This is the first post in a series highlighting BYOD, taking a look at what concerns and proc
edures organizations need to evaluate as they embrace devices in the workplace.
While Bring Your Own Device (BYOD) remains controversial in some domains, like government, healthcare, and others especially sensitive to security concerns, there’s little real doubt that BYOD will become the dominant device-provisioning strategy in most organizations everywhere.
Properly implemented, BYOD is a win-win – staff members get to use the devices they know and love for both personal and work-related activities, and organizations avoid paying for devices that users often dislike. Monthly carrier service charges can also be split, so the cost savings are potentially enormous.
But those savings can quickly evaporate if labor-intensive support costs get out of control. And one key to reining these in is to limit the range of device options available to users.
BYOD, then, doesn’t mean Bring Any Device – because that would be BAD.
The range of potential device/mobile-operating-system pairs is vast, and paring down (so to speak) the list of available choices enables support staff to ignore the less popular options and their inherent risks.
So let’s start with the truly-popular options, which today are primarily iOS-based Apple devices and a potentially very-broad range of Android devices. Organizations may want to extend the theme we’ve introduced here via limiting the range of Android device options to a few of the most popular models.
But even more importantly in the case of both iOS and Android is to restrict the number of OS revisions allowed. With each new release, mobile operating systems often fix irksome bugs, improve security, and add management features that aid both users and operations staffs alike. De-listing older releases, forcing users to upgrade to a newer supported release, and even abandoning older devices that might not work with the latest OS releases, are all important and valid policies that any organization embracing BYOD should adopt.
Some allowance, of course, must be made for guest access, which is a special and very restricted case of BYOD. But any user expecting access to organizational IT resources should understand that a limited range of options is in everyone’s best interest – security and integrity, after all, enhance availability and thus ultimately productivity, the reason we have IT in the first place.
Of course, supporting restricted subsets of Android and iOS alone is likely to prove insufficient – Windows (and there’s a new major release, Windows 10, on the horizon here) and Mac OS X are almost certainly required, and BlackBerry OS and perhaps a flavor of Windows Mobile might also be desirable in a small number of mostly-legacy cases. We also expect that a version or two of Linux on end-user devices will become very popular over time. But the same rules apply: limited options, required upgrades and eventual obsolescence as required.
Yes, there will be pushback from at least a few end-users from time to time, but be firm: the potential security, integrity and support-cost pitfalls that accompany a bring-any-device strategy aren’t worth the risk.
Yes, BYOD is today essential, but failure to manage device choices practically guarantees a BAD outcome.