The idea of bringing your own device (BYOD) to the workplace is quickly becoming less of an IT annoyance and more a method of operation for a growing number of companies. Why? Simply put, people want to work with computers and devices that they are accustomed to using.
When corporate America first embraced computer technology as a way of modifying and managing information, only a very small portion of the workforce had capable systems at home. Even fewer of them knew how to set them up or use them. Networks were also very different, with mainframes being coupled with terminals that only ran programs vital to the company’s operation (though virtualization brings this full circle). Ubiquitous Internet access wouldn’t come around for several decades.
Once the Internet became more popularized in the mid 1990s, corporate IT departments responded largely in the same way any proactive group responsible for the security of a network would. They attempted to lock it down in order to avoid accidental infection within the corporate network. A single bad download or malicious email could cripple a corporation – IT professionals were quick to respond by restricting access on company machines as best as they could.
A BYOD device in the late ’90s and early 2000s was almost unheard of in most businesses. Laptops were beginning to become more commonplace, but these machines were largely exposed to the potential risks of the outside Web. For that matter, the security of these devices was questionable at best. For companies that frequently manage large amounts of personal customer data, a BYOD plan would have been ill advised.
Personal Devices Come to Work
Today, workers almost always carry an Internet-capable device with them. Laptops, tablets, and smartphones are all over the workplace, and the corporate world has attempted to adapt.
Some of these devices never touch the corporate network, relying instead on an employee-paid data plan. On the other hand, an increasing number of employee-owned devices utilize company infrastructure and access company data. There are advantages to both approaches.
Employee morale is improved in a BYOD-friendly environment. If you can work from your own devices, or at the very least manage your corporate email through one, you feel less restricted and more in control of what you’re working with. Employers tend to get the benefit of more employees spending non-working hours thinking and acting on the company’s behalf.
BYOD Isn’t One-Size Fits All
The BYOD trend doesn’t always translate well in all businesses. Insurance companies, for example, have extremely heavy requirements of privacy, including HIPPA compliance; a BYOD device may not yet play into that formula.
While security is of utmost concern to IT, even the most diligent staff may miss critical steps in preventing unwanted data leakage or threat intrusion. IT departments have developed advanced methods of dealing with data security including virtual machines, VPN, and full disk encryption, but there are still potential security gaps.
How many stories have we heard over the years about a government worker or corporate member losing their laptop, or having their data compromised while out and about? This type of data leak happens routinely, and can have catastrophic repercussions.
BYOD Balancing Act
Is it possible for companies to find a balance between the need for security and the need for employee mobility?
Companies looking to find this balance can require employees to agree to specific conditions, like agreeing to have devices monitored for intrusion and installing company-maintained security measures on the device. Abstracting corporate resources via a virtual machine on laptops is certainly one method for reducing threats. On smartphones and tablets, required use of VPNs with aggressive timeouts, intelligently defined access control, email security policies and monitoring of user reputation on approved BYOD devices can all improve the security of BYOD.
While you can never totally eliminate risk in a world where employees are bringing their own devices, corporate networks have never achieved 100% security. For most businesses the upsides outweigh the risk.
Hardware infrastructure costs are reduced because employees are choosing and purchasing the gear they work on. Employee morale is boosted by allowing employees the freedom to use what’s familiar while also feeling trusted to make their own choices. Potential productivity gains, by empowering employees to have their work with them everywhere, are also positive.
In a world where work/life balance is of increasing importance, BYOD is perhaps the best way to bridge the gap between an employee that simply comes to work to fill out their time sheets and one that embraces their work as a personal mission to improve on and make the most of.