What is BYOD?
We explain what Bring Your Own Device means and how to implement a successful company strategy
Due to the consumerisation of IT, employees nowadays have a thirst for the latest high-end technology, and many have taken to using their own devices for carrying out work tasks, be it checking emails, filling in spreadsheets or keeping in touch with co-workers.
Navigating the disruption of work
The five major accelerations happening right nowDownload now
BYOD has also been fuelled by the growth of apps. There's now an app for practically everything; Slack and Microsoft Teams lets employees stay more connected than ever before, and the likes of Google Drive and Office mobile apps give staff the tools they need for working on the go using any device they choose.
While the growth of BYOD has gone arm-in-arm with the agile working and hot desking practices that have been booming in recent years, 2020's coronavirus pandemic has put it in the spotlight as never before. With countless employees finding themselves enrolled in a grand remote working experiment with very little warning, the many whose employers have been unable to provide alternative hardware on short notice will have had no choice but to use their own devices for work.
BYOD offers numerous benefits for employers and employees alike, but there are risks associated with the practice too. The chief among them, as you might guess, is security. Just because your employee is using the latest MacBook, for example, that doesn't guarantee that it will be secure against all threats. When it comes to BYOD, a single compromised device has the potential to open your corporate network up to damaging malware.
The benefits of BYOD
The most obvious benefits of BYOD include increased productivity and lower IT costs.
Employees who are able to choose their own device for work, whether that's a smartphone, tablet or computer are more motivated and that means they're more productive.
IT departments don't need to stump up the cash for new equipment or software licenses and employees are more likely to look after their equipment if it's their personal device too, so maintenance and repair costs will be lower.
Additionally, technology chosen by employees is likely to be more up to date than IT departments can offer everyone, which means they'll often feature faster processors, more advanced security such as fingerprint readers and can be used alongside the latest iterations of apps and software to ensure workers have the resources they need at all times.
In 2020, BYOD will have proven a boon to companies that have had to adopt mass remote working. While adoption of laptops has increased in recent years, not every employee in every organisation is equipped with one. When lockdown began, it may have taken time to kit workers out with suitable devices – assuming the organisation had the resources to do so. BYOD will have served as a great stopgap in some cases – in others, it will have become a new normal that has allowed businesses to continue operating with relative continuity over the long term.
The challenges of BYOD
What is probably the main challenge of a BYOD policy is the lack of homogeneity across staff devices. This means that IT departments might struggle with managing enterprise hardware, as some applications required to ensure the security and smooth operations of the business may not be compatible with different versions of operating systems. For example, some employees may prefer macOS over Windows, while others will opt for Android instead of iOS, making their unification more difficult than if everyone was provided with the exact same device and model.
This might also lead to increased IT support expenses, as instead of using one type of resource for all enterprise hardware, the IT department will be forced to source it from a few different providers. A good way to try to minimise this, according to GCHQ, is to provide employees with some limitations on the choice of hardware, such as a list of free or subsidised devices which they will be able to choose from.
Another significant challenge of a BYOD policy is maintaining the business’ cyber security posture. Unfortunately, this means that IT departments should be on the lookout for potential threats as well as gaps in the company’s MDM (mobile device management) policies. In order to ensure that device freedom doesn’t result in a company data breach, staff should be made aware of the potential threats of using a personal device at work, as well as educated on best security practices.
One nightmare scenario could involve an employee bringing in a virus-ridden device into the office and connecting it to the company’s network, potentially infecting other devices with malware.
BYOD is a security trade-off that must be weighed up and can put an extra burden on the IT department, which in turn could reduce productivity gains experienced by employees from other departments.
Key considerations before implementing a BYOD policy
Before you make the jump to BYOD, it's important whenever possible to ensure you have the policies in place before you invite employees to start introducing their personal devices into the corporate environment.
- Having a list of devices your employees can and can't use. Although you should be as open as possible, do not permit devices with a poor security record. This may involve only permitting devices made by specific manufacturers or operating systems.
- Enforce a stringent security policy for all devices, whether that's only permitting certain passwords (they must include a combination of uppercase and lowercase letters, at least one number and a symbol for example).
- Invest in staff training so employees are aware of the risks if their device falls into the wrong hands.
- Register each and every device that is being used for work, whether that's a smartphone, outside tablet, laptop, or even smartwatch.
- Ensure your network can be locked down sufficiently to resist attacks and your infrastructure has the capacity to run BYOD.
- Define which applications are allowed to be installed on devices and which aren't, or at least which can be run on your corporate network.
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now