Mandatory 'bring your own device' on the horizon, Gartner predicts

Gartner predicts employees will be expected to provide their own mobile devices for work; foresees more back-end cloud infrastructure to support it. Their advice: keep it simple.

Organizations are no longer attempting to resist the bring-your-own-device (BYOD) tidal wave — they are embracing it. And, in short order, many will even make it a mandatory requirement that their employees have their own mobile devices they can use for work.

iPhone-2 CNET
Image: CNET

That's the word from Gartner, which just issued a prediction that 38 percent of companies expect to stop providing devices to workers by 2016. The consultancy foresees organizations even pulling back on reimbursements. Today, Gartner said, roughly half of BYOD programs provide a partial reimbursement, and full reimbursement for all costs will become rare. "Coupling the effect of mass market adoption with the steady declines in carrier fees, employers will gradually reduce their subsidies, and as the number of workers using mobile devices expands, those who receive no subsidy whatsoever will grow," Gartner predicts.

The key is to keep things as simple as possible, said Gartner analyst David Willis:

The enterprise should subsidize only the service plan on a smartphone. What happens if you buy a device for an employee, and they leave the job a month later? How are you going to settle up? Better to keep it simple. The employee owns the device, and the company helps to cover usage costs.

In a separate report, the consultancy predicts the rise of back-end cloud services (platform as a service) that will support mobile application development projects — creating some chaos in IT departments. In the next three years, Gartner said, 40 percent of mobile application development projects will leverage cloud back-end services, "causing development leaders to lose control of the pace and path of cloud adoption within their enterprises".

These cloud services — referred to by some as "mobile back end as a service" — provide back-end capabilities, such as user management, data storage, push notifications, social network integration, and even server-side code.

Conceivably, business users outside of IT will also begin using these services to develop their own apps — especially with the emergence of visual app builders and other forms of rapid mobile application development tools. It all sounds intriguing, but Gartner analysts are expressing concern about the data security implications of these services:

The programmer develops mobile applications using familiar storage programming mechanisms, and the cloud service acts as a black box that stores and retrieves the data as necessary. But as the use of cloud services by mobile applications grows, the challenge of governing the security and use of sensitive corporate data also grows. Left ungoverned, this results in the hidden movement of potentially sensitive data to the cloud, and the possibility of inadequate security.

The consultancy advocates stronger governance of this process, especially since non-IT types will increasingly be part of the mix. Such governance needs to occur at the organization level, beyond what any particular mobile application development platform offers. "Clear policies must be established and communicated to developers prior to the use of cloud mobile back-end services by applications that may access corporate or customer data," said Gartner's Gordon Van Huizen. "It is, therefore, necessary to extend awareness of the issues to the broader organization, as well as the organization's policies for cloud services, so that mobile applications built outside IT are subject to the same oversight and governance as those built within IT."

These issues echo the challenges — and questions — that arose with the advent of "Web 2.0", with the availability of enterprise mashups and other approaches that potentially enabled user-created front-end apps. It's in organizations' best interests to allow creativity and innovation to flourish, as this is what helps build new lines of business. At the same time, there has to be someone watching the back end to guard against security abuses.