Beware the growing flood of personal computing devices
into the workplace
by Alan Zisman (c) 2011
published in Business in
Vancouver November 29-December 5 issue #1153 High Tech
Many party invitations ask you to BYOB (bring your own bottle).
Increasingly, employees in organizations large and small are insisting
on their right to BYOD – to be able to bring (and use) their own
devices at work.
Earlier this year, Gartner Research vice-president Leslie Fiering
discussed BYOD with a room filled mostly with local IT leaders. At
Gartner, Fiering focuses on notebook and mobile computing and
employee-owned PC and notebook strategies.
Fiering noted recent Gartner studies that suggest that companies are
increasingly seeing employees connecting their personal iPads and other
devices to the network. Despite this, only three of 70 organizations
contacted had formal policies in place for this.
Employees are increasingly expecting to be able to bring their personal
devices to the office and use them for work. Fiering told her IT
audience that “resistance is futile,” despite IT concerns about
security risks, support costs and compliance issues.
Demands often start at the top with senior management insisting that
they be supported in the use of their personal devices, even though
Fiering noted that they’re often the biggest security risks.
Organizations can save money when employees use their own smartphones,
tablets or notebooks at work, but some companies report higher costs as
IT staff are asked to support a more diverse range of hardware and
software. Fiering suggested that organizations look at a range of
options, including holding employees completely responsible for costs
associated with their devices and sharing costs to providing corporate
data plans (and support) for personal devices.
She noted that some organizations had contained costs by limiting
support to a fixed number of models or by only supporting the
“corporate footprint” on the devices. Other useful strategies: build a
“self-service portal” for users pointing them to outside resources for
their devices and to encourage “communities of peers” within the
organization to help one another.
There’s no single model for all organizations – or even for all
employees within each organization. It might make sense for the company
to buy mobile devices and pay for phone and data costs for employees
working on the road but not for those who are full time “on campus.”
Because IT can’t assume that user-provided devices are secure, Fiering
urged organizations to segment their networks by providing full access
to fully controlled company devices (or virtual machines), partial
access to user-controlled devices that have been registered with the
company and limited access to unknown devices with authenticated users.
Unknown users – regardless of the device – should be locked out of the
Another issue is software licensing.
Here, Fiering reported that Microsoft licensing, in particular, “can
get hairy” with different models for using an employee-owned device to
access Microsoft servers, to run Microsoft Office and Outlook or to
Organizations should be creating BYOD policies and communicating them
to employees. Among the issues:
•Who buys the device and who pays for what services?
•What does the organization support?
•What levels of network access are allowed?
•What are the security procedures?
Tablets are not new, but with the iPad, Apple has “created an object of
desire,” which is being “literally injected into the enterprise.”
Fiering noted that iPads can be valuable tools in the enterprise, but
that it is a mistake to assume they can either replace or be managed
like notebooks.She added that, while Apple is not a traditional
“enterprise player,” its proprietary approach has become surprisingly
enterprise-friendly by limiting its range of available hardware,
vetting apps and providing more security and manageability features.
Fiering’s conclusion: “Don’t delude yourself. Non-enterprise devices
are already accessing your stuff. Ignore this at your peril.”