It has not been an easy process, but most companies around the world are beginning to embrace the concept of bring your own device (BYOD) and make it part of their daily workforce. There is no denying that it brings a certain convenience to the employee that no company-issued device can compete with.
However, as is usually the case, anything that offers convenience to one side sometimes causes a problem with the other side. There is definitely a sense of give and take and there is no more obvious a case as with BYOD.
In most cases, the concern is security. Last year I wrote that this is a two-way street. While the employer is very concerned about keeping the company data secure, the flip side is that the company can also have access to the employee’s private, personal information. Mobile device management (MDM) can solve a lot of these problems, but it is usually the policy underlining BYOD that needs to be worked out correctly.
As more companies institute policies and allow BYOD, they become more comfortable with how their employees use their personal devices and incorporate them as a work tool. The question that arises is, where does it stop? I personally have a tendency of working until I get my project done, regardless of where I have to do it.
If you’re like me, the logical progress is that you are probably using your tablet to work on your project on the train ride home. Once you get home, you want to continue working. If it were me, I would transfer the information to my home computer where I could use my monitor and keyboard to complete the work more quickly.
This now takes us into the realm of what Midsize Insider refers to as take your own device or TYOD. It is the secondary effect of what happens when mobile meets the home network. They also describe it as data with legs.
This is in reference to the fact that once company information is on a personal device, such as a tablet or smartphone, data grows legs and walks away in pockets or briefcases. Midsize Insider references a recent article by Adam Levin in Forbes, in which he discusses that while companies take precautions with BYOD, they forget that their employees might use a home computer to continue working after hours.
The feeling is a progression of going from a completely secure environment known as the office, through a partially secure device known as BYOD, to a potentially insecure environment known as home. As you can see, from the IT professional’s point of view, each step’s security measure drops significantly, putting the company data in danger. In addition to the possibility of the data being compromised, using TYOD could potentially install malware on the company network.
You can see how the IT department might have certain issues. I believe that their natural response would be that data could only be taken and used at home if the home network was as secure as the company’s network. Of course, the more secure the home network, the more the devices will cost. So who pays for the added security at home?
Another issue that Midsized Insider brings up is that of legality. When you use an MDM-enabled device, you are giving the IT department a certain amount of control over your smartphone or tablet. If you misplace, lose, or have your device stolen and you have confidential information on it, chances are that your company will want to wipe your device clean so that no one can use any of the information on it.
Now, the key word in the above sentence is “any.” In most cases like this, the wipe command, or kill-switch function, destroys all of the information on the device. So what happens to all of your personal information? All of your contact info, pictures, texts, emails, everything will be removed meaning that all work -- as well as personal information -- is made useless.
Let’s take a look at things from the other end. Say that you are using BYOD and TYOD to work on a project and your company comes under federal investigation. As is often the case, all devices are generally seized and could become the subject of legal discovery during an investigation or trial. If this happens, you could lose any mobile device and home computers that you have access to.
It is clear that there are issues on both sides of the coin. Both employee and employer could greatly benefit from the concept of BYOD and TYOD, while on the flip side of the coin, both could also suffer greatly if a mistake was made by either side.
There can be several ways to go about dealing with BYOD. The most obvious is to not allow it. The problem is that if you are like me, you can find a workaround or way of bypassing company security and still use your device. Of course, the flip side of that tumbling coin is to say, “Fine, then I’ll only work when I’m in the office.”
Neither of these seems to me to be a viable solution. Companies need to sit down with their employees and IT administrators. This will give both sides an opportunity to discuss what they need as well as what they expect. Equal respect should be given to both sides while maintaining security and access to necessary data. The right MDM approach should be taken.
Edited by Rory J. Thompson