Skip to content

7 deadly BYOD excuses

May 22, 2013

Bring Your Own Device (BYOD)

Here are 7 bad excuses to avoid BYOD – and some answers that address them.

We are running a highly secure BYOD scheme at Solihull Council which I have been asked to present on from time to time, to private sector and public sector audiences. At Solihull, we have about 15% of staff using privately owned smartphones, PCs and laptops to access corporate information. We have won awards for the scheme ( http://tinyurl.com/bn9jhtj) which uses Good, Juniper and other technologies.

Whenever I discuss BYOD, I hear the same issues and concerns, which are sometimes thinly veiled excuses for not doing anything. Which is a shame because there is real business advantage to be delivered by providing a secure BYOD scheme.

So, here are the deadly seven BYOD excuses, and the logic that refutes them:

Excuse #1. “Nobody wants BYOD”

Yes they do. Not everyone, but enough people to make it important to offer BYOD as an option. Some people will refuse on principle to use their private devices for work, because they refuse to subsidise the employer. But for many others, the mobile device is a highly personal choice – people “love” their smartphones and they really don’t want to have someone else choose it for them. And they really don’t want to have to carry two devices everywhere. So they’d like to access work stuff from their private devices, please.

History teaches us what the future might hold. Back in the day of the steam train, the stationmaster was provided with a pocket watch so he could do his job. In your company today, most employees need to be punctual to do their jobs. But you would not dream of issuing them with a company watch, because they want their own one, that suits their style. It won’t be long, I suspect, before we look back with curios nostalgia at the time when the company provided mobile computing devices.  More than 10 billion personal mobile devices are expected to be in use by 2020.

So give your people the choice and see who wants to go for BYOD. Many will.

Excuse #2. “BYOD cannot be secure. You will lose confidential data. You will suffer from virus problems.”

You are right to worry about this one. Its the reason why BYOD has not previously been viable.

But a wealth of clever solutions now exist to make BYOD secure. Some provide “mobile device management” and some provide “mobile data management”. There are strengths and weaknesses to each and the choice depends on the type of mobile “experience” you want to offer. Make sure you know the difference and then choose a product (or products) that deliver what you want, securely.

No system is completely secure. Conventional systems are not without vulnerabilities (think defence systems hacking) and BYOD systems are not either. To understand information security well, you need to understand human behaviour as well as technology. In fact, not offering BYOD probably creates the greater information security risk. If people can’t access their corporate information from the device they like, they will get it there through other means. Usually they will simply forward emails and attachments to their highly insecure internet personal email accounts. So while you spend a fortune on a secure corporate infrastructure, your staff simply email your data to the other side of the fire wall.

Best to tighten your security by making it possible to do what they want (to use their favourite device), securely.

Excuse #3. “Tax issues are prohibitive”

People worry about the tax implications of BYOD. Globally, the tax position for BYOD is still maturing. In the UK, HMRC says “Money an employer pays to an employee to use their own mobile phone is taxable”, and not much more than that.

So, if you don’t contribute funds to cover employee’s costs for their devices in the BYOD scheme, you don’t have a tax problem, it seems. If you choose to part fund it, be aware when you construct the business case to do that, that the part funding is taxable. If you allow staff to procure devices through a salary sacrifice scheme, then the same conditions are likely to apply as with other salary sacrifice schemes.

The tax questions may yet be unclear, but they are not a showstopper for BYOD. You are not being taxed for telling the time with your personal wristwatch at work, are you? And when the dust settles, neither will you be taxed for reading your work email on your private device.

Excuse #4. “Support Costs of BYOD will be high and will outweigh the benefits”

Its natural to expect calls at the IT service desk to increase as more people use BYOD. Its more devices and another system, after all. However, my experience is that this does not happen. People are more willing to solve their own problems if it is their own device. If the device breaks, it usually needs a fix from the supplier, so the user will take it back there. If the BYOD App breaks, they just download an update.

So I dare to think that BYOD is less costly to support than corporate mobile solutions.

Excuse #5.No Savings will materialise”

I wouldn’t run a BYOD scheme for the device related cost savings alone. Sure people will return corporate mobile devices and there will be savings. But the bigger savings come form the efficiency of mobile working. Around 20% productivity gains are not uncommon. And for the CIO, the internal customer relationship benefits are probably every bit as significant. Implementing a BYOD scheme makes most of your senior stakeholders view your service more positively.

So the complaint that the device savings are trivial, misses the point.

Excuse #6. “When a private device breaks, the user will be stranded without corporate IT support”

What do you do when the private device breaks and the user can’t work? If you were providing corporate mobile devices, you would have spares for this eventuality. But you can’t carry one of every device on the market in your IT spares cupboard. Luckily, you don’t need to.

You do need to provide an alternative way for people to access their corporate information. Mostly people will still have other corporate devices (like an office PC), so they can carry on working, just with less mobility for a short while. A “thin client” solution compliments BYOD very well. So people can access their corporate information from any corporate office, even when their mobile device is not working.

Some surveys suggest that the personal smartphone is now the “most precious item that people own”. People will want to get quick access returned for their broken private devices, so they can get on with their lives. They will do that quickly, re-install the BYOD app and be up and running probably more quickly than the corporate replacement process would allow.

So break-fix response times may just be improved by BYOD.

Excuse #7. “There are more important IT priorities in my business”

Fair enough. There may well be other things to do that are more important than BYOD. The business case for BYOD is about staff efficiency, cost reduction and risk reduction. But its also a great opportunity for the internal IT department to delight the internal customer. There can’t be too many priorities that deliver on all of these dimensions.

In summary then, I’d say that the business benefits of BYOD are compelling and the disadvantages are slight. BYOD is an unstoppable force and the seven deadly excuses do not survive close scrutiny.

Stat Sources: Gartner, Checkpoint, Ovum, IBM,  Entersays,  Vertic, Motorola and Harris Poll and Magic Software.

http://www.securedgenetworks.com/secure-edge-networks-blog/bid/87987/10-Surprising-BYOD-Stats-You-Need-to-See

Advertisements
2 Comments
  1. jahedulislam permalink

    This information is helpful for gather knowledge about bring your own device and security also. For implementation and of byod security and byod security policy http://byodsecurity.org that site also
    effective.

    • Thanks Jahid, some useful stuff there from you.
      Do you think it necessary to have a limited set of “approved devices”? Our approach is to allow any devices that will run the approved secure apps that provide the BYOD security. That way we don’t need to police the devices because the secure app approach takes that requirement away. What do you think?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: