websense in 2012 found that out of 4,620 US companies, half had experienced a data breach due to insecure devices. Organisations may also be subject to fines or heavy penalties in the event of data breaches. Given device heterogeneity and the increased risk of loss and theft with personal devices, the cost of remaining compliant, addressing risk and establishing proper governance can seem daunting at first.
Understanding the benefits
Yet despite these obvious challenges, the benefits afforded by BYOD can make it worth proactively pursuing. With the correct infrastructure and IT expertise, support staff within an organisation can acquire the appropriate skills to manage this new environment. After all, the consumerisation of IT is increasing and almost impossible to stop. For example, US-based software company Enterasys found in a recent survey that 74 per cent of enterprises already allow some kind of BYOD usage and in a 2012 survey conducted across North America, Japan, Germany and the UK, security company Checkpoint found that 89 per cent of full-time employed professionals already have devices that connect to a corporate network. This percentage will only grow as tablets are increasingly able to perform a wider range of PC-like functions, thus extending their usefulness beyond just emails and attachments.
The BYOD trend is changing how business gets done, and changing the way employees communicate with customers and partners to improve reach, engagement and intimacy. Consumerisation of IT is also changing how employees work and collaborate internally through new consumer applications.
A major driver is the productivity advantage resulting from improved employee satisfaction and mobility, as well as the cost reduction in technology adoption. BYOD lets employees respond instantly to work requests outside of working hours, work from whatever location they wish and use a device of their choice. BYOD supports a more technology-savvy workforce that prefers to use the tools and technologies native to their work and life preferences. The level of expectation for cutting-edge technology is high among today’s employees.
The savvy workforce, familiar with consumer technology, is often more productive using his or her own devices and technology to integrate into the corporate environment. When new corporate applications and technologies are deployed, the employee learning curve is shortened using BYOD. BYOD also results in savings when employees are willing to bear the cost of maintaining and upgrading the device they use for work.
Why not BYOD?
BYOD helps enterprises remain agile. It is impossible to keep up with all the advances in technology and predict which will best serve the corporate environment. Yet by keeping a pulse on the consumer market, IT leaders can ready themselves and adapt to it more quickly. Taking a proactive approach to using BYOD could help improve employee satisfaction, by providing the flexibility and ease-of-use that personal devices offer.
Organisations should treat BYOD as an opportunity to address employee desires and expectations, but take care not to compromise their business requirements and security. BYOD can help improve employee productivity and collaboration, deliver cost savings, reduce IT support for employee-owned devices and improve employee satisfaction by simplifying technology requirements. These rewards are easily achievable by implementing BYOD programmes that follow best practice guidance.