Ten years ago, getting a company laptop and BlackBerry was considered a bonus—a welcome upgrade to your PC tower and Nokia flip phone. Today, however, as mobile technology has exploded, employees are wrinkling their nose at their company’s standard-issue, frequently outdated fare, and are increasingly asking to use their personal smartphones and tablets at work, even if they might have to bear some of the cost.
Bring-your-own-device (BYOD) policies are the latest perk touted by progressive companies. “Productivity happens where people are comfortable and using devices that are most comfortable for them,” says David Clarkson, HR manager at Cisco Canada, which has a BYOD policy. In fact, 61% of employees feel happier and thus more productive when using technologies of their choice, according to a survey of 2,000 people conducted for VMware, a California-based software company. BYOD offers other benefits for employers, like cost savings on hardware, but it can also present challenges. How do businesses manage multiple platforms and keep devices—and corporate data—secure?
Five years ago, Cisco was one of the early adopters of BYOD. At first, staffers still carried a company BlackBerry, but could get work e-mails sent to their personal phones. Today, Cisco doesn’t even offer a phone—it’s BYOD or bust. Employees are expected to buy their devices, but the company will pay service fees for full-time employees. Some companies offer subsidies or credits toward phone costs. Supporting all these products and their operating systems, however, can be a headache for IT departments, which may not have the same expertise in Apple’s iOS or Google’s Android. At Cisco, IT generally stays out of the troubleshooting game; if employees run into technical snags relating to their devices, they’re encouraged to visit internal online forums or video tutorials. Within smaller companies, like Toronto’s Social Media Group, solving tech issues can be less onerous for a staff of 20. Also, compatibility among devices hasn’t been a problem, says CEO Maggie Fox, because all company data is accessed through cloud computing. “Google is our common interface,” she says.
At Cisco, which likely needs to cope with every smartphone and tablet on the market, thanks to its thousands of employees, the company has tapped into “virtual desktop” technology to smooth out potential compatibility issues. It allows employees, regardless of their device, to access office desktop applications, says CTO Jeff Seifert. “That way, if you lose your tablet or phone, integrity is still there because all those applications are running back to the data centre.”
Security is by far the top concern among managers considering BYOD. “With mobile technology, sensitive data is literally walking out of your company door every day and getting on planes and going all over the world,” says David Mahdi, senior product marketing manger at Entrust, a global online security firm. “That problem could magnify with BYOD because now you have critical corporate information mixed with someone’s private data on the same phone.” Mahdi uses the example of accidentally sending company data to a personal contact, which is generally harmless, but raises inevitable questions about the level of control a business has over its data. What happens when an employee leaves the company or loses their phone?
The answer lies in another buzzword (and burgeoning tech field): mobile device management (MDM), which broadly describes a variety of software products that secure and keep a constant connection with devices. A particular MDM might require complex, regularly changing PIN numbers to access company apps or software, or, if an employee has gone AWOL, allows the company to remotely erase the data on the phone. Mahdi also recommends to clients, especially those dealing in sensitive data, to imprint each device with a digital signature that the network can “interrogate.” Cisco offers another level of security by creating its own corporate apps to access company software. “It’s a tested and tried secure environment where people can download apps that we know are safe,” says Seifert. For now, companies like Cisco that offer solely BYOD are still in the minority; most firms issue a phone while allowing shallow network access on personal devices. But Mahdi warns companies against diving headfirst into BYOD. “The carrot is just so big and juicy that they just want to reach for it,” he says. “But there are risks that have to be considered.”