Greater flexibility; higher productivity; cost savings and increased employee satisfaction: which business owners wouldn’t want all of these?
That’s what the phenomenon known as Bring Your Own Device (BYOD) can bring to your organisation.
But is allowing all employees access to their work email on their personal smartphone or tablet always a good thing? What happens when they leave your business and retain emails that contain sensitive company information?
All this and more is why BYOD is challenging today’s business owners – and is why our guide is essential to steering you through these unchartered waters.
Download your free Bring Your Own Device eBook, covering topics including:
- The opportunity for your business
- Benefits by numbers
- Legal issues owners need to consider
Free download in PDF format.
If employees can work with a range of devices in different places then this enables them to work whenever, wherever. Your customers, too, can benefit from this change because your employees may be able to service them at times which are more convenient to them and their lifestyle.
Mike Foreman is AVG’s General Manager of SMB and a keen advocate of BYOD for small businesses. He blogs about small business issues at http://blogs.avg.com
One thing is clear: Bring Your Own Device has landed and is here to stay. Employers need to understand what it means, the benefits it could bring and the risks it presents to their entire business, not just their data or a single device. Employees, too, need to understand how this could potentially change the way they work forever.
We’ve all been taking our mobile phones to work for quite some time now. Initially they would stay in our coats or bags or rest on our desks until they rang or buzzed. That is, they were purely for personal use and not for work. Oh, how times have changed.
On average we now carry 2.9 devices per person and they are more powerful than ever. Think smartphones, mp3 players, tablets, e-readers and laptops. We can sometimes do just as much work on a smartphone as we can on a laptop. The data they can store is also substantial.
Companies are increasingly adopting a Bring Your Own Device (BYOD) policy whereby employees use their own devices to do their jobs whether at the office, at home or on the train. As long as there is work to be done, data, a device, and a wifi connection to piece it all together, it sounds like a great idea.
The business benefits are clear too; employees can work more flexibly, balancing work and personal life more easily, lessening the impact on absence or downtime for the employer.
The business can offer a more flexible service to its customers outside of the usual 9-5. And, if employees are buying, using and maintaining their own devices, then the business may be able to reduce its overheads to some extent.
Data and devices can be lost, stolen, and corrupted. If those devices had access to the company network then they are at risk of being hacked. This is the challenge brought on by technological change but one that can be overcome by clear thinking and decisive action.
Recent research reveals the sheer variety of devices that people are already using at work and at home and how they’re using them. This suggests that BYOD is well on the way from being a trend to becoming the norm.
BYOD is now
It’s no surprise to see the big brands such as Apple and Samsung dominating the usage numbers in our research. However, be wary of using that as an indicator for which devices are appropriate for your business.
Your network and processes will have a certain technological configuration and particular functional specification.
So, when you’re considering a BYOD policy, you should establish which devices will meet those requirements, which ones won’t and then advise your employees accordingly. Don’t just run with the crowd.
*AVG/TechTarget 2013; totals are more than 100% as some respondents use more than one device
Adopting a Bring Your Own Device policy is a great opportunity to rethink how you do business with your customers and how your employees get things done.
There will be a limit of interest in adopting BYOD and in the value it can deliver.
Being on the frontline and being early adopters themselves, many IT managers already believe BYOD can deliver a competitive edge through an increase in productivity, flexibility and customer service.
That’s not to say those opportunities are guaranteed or applicable to each and every company. As ever, the nature of your business may well dictate what type of opportunity BYOD will present you. The general opportunities open to any business adopting BYOD currently fall into three broad categories:
Flexibility / Productivity
If employees can work with a range of devices in different places then this enables them to work whenever, wherever. Your customers, too, can benefit from this change because your employees may be able to service them at times which are more convenient to them and their lifestyle. The traditional 9-5 no longer applies; the working clock is reset forever.
Time / Cost Savings
If employees use their own devices they will likely be paying for them, at least in part. Similarly, they would be responsible for the time it takes to buy them, configure them, maintain and upgrade them, and train themselves in their use.
Research* published here by Cisco confirms that business leaders feel that one of the main benefits of BYOD is greater job satisfaction for employees. The second main benefit is perceived to be improved employee productivity as BYOD can offer more opportunities for staff members to collaborate on projects.
*Cisco research: https://www.cisco.com/web/about/ac79/docs/BYOD.pdf
Businesses that intrinsically rely on technology to carry out their work, from accountants to web developers, will directly benefit from BYOD because without the right data and devices they get nothing done.
- 16% of companies worldwide perceived job satisfaction as a benefit of BYOD
- 40% of employees think they will be more productive using their own device
- 37% of employees like to work with any device anywhere
- 35% of employees like to combine work and personal use
*The New Statesman: Bring Your Own Device 2013: http://tinyurl.com/q9yegrf
Like any technological development - and the cultural and behavioral practices that accompany it - BYOD is no different in that it offers risk as well as reward.
Not everyone is rushing into adopting BYOD. Some businesses have been put off because they see no business need; some reject it out of security concerns. Others are still assessing what the exact opportunities, benefits and risks are and, wisely, don’t want to make a rash decision for the sake of technology.
As for the specific risks to your business and your employees using their own devices, they will vary according to the depth and breadth of the adoption. That said, there are some risks that will apply universally to which you should pay some mind:
Conflict of Interest
If your employees are using a personal device for work then it needs to be partitioned, to keep their private data separate from their work data.
Loss of Device or Data
If your employees can take their devices to any location they can be stolen or left there by accident. If a mobile device is hacked then your data is also at risk of being stolen, deleted or corrupted.
Loss of Time or Productivity
A staff member without a device or data will simply not be able to produce good work. Alternatively, employees could spend too much time using their own device for personal use.
Knowing a little more about some of the most prevalent risks of BYOD from an HR and legal perspective will help you decide how best to counter them.
Conflicts of interest
Who owns the data and intellectual copyright? If the device is being used for work and personal reasons and isn’t partitioned i.e. has no technical barrier between where work and personal data is being stored, processed or transmitted, then it can be difficult to prove who owns, or even who created the data in question.
Too much flexibility
Checking work emails on a smartphone on the way home - instead of shutting up shop the minute they leave the office - benefits everyone if it relieves pressure and helps a customer get a quicker reply. But, being technically able to work at any time, is not necessarily healthy or legal. Your employees can burn themselves out or put themselves under undue pressure by working at all hours.
Loss of data
When an employee leaves your company, ideally you’ll have a controlled exit where you can determine which data and devices need to be retrieved and/or reviewed. If there is a need to wipe company data from a personal device, then you need to be mindful of deleting personal data (e.g. photos, videos, music). If the device has been partitioned, this may be simple to achieve.
If not, you should seek technical and legal advice before wiping anything. It’s also wise, before going ahead with wiping data from a personal device, to speak to your employee and give them the chance of backing up their data. The same advice applies if a device is stolen or lost.
There’s no guaranteed winning formula for protecting your data or devices from theft, corruption or loss other than remaining aware of the risks and mitigating them as best you can.
Don’t be fooled into thinking a hacker won’t be interested in stealing your data just because you’re a small business.
One thing’s for sure, ignoring or vastly underestimating the risks to your devices and data is a potentially disastrous strategy.
For example, don’t be fooled into thinking that a hacker won’t be interested in stealing your mobile devices or data just because you’re a small business. Cybercrime can and does happen to companies, organisations and institutions of all sizes, shape and geographic location. But that doesn’t mean you’re helpless. There are some basic steps everyone can follow:
Plan ahead and get buy-in upfront: ask all employees to sign up to your BYOD policy that explains their rights and responsibilities, and that allows you to remotely wipe and monitor the device if needed.
Be practical: find a good Mobile Device Management solution to help you manage the data and devices.
Be proportional: offer BYOD to the employees who will get the most benefit and return out of it. It doesn’t have to be company-wide if you don’t need it to be.
Build a secure network: if your network is secure to begin with then it becomes much harder to hack.
Limit remote access to your network: only those who absolutely need it should be permitted.
Passwords: change regularly and use a unique password for each account (8 or more characters: upper and lowercase letters, numbers and symbols).
Encrypt your data: Use cloud-based services to store data and back it up
Rolling out a BYOD policy is not something you can launch and leave; technology changes, employees come and go, as does data. Your business will evolve too.
Everyone needs a clear understanding of the benefits and risks.
The first step to roll-out is to identify the business case for implementing BYOD. This means clarifying the benefits, the risks, the execution and the management.
What will your business gain by allowing employees to use their own devices for work? How might time savings, greater productivity, and both higher employee and customer satisfaction be achieved?
Once you’ve confirmed the business case, identify the following:
- The TASKS you need to complete
- The DEVICES you need to access, process and transmit that data
- The DATA needed for those tasks
- The PEOPLE who will use the devices and data
That knowledge builds a picture of your BYOD landscape. Then you can:
1. Create a clear, comprehensive policy around personal devices and the right for your business to track devices, access, and delete all company data. Make sure this policy integrates with your Starters and Leavers Policy too.
2. Deliver an informative briefing where you discuss the policy with your team and require them to sign up. Everyone needs a clear understanding of the benefits and risks of using personal devices for work, especially of theft and the need to remote wipe a device. Offer them training and support.
3. Produce a simple security checklist for your team to follow. This can include aspects like activating passcodes for devices; creating strong passwords; using secure wi-fi networks outside the office; and keeping their devices’ software up-to-date.
4. Consider buying in a Mobile Application Management solution which will help you manage all the data and devices. Create an Incident Response Plan and train the people concerned, so they know what to do and how to react if the worst does happen.
BYOD is here to stay and offers many potential opportunities and benefits for small and large businesses alike: flexibility, reduced costs, happier workers. However, it doesn’t come risk-free: data and devices can be lost, corrupted or stolen. Employers need to add another policy to their growing list.
Take your time and think through the full consequences of what this technological change means for you.