Is the enterprise ready for BYOD?

For the longest time I have seen friends and colleagues carrying two phones, or a phone and a Blackberry, or two smartphones. Why?
This is the case because, like one of my former employers, in an effort to save money, provided users with devices that were only half enabled. To save money, some time back, many firms either turned off the voice capability of a Blackberry or simply provided employees with the least expensive phone available as an alternative. Like many of my cohorts, I too opted to carry my own device and paid for it fully.
With IT budgets continuing to decrease and users having to make due with less, many users are left wanting more from their insufficient IT tools. The cost of consumer devices continues to decrease, as functionality, power, and accessibilty increases. In the past, tech savvy users understood how to work around IT controls and use these tools in a business context. This is the backdrop to the adoption of Bring Your Own Device (BYOD) movement across the enterprise. The idea that many of us have better smartphones, better laptops, better tablets, and desktops than an employer would typically provide is driving the BYOD movement.
From an organization’s point of view, they are trading a capital expense for an operational expense and they are betting that the operational expense will be lower and that supporting all of these devices will pay off. But are they ready for the varied hardware platforms and applications that are housed on those systems? According to Gartner in The Impact of Mobile Devices on Enterprise Management, new application platforms and application delivery methods will require the IT organization to respond with new device management approaches.
As a first step toward BYOD, allowing employees to bring their mobile devices to work is a no-brainer. In fact, many organizations have plans in place with limited support. The organization will support the application needed to connect and pull down email for example, but not provide assistance for other consumer applications. But there is a down side to this model and clearly delineates the line on support: if, for example, I type in the wrong password three times, and the device locks, it is not as simple as calling the helpdesk to reset my password. To unlock it requires a full reset.
Resetting a smartphone is not very dramatic as it is backed up, typically, on a computer somewhere. The only loss is the time it takes to get the phone back. This is not the case with a laptop. How many of us back up our devices? Even if you have a Mac with Time Capsule, how many Mac users purchased a separate hard drive? Not many. And if there is no back up facility, then you just lost everything on that device. That is a significant hurdle.
What can organizations do to make their BYOD programs successful?
Do not just extend existing policies or existing security awareness programs to include policies to support employee purchased devices. To succeed organizations will need to reassess existing models to accommodate iPhone, Android, Linux, Macs, and tablets in addition to Blackberries and Windows desktops. Gartner suggests that most enterprises will likely need to adopt a layered approach that extends from loose management via written guidelines through tightly managed mobile environments depending on the end user constituency and related legal compliance and security risks.
What can users expect from their BYOD programs?

First, we will need to start using a password lock on our mobile devices. Also, the passwords will need to be as strong as those required in the enterprise, if not the same that is used in the enterprise. Count on these having to be reset every few months. The down side here is convenience. For me, I can no longer access data on the fly, I need to stop and enter my very long password before doing anything other than answering an incoming call or place an emergency call.
Second, your employer will have to find a way to manage these non-Windows. New best practices will need to be developed. Simply installing anti-virus and malware software on your system and down loading a VPN client and keeping OS patches current will not suffice. New ideas are needed, and changes in the management of end-user technology are needed, according to Gartner. The status quo is not an option.
More to come…stay tunned.
Let me know what your organization is doing with regard to BYOD.