Just about
everyone who has a smartphone wants to be able to bring it to work and use it
on the job.
And why not?
Employees
using their own smartphones would allow companies to enjoy all the same
benefits of a mobile workforce without spending their own money to purchase
these devices. Smaller companies are able to go mobile without making large
investments in devices and mobile services.
According
to Gartner, Inc., by 2017, 50 percent of employers will require employees to
supply their own mobile devices for the workplace. BYOD is becoming the
"new normal."
But ...
wait a minute. Half of all enterprises believe that BYOD represents a growing
problem for their organizations, according to a number of studies.
Although
BYOD can improve employee job satisfaction and productivity, it also can cause
a number of problems if not managed properly.
Support for personally owned devices is more
difficult than it is for company-supplied devices, the cost of managing mobile
devices can increase, and protecting corporate data and networks becomes more
difficult.
Research
conducted by the Aberdeen Group found that on average, an enterprise with 1,000
mobile devices spends an extra $170,000 per year when it allows BYOD. So it's
not that simple.
BYOD
requires a significant portion of corporate IT resources dedicated to managing
and maintaining a large number of devices within the organization.
In the
past, companies tried to limit business smartphone use to a single platform.
This made it easier to keep track of each mobile device and to roll out
software upgrades or fixes because all employees were using the same devices
or, at the very least, the same operating system.
Today, the
mobile digital landscape is much more complicated, with a variety of devices
and operating systems on the market that do not have well-developed tools for
administration and security.
Android has
80 percent of the worldwide smartphone market, but it is more difficult to use
for corporate work than Apple mobile devices using the iOS operating system.
1OS is considered a closed system and runs only on a limited number of
different Apple mobile devices. ln contrast, Android's fragmentation makes it
more difficult and costly for corporate IT to manage. There are about 25,000
different models of Android-based devices available around the world, according
to a report by
OpenSignal, which researches wireless networks and
devices. Android's huge consumer market share attracts many hackers. Android is
also vulnerable because it has an open source architecture and comes in
multiple versions.
If employees are allowed to work with more than
one type of mobile device and operating system, companies need an effective
way to keep track of all the devices employees are using. To access company
information, the company's networks must be configured to receive connections
from that device. When employees make changes to their personal phone, such as
switching cellular carriers, changing their phone number, or buying a new
mobile device altogether, companies will need to quickly and flexibly ensure
that their employees are still able to remain productive. Firms need a system
that keeps track of which devices employees are using, where the device is
located, whether it is being used, and what software it is equipped with. For
unprepared companies, keeping track of who gets access to what data could be a
nightmare.
With the large variety of phones and operating
systems available, providing adequate technical support for every employee
could be difficult. When employees are not able to access critical data or
encounter other problems with their mobile devices, they will need assistance
from the information systems department Companies that rely on desktop
computers tend to have many of the same computers with the same specs and
operating systems, making tech support that much easier. Mobility introduces a
new layer of variety and complexity to tech support that companies need to be
prepared to handle.
There are
significant concerns with securing company information accessed with mobile
devices. If a device is stolen or compromised, companies need ways to ensure
that sensitive or confidential information isn't freely available to anyone.
Mobility puts assets and data at greater risk than if they were only located
within company walls and on company machines. Marble Security Labs analyzed 1.2
million Android and iOS apps and found that the consumer apps on mobile devices
did not adequately protect business information. Companies often use
technologies that allow them to wipe data from devices remotely or encrypt
data so that if the device is stolen, it cannot be used. You'll find a
detailed discussion of mobile security issues in Chapter 8.
Management
at Michelin North America believes BYOD will make the business more flexible
and productive. Initially, all 4,000 mobile devices used by the company were
company-owned and obsolete, with a large number of traditional cell phones that
could only be used for voice transmission and messaging. Only 90 employees
were allowed access to e-mail on mobile devices, and fewer than 400 were
allowed access to calendars on these devices. Service costs were high, and the
business received little value from its mobility program. Management had
identified significant business benefits from increasing mobility in sales, customer
support, and operations.
ln
mid-2011, the company created a team composed of executives and
representatives from the IT, human resources, finance, and legal departments
as well as the business units to share in the development, rollout, and
management of a new mobile strategy for corporate-owned and personal mobile
devices. The team decided to transition the mobility business model from
corporate-owned to personal-liable.
According
to Gartner, Inc. consultants, about half of organizations with a formal BYOD
program compensate their employees for the amount of time they use their
personal devices on their jobs using stipends, reimbursements, or allowances.
Handling employee reimbursement for using personal devices for corpora the
purposes has proved to be one of the most problematic aspects of BYOD mobile
programs. Although most companies use expense reports or payroll stipends to
reimburse employees for BYOD, these methods have drawbacks. Expense reports are
an administrative burden for both the employee and the employer, and payroll
stipends can have tax consequences for both as well.
For some
companies, the best option is to make direct payments to wireless carriers to
reimburse employees for the expense they incur when they use their own wireless
devices for company business. The employer provides funds to the wireless
carrier, which then applies a credit to the employee's account. When the
employee's bill arrives, the employee pays the amount owed less the credit
amount that was funded by the employer.
Michelin
opted for a managed service from Cass Information Systems that enables the
company to make payments directly to wireless carriers. Cass Information
Systems is a leading provider of transportation, utility, waste, and telecom
expense management and related business intelligence services. A single
employee portal handles enrollment of
corporate
and BYOD devices and provides tracking and reporting of all ongoing mobile and
related inventory and expenses. The portal can automatically register
employees, verify user eligibility, ensure policy acknowledgment, and
distribute credits directly to employees' wireless accounts for the amount of
service they used for their jobs.
Since
implementing its version of BYOD, Michelin North America increased the number
of mobile-enabled employees to 7,000. Employee efficiency, productivity, and
satisfaction have improved from updating the mobile technology and functionality
available to employees and giving them choices in mobile devices and wireless
carrier plans,
The program
is cost-neutral. Michelin has obtained new vendor discounts across all wireless
vendors in the United States and Canada and has reduced the cost of deploying
each mobile device by more than 30 percent.
Iftekhar
Khan, IT director at Toronto's Chelsea Hotel, remains less sanguine. Me
believes BYOD might work for his company down the road but not in the immediate
future. Khan notes that the hospitality industry and many others still want employees
to use corporate-owned devices for any laptop, tablet, or smartphone requiring
access to the corporate network. His business has sensitive information and
needs that level of control. Although the hotel might possibly save money with
BYOD, it's ultimately all about productivity.
Management
at Rosendin Electric, a Silicon Valley, electrical contractor, worried that
BYOD would
Become a
big headache. Rosendin has thousands of employees and deploys hundreds of
smartphones, more than 400 iPads, and a few Microsoft Surface tablets. These
mobile devices have greatly enhanced the company's productivity by enabling
employees to order equipment and supplies on the spot at a job site or check
on-site to see whether ordered items have arrived. However, CIO Sam Lamonica
does not believe BYOD would work for this company. He worries employees would
be too careless using apps, cloud, and technology devices. (An Aruba Networks
study of 11,500 workers in 23 countries found that 60 percent share their work and
personal devices with others regularly, nearly 20 percent don't have passwords
on devices, and 31 percent have lost data due to misuse of a mobile device.)
Lamonica
feels more confident about equipping employees with company-owned devices
because they can be more easily managed and secured. Rosendin uses MobileIron
mobile device management (MDM) software for its smartphones and
tablets.
If a device
is lost or stolen, the MDM software is able to wipe the devices remotely.
Because MobileIron allows Rosendin to separate and isolate business apps and
data from personal apps and data, the company allows employees to use certain
consumer apps and store personal photos on company owned tablets. Rosendin has
found that employees of companies that are able to personalize company owned
iPads are more likely to treat them as prized possessions, and this has helped
lower the number of devices that become broken or lost. The company has the
right to wipe the devices if they are lost.
Rosendin's
mobile security is not iron-clad. An employee might be able to put company data
in
his or her
personal Dropbox account instead of
the
company-authorized Box account. However, MobileIron is able to encrypt data
before it gets into a Dropbox account, and this lowers the risk. With
company-owned and managed devices, Rosendin still benefits from volume
discounts from wireless carriers and does not have to do the extra work
involved in reimbursing employees when they use their own devices for work.
Sources
Ryan Patrick, "Is a BYOD Strategy Best for Business?"
IT World Canada, March 22, 2016; •5 BYOD
Management Case Studies," Sunviewsoftware.com, accessed May 5, 2016; Aruba
Networks, "Enterprise Security Threat Levei Directly Linked to User
Demograph1cs, Industry and Geography," OpenSignal,
which researches wireless networks and devices.
Business Wire, April 14, 2015; Alan F.,
"Open Signal: 24,093 Unique and Different Andrmd• Powered Devices Are
Available," Phonearena.com, August 5, 2015; Tom Kaneshige, "Why One
CIO Is Saying 'No' to BYOD," CIO,
,June 24,
2014, "CIO Meets Mobile Challenges Head-On," CIO, July 7, 2014; and
•cass BYOD, How Michelin Became a Mobile-First Enterprise," Cass
Information Systems Inc., 2014.