BYOD — or bring your own device — is a buzzword that's sweeping IT departments. While on the whole it can be considered a good thing, as with most things in life there are pitfalls that both employers and employees need to bear in mind when embarking down this avenue.
By 2017, it is estimated that 50 percent of firms will demand that employees make use of BYOD. So if you think it's big now, just wait a few years.
But is BYOD right for you? Whether you are an employee, the employer, or the IT admin who has to keep everything working, there are potential pitfalls to BYOD that need careful consideration.
For companies, the issues that need to be addressed are many and varied, and generally revolve around the creation of a workable BYOD policy that needs to encompass a variety of topics ranging from security and support to who pays for what, to what happens if a device is confiscated or seized, and what happens when an employee is let go or fired (remember that it's not just the data on the device to worry about, but also any backups made of the device). Any company taking the BYOD route — large or small — needs to have a clear and easy-to-understand BYOD policy, a policy that everyone needs to be aware of.
Making BYOD policies up as you go along (or, worse still, taking an "organic" approach) is a recipe for disaster. Also, just allowing employees to bring in devices – for example, you might allow devices that support Exchange ActiveSync, or allow iOS or Android devices – is not the same as having a policy in place.
Think you're OK just winging it? Think again. If the likes of IBM can get burned, you can.
If you're an IT admin working for a BYOD-friendly company, then you already know about creating and enforcing policies. If you're an admin at a company that's currently keeping BYOD at arm's length, then chances are good that over the next few years, you're going to have to come to terms with people bringing their personal hardware to work with them.
You're also going to have to get comfortable tracking talk, text, and data usage in order to prevent misuse, bolster security, and keep costs at bay. Don't expect this sort of stuff to police itself because it won't, and things will degenerate into a mess in no time at all.
On top of this, you'll need to take the reigns over apps. This means pushing mandatory apps, blacklisting rogue apps, and possibly putting the brakes on timewaster apps. It might seem draconian, but it has to be done.
Finally, you have to get comfortable banning devices. Banned devices can range from jailbroken iOS devices, rooted Android devices, or even just obsolete hardware and operating systems. You have to set out very clearly what is and what isn't allowed, and you have to be able to communicate this to clearly to employees, and given them a heads-up about things such as devices that will become unsupported ahead of time to prevent disruption.