Since the invention of the laptop, employees have been trying to bring their personal devices to work. And ever since that first employee-owned laptop crossed the corporate threshold, the IT department has almost always said "No way you're bringing that un-supported, un-secure, un-productive consumer machine into my nice clean business network."
Until recently, the idea that you might Bring Your Own Device (BYOD) to work has filled IT folks with fears of:
- Rootkits and other malware
- New operating systems to support
- Proprietary, insecure applications
- No remote management
- Incompatibility with enterprise security and encryption
For the vast majority of businesses, securing, managing, and supporting user-sourced devices just wasn't worth the potential upside. In some heavily regulated environments, it wasn't even a possibility.
BYOD Grows Up
But times have changed. As shifting cultural norms and new devices have increased employee pressure for BYOD, the industry has finally responded with the tools IT needs to safely open its doors to personal devices.
Let's not kid ourselves. BYOD is still a major undertaking. But over the past few years, companies like Intel have made huge improvements to consumer technologies that make BYOD a very real, manageable possibility. Low-level hardware enhancements have extended the reach of operating systems and device-management applications, making it possible for IT to maintain order while still letting users have the machines they want.
With a bit of planning and work, IT can now allow employees to use many of the personal devices they actually enjoy - without sacrificing security or causing too much disruption. Here's a look at some of the most important factors turning BYOD from an IT pain-in-the-neck into an opportunity.
The Case for BYOD
BYOD isn't just about "cool" anymore. For many workers, it's a necessity.
Many Gen X and Millennial workers and customers prefer video chat, social networks, and text messages to email. They expect near-constant availability and immediate responses, and even office-based employees are doing more remote work at off-hours. Businesses support this, expecting workers to be available at all times, yet most employers issue only a desktop or laptop PC. That disconnect is precisely why groups like Field Sales tend to bypass established procedures, and it's dangerous for everyone involved.
The mobile device landscape changes every day. Tablets, Ultrabooks, and an evolving line of hybrid devices fill the gap between laptops and smartphones. With constant media coverage of consumer technology rivaling or surpassing the capabilities of enterprise hardware and software, many employees are convinced that they, not IT, can identify the best tools for their jobs. Modern workers know exactly what they want, but traditional enterprise provisioning and purchasing systems often can't keep up. Managing employee devices can bridge that gap and rein in rogue behavior before it starts.
The Hardware Industry Responds
Simply put, consumer mobile devices have gotten better during the last few years, and IT doesn’t have a good reason to dismiss them anymore.
Consumer devices have long outperformed equally priced business machines, but they've usually sacrificed stability, reliability and security to do so. In the last few years, though, the hardware industry has made up a lot of that ground.
Features that used to require specialized, custom hardware are now supported in off-the-shelf devices. Mobile device processors now offer low-level features that protect against malware and reduce the complexity of implementing a secure environment. For example, all current Intel Core processors support remote device locking through Intel Anti-Theft Technology. Newer Intel Core vPro processors (found in newer enterprise and small-business laptops, Ultrabooks and even some tablets) add two-factor PKI-based authentication with Intel Identity Protection Technology, and pre-boot system integrity verification through Intel Trusted Execution Technology. These features offload a large amount of the complexity needed to build and maintain a secure system. And since they're embedded at the chipset - applications, malware and nosy users can't alter them.
Software Reduces Complexity
Consumer operating systems have matured, too. For example, we've moved beyond the days of the single enterprise smartphone or tablet operating system. There are now several viable options for each device class, allowing IT departments to base their choices on synergies across multiple platforms, the ease of integration with other devices and total cost of ownership (TCO) calculations.
As the mobile device market has exploded with new manufacturers and form factors, operating system vendors have provided platform consistency. For example, it's now completely plausible for an enterprise to run Windows across all of its servers, desktops, tablets, smartphones, and hybrid devices, while still retaining user choice. A common OS allows IT to share applications from desktops to smartphones, lower training and management costs, and extend the security and performance advantages of a shared infrastructure without having to sacrifice device variety.
At the same time, its easier than ever to mix operating systems as needed.
The BYOD Payoff
Of course, writing a BYOD policy and building the systems and procedures to support it still takes work. Is it justified?
If you’re willing to expand your thinking beyond this year’s balance sheet, the answer can be a definite “yes.”
Quantifying return on investment for BYOD implementations can be tough. IT should not plan to recoup the costs of a BYOD project through immediate hardware or staff savings. On the other hand, BYOD can create happier, more productive workers and a more secure workplace.
According to an internal review of Intel's own BYOD program, BYOD creates a huge boost in employee productivity. In 2011, the 17,000 Intel employees bringing personal devices to work reported an average productivity increase of 57 minutes per day. That helps create a halo for IT, positioning the department as a productivity enabler instead of a roadblock, which can help smart CIOs collect political capital for other projects.
While it may sound counterintuitive, a properly implemented BYOD program can actually increase enterprise security by locking down corporate assets and forcing overdue security updates. In the case study above, Intel assigned higher security scores to employee-owned mobile devices than to many of its internal PCs, since all of the mobile devices were subject to rigorous compliance monitoring.
BYOD is here because it needs to be, and because IT finally has the tools to make it make sense.
Hybrid image courtesy of Microsoft. Other images courtesy of Shutterstock.