BYOD: Can it make the IT department a hero again?

BYOD: Can it make the IT department a hero again?

Summary: The rise of BYOD is often seen as bad news for the IT department – but smart CIOs see it as an opportunity, not a threat.

Is bringing your own device to work a good thing for IT, and for your business?

The rise of consumerisation and bring your own device (BYOD) is sometimes seen as undermining the IT department — and not just because it means they lose the small amount of leverage they had over users ("Be nice when you call up the helpdesk or you'll be stuck with that antique laptop for another decade").

BYOD takes away the IT department's role as sole arbiter of desktop technology, and makes the job of keeping hold of enterprise data a little more difficult.

Instead of dealing with known, secured devices, IT suddenly has to create a new security model that is permeable enough to allow access to enterprise systems by a variety of devices, but smart enough to keep out hackers.

But all of this presupposes a narrow view of the IT department and CIO as merely gatekeepers. And it seems that many CIOs see BYOD as an opportunity rather than a threat to their kingdom.

When asked "Is the rise of BYOD a good thing for the status of the IT department and the CIO?" the TechRepublic CIO Jury of IT decision makers responded 'yes' by a margin of 10 to two, suggesting that CIOs are willing to embrace the benefits that consumerisation can bring for their organisation and the IT department.

Alan Bawden, commercial director at The JM Group, said: "Anything that improves the perception of the IT department as a service that benefits the organisation can only be a good thing. It's an excellent PR opportunity for the CIO and IT as a whole."

Kevin Leypoldt, IS director at Structural Integrity Associates, said it is important that IT be recast as an enabler. "It really does make a difference working with an employee trying to make them more efficient and mobile, instead of treating the employee as a threat and building walls or adding levels of security. It is not always easy, there are times that 'no' is the answer and the end user does not get what they want, but for the most part, yes, it is a good thing.

"It starts with trusting the end user, building policy that protects both the end user's freedoms and the organisation's data and systems, and moves IT to enabling both the employee and building systems that balance access with security."

"It starts with trusting the end user, building policy that protects both the end user's freedoms and the organisation's data and systems" — Kevin Leypoldt

Similarly, Matthew Metcalfe, director of information systems at Northwest Exterminating, said consumer devices in the office is a way of bringing IT and business together: "My group helps support the employees more on a personal level with BYOD devices. It certainly helps open channels of communication. That's useful when it comes time to address the issues BYOD brings to the enterprise."

For Tom Galbraith, director of IT at the US District Court, Southern District of Illinois,  BYOD can be a good or bad thing — depending on how CIO promotes the role of IT.

Galbraith argues that more and more systems and services falling outside of the strict control of the IT department has prompted a belief that the future IT department will be more like brokers of technology than keepers, developers or controllers. "Essentially, it is about truly understanding the smorgasbord of technology offerings in the marketplace and, more importantly, how those can effectively promote an organisation's strategy and performance. BYOD is simply one such technology course from the expanding buffet."

Broker of choice

IT must promote itself as the broker of choice for helping that employee get the most from the devices they bring into work, he said. "The functionality underlying all the hype of consumerised devices typically falls short without the help of IT, and if IT can market that message — and deliver on the promise — then the consumers/employees will have an organic desire to come to IT, and we can retain and further the overall value proposition we provide to the organisation."

As well as the feel-good factor, BYOD can also open up possibilities that the IT department alone couldn't explore, according to Kevin Quealy, director of information services and facilities at the Southern Baptist Conservatives of Virginia: "It can be hard for our department to recommend new equipment when we haven't been able to really test and know if it will actually help the employee. BYOD allows the employee to take the risk, determine what works for them, and then share that with others. We can still control the data such as email... we just allow employees to access it with various tools of their own."

Cost saver?

While many CIOs highlighted the potential upside of BYOD for the IT department, others warned that there are other impacts.

Brian Wells, associate VP of health technology and academic computing at Penn Medicine, said that BYOD is a good thing from a reputation perspective. However, "it does create extra cost for the IT department but may save the enterprise money overall via cost avoidance from purchasing more mobile devices".

And Kelly Bodway, VP of IT at Universal Lighting Technologies, cautioned that BYOD doesn't always cut costs. "The issue is really the protection of corporate data and the integrity of that information. BYOD also requires special tools to allow for the integration of employee devices that in many cases negates the perceived cost savings. So in the end the cost to the enterprise is really no different, but the employee perceived benefit is substantial."


Security was an issue raised by a number of tech chiefs. Rob Neil, head of business change and technology at Ashford Borough Council, said "It's a chance to show that IT and the CIO are concerned with helping users do their work instead of being viewed as putting barriers in the way of progress, whilst muttering 'security...' through gritted teeth."

And David Thomson, head of IT at Rice & Dore, said: "I think it's a good thing but I do not think that it frees the IT department to do other work. There will still be calls about how does this or that work and there will be an overhead in maintaining appropriate security solutions and monitoring compliance to policies."

David Wilson, IT manager at VectorCSP, said the big issue for BYOD is one of time management. "If all of our devices are the same, and I have control over their use, I can support them with a minimum of time and effort. The simple act of setting up email connectivity on unfamiliar devices eats up resources."

He added: "On the other hand, you can't release control absolutely to the users because the more powerful these devices become, the more accessibility they have to proprietary information. It's still a moving target."

Gavin Whatrup, group IT director at marketing services company Creston, said that as long as security is maintained, BYOD can be good for IT and the broader organisation: "The priority has to be the CIA — confidentiality, integrity and availability — of your data and systems. After that, equal doses of information, education, and careful management could produce a win-win for the organisation, and a gold star for IT."

This week's CIO Jury is:

Richard Storey, head of IT, Guy's and St Thomas' NHS Foundation Trust
Kevin Quealy, director of information services and facilities, Southern Baptist Conservatives of Virginia
Mike Roberts, IT director, The London Clinic
Kelly Bodway, VP of IT, Universal Lighting Technologies
Reji Mathew, IT director, Yankees Entertainment and Sports Network
Rob Neil, head of business change and technology, Ashford Borough Council
Brian Wells, associate VP, health technology and academic computing, Penn Medicine
David Thomson, head of IT, Rice & Dore
Matthew Metcalfe, director of information systems, Northwest Exterminating
David Wilson, IT manager, VectorCSP
Matthew Oakeley, CIO, Schroders
Kevin Leypoldt, IS director, Structural Integrity Associates

Want to be part of TechRepublic’s CIO Jury and have your say on the hot issues for IT decision-makers? If you are a CIO, CTO, IT director or equivalent at a large or small company, working in the private sector or in government, and you want to join TechRepublic’s CIO Jury pool, or you know an IT chief who should, then get in contact.

Either click the Contact link below or email me, steve dot ranger at techrepublic dot com, and send your name, title, company, location, and email address.

Topics: BYOD and the Consumerization of IT, Consumerization, Bring Your Own Device

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • *yawn*

    More buzzword worship. *yawn*.
  • BYOD seems like the biggest con job by users ever created

    Home users are not buying tablets as work tools, but rather as entertainment devices for their own personal use. Somehow they are convincing work places that it is ok to bring those devices to work and replacing their computers or whatever they use.

    I guess the "savings" can be estimated by having users pay for their work devices.

    At some point in the not so far distant future the tablet market will saturate and become a comodity market much like PCs are. Employees will stop seeing the value of dropping 500-900 dollars on a new model every year or replacing a device that broke while working and start looking towards their employers to covering that expense.

    When that happens employees will have succeeded in grooming the workplace into buying a personal home entertainment device and letting them bring it to work.
    • The cost of the hardware is minimal ...

      ... compared to the cost of infrastructure and liability that the "cheap" company will have. And that is ignoring all the security problems that BYOD bring.
      • yep,

        I agree, the security implications are extremely worrying to any business that is intent on keeping their computer data to themselves. A bit mind boggling that businesses take such a risk.
    • Re: con job by users

      Seeing your own users as the enemy ... there's your traditional corporate IT department mentality in a nutshell.
      • Seeing them as an enemy?

        Well now... Think about it. Who is the biggest threat to corporate Data? The people who have to have access to it. It's not about seeing them as the enemy. It's about protecting intellectual property. I wonder if the CEO would be happy to find out his company lost valuable data because the I.T. department wanted to be cool? This BYOD thing has to be looked at holistically. Senior management has to assess the risks, and decide if it's worth it. Personally If our CEO signs off on it I'm perfectly fine with it, But I'll be damned If I'm going to be the guy leading the charge.
      • Not quite

        @Ido17 I think of it as more of protecting those who don't know any better from making bad decisions. Any experienced expert in their own field knows the pitfalls of making inexperienced decisions. I wouldn't go to my family and make health, do complex taxes, design/build an extension to my home, or go hang gliding without consulting an expert first. The reason we hire professionals is because they are subject matter experts.

        People who just want to bring whatever device into a secured network environment may do so without knowing how best to secure proprietary information. I'm not saying that there aren't power users who could manage their own device properly, but the vast majority wouldn't know where to begin (present community excluded of course).
  • User ignorance

    The issue at my organization is that the user has the money to buy this "cool stuff" but they have no idea how to use it. Now I have to train them to use not only the corporate purchases but also every bit of tech they could afford. This in addition to the general tech support of all of these devices. From the head of the organization to anyone who answers a phone, I have to support their stuff. Burn out is coming.
  • Hero or goat?

    1. "That $300 laptop you bought does not have the specs to run the software you need. Oh, you bought it on eBay you say? So you can't return it, huh?

    2. I'm sorry you thought a $1000 tablet was a computer and could run your applications. I'm really sorry you have to spend your kid's college fund now to buy something that can do the job you need it to do.

    3. Yes, that injet printer you bought does cost a lot of money to refill. Maybe you can stop eating breakfast to pay for a new set of cartridges.

    4. Your failure to secure the information on your machine not only means you are getting fired, but the company will probably sue you on top of that! Sux to be you, pal!

    5. I really feel bad that your cell phone bill was $1200 last month. Did you really think that 1 GB data cap was enough to work on all day when you are using cloud storage and apps?

    6. I understand that opening a support ticket with the company you bought your hardware from is expensive, but I've never seen that device before and can't really help you all that much.
  • Such BS

    I think "BYOD" and "Cloud" were invented by baby face IT bloggers (so called) that dont have any real experience in more than a small company. You can tell by the way they describe IT departments.

    Do you really believe departments have god complexes? The fact is they have a job and a budget. They get their arsessss chewed off when things go bad.

    The younger generation coming into the work force demands, or tries to that they allowed to be able to do what they want.

    The fact is you were hired to do something other than IT. Marketing, accounting, HR, etc. You should be given the tools to do your job. A computer, tablet, smartphone maybe some of those tools.

    BYOD sounds great in a blog post and I am all for it, provided that the company allowing such things backs up IT in many ways.

    First a budget to get all internal applications converted to https interfaces so the BYOD computers/devices SSL tunnel to their application servers.....because putting just any device on the same network as the DATA is just stupid for MANY reasons. This is already happening for email and in some cases web portals. (Exchange Active Sync etc).

    Second allow IT to tell Mr. or Mrs. BYOD...."If you cant get to https://companyappserver then take your device to the geek squad". There is simply NO WAY to support everyones MESS.

    I have been asked to help someone in a department with some pet project because they had enough clout to make my life horrible. There have been a few times where via something like WebEx I remote control a PC of a sales person THAT WORKS FOR ANOTHER COMPANY, so I can fix some issue they have on their JACKED UP pc so they can pitch us some product.....because their IT department is to busy.
  • Interesting Article

    This is an interesting perspective.

    Check out how we have been helping organisations adopt BYOD initiatives.