Ken Hess
Heather Clancy
Opening Statements
It's a smart and easy transition
Ken Hess: Almost everyone owns an advanced phone and a laptop, netbook or tablet, so why not allow employees to use those devices in corporate work environments? Bring your own device is a new strategy being used by or considered by corporate IT departments. It allows employees to use devices with which they're comfortable and at a lower overall expense to the employee's company. It's an intelligent change in the corporate landscape to lower the costs associated with acquiring, deploying and maintaining devices, to reduce the number of required support personnel, and to decrease the possibility of single vendor lock-in.
The transition from home user device to corporate user device is an easy one through the use of VPNs, corporate-sponsored anti-virus software and agent-based security compliance. User devices and corporate data will remain secure and stable. And, setting up a user's device a simple matter by using "client pull" automated setup scripts.
It's a management nightmare
Heather Clancy: There is one really good reason not to let employees use their own smartphone, notebook or tablet at work: It is a management nightmare.
For starters, there are inherent security and regulatory compliance risks. Even if you mandate certain products or technologies people can bring and use, it will be next to impossible to make sure everyone keeps their machines updated with the proper OS and application patches. Unless you have control.
Don’t expect to save money, either. Many businesses supporting BYOD expect employees to buy and support devices on their own dime. But infrastructure and security policies need to be rock-solid behind that. This takes investment and new IT management policies. Is your organization ready?
Be honest: Do you want someone telling you what you can and cannot do with your personal technology? BYOD seems like a great idea for productivity, until you try manage it.
The Rebuttal
Closing Statements
BYOD is an inevitable reality
Ken Hess
Companies must decrease overhead costs without sacrificing product and service quality. There's a tremendous cost layout made for end user devices, for software, and for support. One significant way to lower costs is to allow employees to bring their own devices (laptops, smart phones, tablets) to work and use them.
Mobile provisioning and management technologies which include carrier-supported mobile hypervisors will be as disruptive to devices as VMWare has been to the data center. Once the technologies become widely available, the deployments will follow because at the end of the day, enterprises are cheap and any cost-saving technology is going to be embraced. In fact, VMware and Verizon announced yesterday that they're teaming up on mobile virtualization technology to solve this problem for enterprises.
Win, lose or draw on the debate, BYOD is an inevitable reality.
Choose - not bring - your own device
Heather Clancy
Businesses should absolutely realize productivity benefits by outfitting their employees with the latest mobile technologies, including smartphones, tablets and notebooks. It makes sense for workers to have a say in selecting those products, because then they are more likely to use them.
Plus, your IT team might be turned on to features and applications that it might not otherwise have considered as a “business” application. But your organization is asking for a support and management nightmare, if it chooses to support every mobile technology owned by workers.
Security is just the tip of the iceberg. You’ll need to define policies for technical support, for software patch updates, for application distribution – pretty much everything your team is already responsible for doing. So, honestly, what is the
point of ceding ownership?
Rather than “bring your own device,” it should be “choose your own device.” That way, your IT organization will still have control.
Winner: Ken Hess
Lawrence Dignan
While Heather highlighted all the issues with bring your own device schemes, Ken had technologies that could cure those ills. The argument was very close, but in the end I went with Ken. BYOD will happen and it's quite possible that IT will have no choice but to play along.
In partnership with Ricoh Doc's final thoughts
DocDoc strongly agrees with Ken on this one. My employer now expects me to be available 24/7 and connected to my work no matter where I go or where I am. In exchange for that sort of servitude, I should at least get to pick my communications device of choice. The lines between home and work are extremely blurred these days, and it isn’t realistic to expect employees to be tethered to two separate devices. Sorry Heather, but Doc thinks you’ve overblown the security and other IT management issues – and by the way, how’s that Blackberry service working for you?
It’s true that BYOD has created some headaches for IT managers, but those are likely to be temporary. Where there is a need for enterprise software and hardware management, there is someone working on a solution. Doc is already aware of several enterprise-grade applications to help organizations securely manage a diverse mobile infrastructure. Plus, Doc is willing to bet that employees are more productive when they’re using a device of their choice, one that they are comfortable with and know how to use effectively. And today, productivity is the name of the game—we’re all doing three people’s jobs.
And let’s face it, does it really make sense for companies to standardize around a single platform anymore? That’s a recipe for disaster, as the recent Blackberry outages have shown. We strive for diversity in the workplace -- technology shouldn’t be any different. Mobile management has become part of the IT infrastructure, and it’s just something IT professionals are going to have to deal with. If you get the right enterprise tools then BYOD doesn’t have to be so scary. And by the way, Doc will give up his iPhone when my employer pries it from my cold, dead fingers. And I’m not going to carry two smartphones with me like so many poor saps have to do today. That’s absurd.
More from "The Great Debate"
The risk is high and maybe we could have a try by making a copy of some leasing/renting models used in company cars. When you have a car leased by your company you can select some models without no cost and if you want something better pay an extra. Int is case for the employee it would be cheaper and for the company it would be easier to control all these devices.
It's true that a company can only control a limited catalog of products but it's a way to be in the middle, cause no one want to carry two mobiles or an personal tablet and a company laptop as me
I personally carry one laptop and one phone, however my company allows me to get any phone on my dime, but they pay for the service, so I can swap my to whatever phone strikes my fancy. As far as the laptop I have laptop that makes it easy to swap out the hard drive, so I have a "work" hard drive that includes all the apps I use at work and all the security including active directory logins. And when I go home I shut it down and swap to my "home" hard drive without the restrictions of work. I keep the spare (work or home) drive in an an USB external case, so in case I just need files from either drive I can just can just plug it in. The swap operation takes about two minutes and that includes shut down and start up of the OS.
Great comment.
I just want to note that we use Blackberry Server Express for out BYOD Blackberry users and with the Balance policy policies it works very nicely, even nicer is the server, CAL are 100% free.
Balance allows you to pull back any data that is tagged as corporate so when employees leave you only need to pull back this data. No other solution is as clean at the moment.
Employee feedback the past few months the main concerns:
1. Lack of employee interest (our program is not subsidized)
2. Increased employee cost (international data usage)
3. Ongoing concerns over personal "space" and needing to adhere to corporate security
4. Limited to salary employees (bulk of mobile users are hourly / contractor)
5. Unable to use corporate WiFi due to long standing security policy
6. Not able to support every device users want
7. Remote erase /password enforcement
8. Need for extended warrenty (laptops)
9. No loaner if laptop / tablet breaks
At the end of this, it was a wash cost wise. Users want to use their own tech, but have no security and corporate to foot the whole bill. In that case we might as well stay corporate liable.
Employees who value separation of work / personal usage need to suck it up and carry two devices or accept restrictions. show more show less
Well, if you set it up with all the restrictions you mention in your message, no wonder it didn't work out. It looks like you/your company missed an opportunity...
Blame our HR / Law / Compliance departments who made the BYOD policy.
BYOD's main issues are related to compensation, compliance and privacy. The technology portion of it is very easy to enable.
But it's on it's way in our company, like it or not.
Build a corporate VM image with corporate Software rules and force all machines to use it, that way you have a standard. If you have an employee that uses a macbook, fine, they just access your work network through a VM, and sit on public wifi in their normal machine like you would treat a vendor or contractor.
I am a consultant and most customers prefer this method. Its on me to provide a machine, and if I have issues, they just reload the image on whatever I provide,
We provided those options (Both Citrix and VM View) and employee overwhelming hated them. While they provide consistency and controls the user experience is not as clean as native device functions. Your basically making your shiny new technology a dumb terminal.
Another downside is this all requires WiFi / internet connectivity. Once out of coverage / weak signal the functionality takes an even larger hit so your basically left with no option.
rare are the people that are working for a company that are out of any type of internet or Wifi connectivity.
Except that I'm for BYOD. I think it's a great idea.
You made a very logical and understandable argument. I'm just going to go with the flow of the premise as it stands, though. (IMHO, you are a bit 'more' correct).
And what's your point? Beyond the irrelevance?
you dont support it. You support the application. We do it easily, though it does require a NAC, but someone can pop their own system up of the network. our company just wont support the hardware unless it is a corporate system. If not, they are instructed to purchase 24-hr support when they buy their non-corporate system.
not sure what you mean by "real enterprises". My company is the leader in the industry for what we do. We deal with client data, we are a global company. in-house and remote users.
I wouldn't want to support just the app either. That would mean that app can run on 10 or 20 different devices, therefore having to figure out if the issue is actually with the app or the device and then a lot of research needs to be done on each device to determine that. Still ends up being a support nightmare.
If someone needs more than that, it can be provided by the employer.
I am all for personal choice but if I bought a device and gave my IT department control over it, the device would be hobbled so badly in the name of security that it would be unrecognizable.
I think consistency is king for Enterprise.
Just launching secure browser for internal websites only.
Everything is encrypted.
Still, you can allow bringing in devices *in addition* to having a company provided standard device to fall back on, *IF* you also enforce where people's data (incl. e-mail) can reside and how they access it.
So if a tech-savvy employee wants to bring in a Chromebook: great. But there's no support for it, e-mail is still Exchange (or whatever the company standard is) and all files still go on the company fileserver/sharepoint/cloud/whatever.
"*IF* you also enforce where people's data (incl. e-mail) can reside and how they access it."
So, you've really made a point in the direction of 'pipe-dream' to describe how it could be a reality. How should any IT department go about enforcing such rules on user purchased/owned equipment?
Providing support for those devices may be a small issue compared to user authentication/authorization on such a magnitude of possible user device whims.
Sorry, not reality. Not even a good idea.
our using Citrix and their UAG, we didnt have to lock down personal devices at all. so we dont have to manage them.
Take the non-profit where I work. The school equipment is generally old and so locked down that you can't install any of the software you need to do your job. Next thing you know, you're bringing in your own laptop to do work and you're syncing your email with your mobile device. Initially, there was some very weak resistance from IT (they knew the schools hardware was lousy) so as school servers got upgraded they started implementing things like Windows remote desktop protocol to connect to the school's official apps and file shares. Today, I am quite happy to use my Linux based netbook while connecting to the school's WiFi and maybe once or twice a month I find an actual need to connect to the Windows server via rdesktop (usually just to upload my lesson plans).
The reality is that this is 'reality' at my work place and it seems to cost IT very little.
-Sean Parsons
Especially the nanosecond security issues come up and, trust me, they will. And if you want your personal device on their network, you'd better comply in giving away control.
And why use your own device? It's their network and their job they want you to do. Let them spend for the gear THEY want to manage. Keep the line between personal and company gear. Eliminating it will ultimately make it all corporate, with your personal freedom to use your gear being diminished.
"Pipe dream" is the answer.
The technology is here today with several Mobile Application Management solutions.
Clearly, there are some environments (e.g., highly regulated or truly government "Secret" situations) where this may not work.
But really, the idea of carrying around two phones is so last year.
Actually if you value your privacy I strongly recommend a seperate device for your personal usage. We have had users already be suspended and one terminated due to conduct against the BYOD policy.
If my employer deems I need a mobile device, they should provide it.
but what if the company was base-lined on Windows devices and you are a graphic designer that feels more comfortable on a Mac. And while they will give you a windows laptop, they will let you use your Mac for your work if you want? what then?
I will always use the company notebook for work and I am glad to have it. They can do what they want with the notebook of theirs that they have assigned to me, the extra paranoid stuff they load works with the models they have chosen, the machine is a higher throughput unit than I would buy for myself, and I can do my work on it without any problems. I am not wearing out my own PC, and they will fix their own machine if it breaks, but probably not mine.
I say keep work and personal PC and phones separate in most cases. That has worked for me for 15 years. There are also IRS issues I think, as to what exactly a computer is used for and who may deduct the cost of it. An employee should not be asked to regularly use his/her own resources for work tasks unless the compensation/cost situation is extremely clear.
As for control, as a hardware application enginer, the work I do requires complete control and admin access because I need to load and remove sopftware and change configurations in the notebook, connecting its ports to unusual circuits in the lab and when traveling. Even so I always make sure the notebook is being updated by, receptive to, the things IT is pushing, etc. That is a responsibility.
That may be the missing piece, between one's own authority on one's own notebook, and the privlege level necessary to use the corporate notebook in a productive manner on an individual basis.
Personally, I'm for leaving the toys for playtime, and issuing tools to work with. That may not work as well for you.
Lets face it, majority of the people on this planet are tech noobs who don't even have a clue of what Windows Update is (I've met several
) and have never had the thought of updating their computer. With crime thirsty hackers growing fast in population today, having such user's device connected to your corporate network puts you and your classified data at big risk 
This is the first time we have seen top down demand for this type of freedom; the executive management are often the first to want to use their iPhones and iPads in lieu of the corporate issued Blackberry or Nokia device. I agree securing a user's personal notebook computer or home desktop machine is very difficult, but the IOS and Droids are actually easier to secure. One client we have has set limits by using Citrix to access corporate resources much as "tiderulz" opined earlier, and some limit the ability to store content locally. The real issue is how productive will the employee be with technology forced on them (not!) as opposed to technology they want to use, and are comfortable using. We have seen schools in Texas do a 180 this year; encouraging students to BYOT in all forms and mandating teachers provide content for those devices as opposed to banning use during school hours. Quizzes and polls are administered via IM, and content is made available for viewing on tablets and smartphones. For those students without a device of their own, the school has a pool of loaners. All on a secure network within the school building. Early reports are that both the students and the teachers are liking the change.
Security is good now and improving for this ecosystem. Management is also improving. I had the misfortune to leave my iPad on a plane, and wiped it remotely within 15 minutes of discovering the loss. No corporate documents were stored in the device, and all my credentials were erased in the wipe process. A painful lesson, but security was not the issue, just loss of a copy of my music library.
tremp
Join the conversation!
Debate Event Reminders
The Great Debate Newsletter
With the Great Debate newsletter, you get a front-row seat to every argument until the final gavel falls.
Upcoming Debate
-
Can PC makers survive in a post PC world?
May 29, 2012 | 7:00 AM PDT
Add to Calendar
Comments from the floor
Facebook Activity
NICE
RE: Great Debate: Bring your own device
Blame our HR / Law / Compliance departments who made the BYOD policy.
BYOD's main issues are related to compensation, compliance and privacy. The technology portion of it is very easy to enable.
RE: Great Debate: Bring your own device
Well, if you set it up with all the restrictions you mention in your message, no wonder it didn't work out. It looks like you/your company missed an opportunity...
RE: Great Debate: Bring your own device
RE: Great Debate: Bring your own device