Many organizations are supporting the consumerization of IT by requiring or allowing personal computing devices as work productivity tools. A one-step removed view of the practice makes this seems like a quick win for everyone. The employee uses the device he or she prefers and the organization transfers device support to the employee. However, a closer look reveals unanticipated costs on both sides of the arrangement.
The first unanticipated cost is that the “Y” in BYOD ends up being supported by the IT department, leading to additional resource funding from the organization. In the era of technology consumerization many people think that just because they can buy a song from iTunes or Amazon’s MP3 store, they immediately know how technology works and therefore can be self-sufficient. The reality is that organizations with proprietary data must secure that data in some way and the security processes limit BYOD support to those who understand all of the organization’s security requirements. Where security matters, someone somewhere has to authorize, configure, monitor and ultimately troubleshoot device access or user IDs or permissions, etc. and as the “Y” in BYOD, you cannot do that.
The second, but potentially more expensive, cost is noncompliance. If you do not keep your device patched with the latest OS patches, plus update a good antivirus/malware engine, you could infect the corporate network, files you save, emails you send, etc. To be clear, you could corrupt entire corporate systems and that risk is one that many organizations are not willing to take. Moreover, you pay the costs of antivirus and other tools to keep your device safe.
Third, organizations may not define BYOD in advance. Many users want to receive work email on a personal phone or tablet and consider that a sufficient version of BYOD. Where that is true and the organization has an external email website, BYOD is readily available just point the device to the correct URL and you are done. Of course a smaller set of users do need more than email, but where the organization can meet 80 percent of the BYOD demand through services already offered (OWA, Citrix, etc.) only the 20 percent exceptions remain. Unanticipated costs occur when IT departments fail to ask the organization leadership and user communities to define BYOD before spending untold quantities of cash to support everything for every user.
The three costs above provide conversation starts, not ends. Understanding there are unanticipated costs with any BYOD arrangement enables IT leaders to ask better questions and define better programs before the BYOD rollout begins. Just as important, the costs above should increase end-user awareness that they will have to become their own IT department not only to support the device when it breaks, but also to meet and maintain compliance guidelines that have never been a part of being productive, because IT used to do that for them.
About The Author
Dr. Mike Lewis (D.Mgt., PMP, ITIL, ICAgile) is the Senior Director of IT Operations and has been a Global Knowledge employee for more than 11 years. Mike has served in IT management and leadership roles for Fortune 25, mid-size and start-up organizations for over 20 years.
Related Course
SISE — Implementing and Configuring Cisco Identity Services Engine v1.1