The world is increasingly mobile. 66% of traditional office employees work from home or outside the office at least one day a week.

Few people really want to use two smartphones and 70% of companies already support BYOD in some form. However, BYOD has not been implemented well in many companies.  If controls are too onerous, employees are reluctant to join a BYOD program due to privacy concerns.  Conversely where insufficient controls are in place, corporate data may be exposed.

Commonly, users download Office 365 apps to their personal devices and use them for work.  Office 365 data, like email, attachments and Teams, are then accessible on unmanaged apps on unmanaged devices.

The impact to your company is loss of control over data on personally owned devices.  No one can secure data in unmanaged apps on unmanaged devices.  This puts your company at risk of a breach.

At the other extreme, blocking BYOD completely or applying excessive security to personal devices will adversely impact culture and reduce the possible ROI for mobility.

 

The question for every CIO is: “to BYO or not to BYO?”

Balanced Policy

The starting point of a good BYO program is a balanced mobile policy, which represents the interests of the company stakeholders (IT, Security, Finance and HR) and the interests of the employees.

At a minimum, the policy should define the security standards, privacy guidelines and a set of operational parameters such as user profiles, security settings, device support, recommended apps and spend allowances. Most importantly, it should define the privacy protections for the employee and clearly state the areas where the company will not intrude on the employee’s privacy e.g. we will not track your location, we will not monitor your social media activity etc.

When designed properly, a balanced policy defines the rules of engagement between the employee and the company and can stand the test of time and inevitable changes in technology and even technology ownership

SECURITY

If employee-owned devices use Office 365 or are connected to the company’s email, wireless or storage infrastructure or other business applications, they must be secured and managed like other devices on the company network. IT needs to manage these devices and/or secure company information on these devices.

The good news is that MAM (Mobile App Management) technology has matured so IT can secure Office 365 apps and data without enrolling the employee’s device in MDM.

Likewise, Apple introduced the concept of “user enrolment” in iOS13, which is different to device enrolment.  These are two examples of technology breakthroughs that remove common points of tension between the employer and employee.

USER SUPPORT

Smartphones and tablets are typically purchased by employees on the weekend and brought to work on Monday — often with an expectation that the IT service desk can assist with enrolment, configuration, data transfer and support.  Unless the service desk is constantly investing in skills to support the full range of mobile devices, there may be a growing mismatch between user expectations and the service experience.

On the other hand, abdicating support to the user may compromise productivity.  It is important to provide enough hardware support to keep BYO users connected during work hours, including the ability to borrow a loan device when required.

Everyone has their own phone. They don’t want two. Support them with their device and assure them their privacy is protected.

CORPORATE PLAN OR PERSONAL PLAN?

BYOD implies that employees purchase their own hardware, reducing the employer’s CapEx. But does it also mean the mobile plan should also be purchased by the employee?

Not if you want to bring your OpEx down as well.  Opting for a corporate plan for BYO devices gives you a number of advantages: you can negotiate cheaper mobile rate plans without the traditional hardware subsidies factored in, and you still pay corporate rates rather than consumer rates.  You may also get other benefits that are not available to individual consumers.

Some clever employers provide their employees with the connection and an unlimited data plan and then collect a reimbursement from their employees to compensate for the plan and offset any fringe benefit liability.  This has the potential to become a great retention tool for employees who might be able to afford an unlimited plan at consumer rates.

 

 

“Meet us half-way”

With a balanced mobile policy, MDM and/or MAM technology your CIO is empowered to answer the BYO question and say “yes, meet us half-way.” You can use your personal device for work as long as you comply with our BYOD policy and we can secure company data on your device without intruding on your personal privacy.

Denis O’Shea

Denis founded Mobile Mentor in 2004 with a clear purpose – to empower people to achieve more with their technology. The technology is always changing but Denis’ purpose is the same and today most of Denis’s energy is helping clients to navigate the balance between security and employee experience.

Denis is really passionate about solutions that make an impact in healthcare, education and government. Since 2017, Denis has lived in the US, working with both public and private healthcare providers.