BYOD is the concept that employees (or students) will bring and use their own mobile devices (such as laptops, tablets, and smart phones) to their workplace (or college). These devices are used to access privileged company information and applications on the company's (or academic institute's) IT infrastructure; there is a challenge to balance the demand to be connected to everything with proper accountability or oversight to protect the company's (academic institute's) IT assets.
This webinar will analyse the demand for BYOD, driven by factors such as:
• Pervasive connectivity
• Globalisation
• Workforce Age profile and expectations
• Employee work life integration
• The growth in personal devices connected to web [consumerisation of IT]
• Change in our relationships with the outside world
• Impact on the porosity of the border between private life and work.
And how the balance can be struck between this demand for BYOD, and the need to protect IT assets.
This webinar was first hosted with the Warwick Technology Professional Network of the Warwick Business School wbs.ac.uk
Part of the University of Warwick, we have an international reputation for top quality education and research in management and business.
6. BYOD is happening
Every CIO is trying to understand how this trend impacts the organization
An
88%
Unstoppable
Shift
Globally, 88% of
executives report
employees are using
their personal
computing
technologies for
business purposes
today*
62%
Globally, 62% of
executives say they are
now have or are
planning to have a BYOD
program for
smartphones and
tablets*
3.3
Information workers wil
have 3.3 connected
devices in 2014 – up
18% from 2.8 in 2012^
6
6
* Gartner: Using Peer-to-Peer communities to Drive BYOD self-support; Aug 3, 2012
^ Cisco: The Everywhere Employee: Increase of Business Devices
7. Business users are making the choice in what devices, applications, and services they use to get their
work done
7
8. NEW USAGE MODELS IN THE NEW
WORKSPACE
Companion devices: In this usage model, people use tablets and smartphones
as companion devices to augment the functionality delivered by their primary
device, such as a PC. This is the category where the BYOD trend is most
prevalent.
Presentation devices: Particularly common in sales environments; for example
in retail, a sales assistant in a clothing store may use a tablet or a smartphone
to check if an item is in stock or to even photograph people in-store and
superimpose images of clothes on them to save them a trip to the fitting room.
Digital workflow devices: In paper-based workflows, we are seeing increasing
digitisation. To illustrate, nurses may have previously relied on clipboards to
keep track of medication records. In some hospitals they are now given tablets
to connect this process to the rest of the IT system, increasing efficiencies.
Context-aware devices: This future-orientated usage model is characterised
by the adoption of emerging technologies that have traditionally been used by
consumers in business class devices. For example, an estate agent might use an
augmented reality application to give prospective house buyers a tour of an
empty property to demonstrate a possible furniture layout or to show where the
nearest train stations and schools are located in relation to the property
9. WHAT ARE THE BENEFITS
• Cost savings – BYOD can shift the upfront cost of device purchases and connectivity to the users,
moving you from full service payments to a predictable monthly mobile allowance for your users.
• Enhance users’ experience, productivity and satisfaction – Let your users work on their preferred,
familiar personal devices (often superior to the corporate-liable counterpart) and carry less by
consolidating to a single device for work and personal use.
• Increase personal responsibility - BYOD leads users to be more aware of excessive usage and savvy
employees are more willing to troubleshoot their own devices as a first resort, before calling for IT
support.
• Speed up the rate of technology adoption - By allowing users to dictate technology choice, there is
more innovation throughout the organisation. This can lead to new ways of working
10. BYOD Top Priorities
Consumerization of IT is driving new devices and access requests
Companies need to address consumerization of IT and implications to BYOD
People expect to work on multiple devices and from anywhere
Companies need to provide access to applications and data from any device
IT to manage the devices in a cohesive manner, taking security into consideration
10
12. “Aberdeen Group found that a company with
1,000 mobile devices spends an extra
$170,000 per year, on average, when they use
a BYOD approach.” (CIO magazine, 27 August)
13. “Many of the 200 ANZ ICT decision makers
surveyed believe their business are at
increased risk because of BYOD programs
…only 37% felt they were well prepared for
it” (IT Wire, 20 Aug)
14. “47% of the large enterprises surveyed are
not expanding their BYOD
program…reasons for this include increased
cost, complexity, administrative overheads,
additional security concerns and a common
perception of immature solutions.” (ARN, 20
Aug)
15. “67% of IT Directors admitted that supporting the
CEO‟s latest toys is behind many current BYOD
agendas!”
UK Survey
16. “73% of IT Directors say BYOD will lead to
uncontrolled costs, not savings”
UK Survey
17. “69% of IT Directors say cost savings through
lower support costs are „non-existent‟ despite
the perception that personal devices will
reduce the workload of IT staff”
UK survey
18. “The use of personal devices continues to be
driven by employees rather than a defined
business strategy”
UK Survey
19. Top 5 Threats with BYOD
The deployment of a BYOD solution brings new challenges, one of the most critical
being security.
Category
Data Leakage
Threat ID
Threat Description
Data loss from lost, stolen or decommissioned devices
T2 (T#2 CSA)
Information stealing malware
T3 (RD1
ENISA)
Loss of corporate data due to unauthorized sharing of information, services or sharing of
devices
T4 (RD2
ENISA)
Device
Security
T1 (T#1 CSA)
Potential loss of corporate data as a result of access by unknown users and unmanaged
devices to enterprise networks
T5 (T#4 CSA)
Vulnerability in hardware, OS, application and third party apps.
Device compromise (malware attack, jailbreak).
20. Additional Considerations and Hurdles for BYOD
40%
of devices used to access business
applications are personal devices
Security
Privacy
New Types of
Apps
HR
Support
Data Retention
Systems
Management
Device theft &
Data Breach
Cost Savings
Usage Policies
Malware
Compliance
of identity theft is by Friends and family
27%
36%
33%
said they would try to get around an IT
policy that forbade them from using a
personal device at work.
higher costs for BYOD, on average, than
a company-owned policy - The
Aberdeen Group
22. Building a BYOD strategy
BYOD is gathering momentum and is a current issue for all
organisations
Not clear what the policies, security aspects, benefits and
infrastructure will look like.
A broad spectrum of approaches, each organisation must define
their own path to deal with a mixed-ownership mobile
environment.
Even if BYOD is not embraced, it needs to be dealt with
3 different approaches are proposed here to tackling BYOD:
– The liberal approach – Bring your own device
– The hybrid approach – Choose your own device
– The zero tolerance approach – Get what you’re given
23. The Liberal Approach- Actual BYOD
Let staff buy the device and pay for the contract. Employees will
– buy the device of their choice
– own the SIM and the number
– the organisation will compensate with a monthly allowance (similar to a car
allowance).
IT will need to take the necessary measures to secure the corporate
data, applications and network on these devices
Pros:
Simple to implement – users pay for their own contracts from a
monthly allowance and use their own personal devices, removing the
burden of procurement, billing and administration from the company.
Potential cost savings – transfer the upfront cost burden to the
employees and replace full service and hardware costs with a
predictable monthly spend.
Superior, familiar and more productive user experience –
allowing users to work on their preferred devices can increase
satisfaction and productivity, by giving them the tools they want to use
for the work they need to do.
24. The Liberal Approach- Actual BYOD
Cons:
Cost savings can be less than expected – most businesses currently purchase their
hardware and tariffs at highly subsidised rates from the vendors. Full consumer prices
expensive verses a standard business contract
Excessive calls costs – with no central corporate tariffs and consumer contracts
spread across multiple mobile networks
Acceptable usage and liability issues. Distinguishing between personal data usage
and calls can be difficult
–
legally the users don’t have to disclose this information if the contract is in their name
Securing the unsecure – people use personal devices differently from business
devices, falling foul of compliance - privacy vs security.
– Lost Device what data can be remotely wiped in this scenario?
Security Issues
– All devices must have the fundamental security features required to be viable for corporate use, if
security features prove too restrictive, the users’ experience may be damaged and make the
whole concept of BYOD unappealing.
– secure the corporate network against these BYOD devices accessing it
Support and suitability – can IT support customer preference which tend to shift
rapidly?
Level of support is offered. Do BYOD devices get
– full support,
– best effort
– no support
25. The Hybrid Approach- Choose Your Own Device
CYOD
Use the device of choice for work purposes, but with the organisation retaining
ownership of the SIM and contract.
CYOD still offers the flexibility to select their preferred device, while allowing the
organisation to manage data security and have greater visibility and control around
mobile costs.
Pros:
Supports device choice – select the device which offers high user experience and
functionality.
– A policy that doesn’t support the devices users’ desire – or that has extensive usage restrictions
will have limited appeal and impact.
– A variant might be to offer a recommended list of devices to users, but sourced through the
company, possibly with varying levels of subsidy based upon job roles.
IT retains greater control
– by owning the SIM, IT can exert much greater control over expenditure, contract negotiation,
compliance, security requirements and costs.
– retaining control of the SIM eliminates several grey areas around the disclosure of usage
information, and also allows the company to retain number control if the employee leaves the
business.
Reduce mobile call costs
– calls cost are still one of the most significant areas of mobile spend.
Easier to manage - centralised billing from the primary network provider enables
billing interrogation which offers greater visibility of tariff costs and operating
efficiency.
Single mobile network eases the support burden and offers user familiarity.
26. The Hybrid Approach- Choose Your Own Device
CYOD
Cons:
Personal vs corporate conflicts–
– steps to secure corporate data,
– users are equally protective of their privacy and the integrity of their personal
data.
– if the device is lost can it be fully or selectively wiped?
– user policies must be in place before allowing devices to access the network.
personal calls versus work usage.
– ensure compliance with VAT rules around personal call costs
– control and reduce your mobile call costs.
– clear policy on personal use policy that outlines guidelines for acceptable
personal usage and the ramifications for breaching these.
Need IT resources who are experts on the range of devices and
operating systems (iOS, Android, BlackBerry etc.) that are supported.
Device refresh - users will want regular upgrades to their devices,
similar to the yearly upgrades they are used to from consumer
contracts. How will these be funded and paid for?
stringent security requirements and restrictions on personal usage
can damage the user experience and satisfaction.
27. THE ZERO TOLERANCE APPROACH - GET
WHAT YOU‟RE GIVEN (GWYG)
This strategy is to discourage rather than embrace BYOD
– prioritising protecting your network and data over user experience and satisfaction.
Employees will be issued business owned devices, SIMs and contracts
– will be discouraged from using personal devices.
This doesn’t mean they can’t be issued the latest and greatest devices,
– those decisions will be driven by the business and personal usage will be strictly regulated.
Pros:
it eliminates
– concerns around supporting and securing personal devices
– securing the corporate network against these devices.
It also sidesteps several potential concerns around
– personal vs corporate liability
– procurement.
Cons:
This approach can seem to be ignoring rather than addressing the challenge.
– Tech savvy users may well still try to circumvent your restrictions and connect to the network
anyway,
– could easily result in a damaging data breach.
Poor user experience and satisfaction
– business-led decisions around devices and usage will inevitably lean towards the conservative,
offering a lack of user satisfaction as they can’t work in the way they want to, where they want to
and on the technology they prefer.
28. Conclusions - Do the pros outweigh the
cons?
BYOD schemes can help businesses
– gain access to a more mobile, connected and engaged workforce.
– Workforce members can use their smartphones and tablets to work more
effectively and boost productivity rates,
– little outlay other than to tweak their security procedures to account for
the use of external devices.
There are potential risks associated with the use of personal mobile
devices in a professional setting.
– the required security safeguards must be put in place
– employees fully understand the boundaries and buy in to the
organisation's mobile culture.
If businesses focus on the advantages of BYOD
– there is a compelling case for allowing employees to use their own
laptops, smartphones and tablets in-house
– firms which turn a blind eye to BYOD, management may have difficulties
explaining to their workers why they need to use a business-owned
smartphone or laptop, when they can work more effectively on their
personal device.
Sources:34/69% data point - Microsoft Customer Survey 201188% employees using personal computing technologies - Gartner: Using Peer-to-Peer communities to Drive BYOD self-support; Aug 3, 20123.3 Connected devices - Cisco: The Everywhere Employee: Increase of Business Devices
Sources:34/69% data point - Microsoft Customer Survey 201188% employees using personal computing technologies - Gartner: Using Peer-to-Peer communities to Drive BYOD self-support; Aug 3, 20123.3 Connected devices - Cisco: The Everywhere Employee: Increase of Business Devices
Sources:34/69% data point - Microsoft Customer Survey 201188% employees using personal computing technologies - Gartner: Using Peer-to-Peer communities to Drive BYOD self-support; Aug 3, 20123.3 Connected devices - Cisco: The Everywhere Employee: Increase of Business Devices