Back to news & views

Has ‘Bring your own device’ finally come of age?

With new smartphones and tablets hitting the market on a near-daily basis and the inevitable demand for these from well-lined wallets, it is perhaps timely that we think about how we might harness the consumer device market to change the way employees engage with IT. People are buying their own IT for use at home and organisations are buying IT for people to use at work. Perhaps it’s time to explore how to best use this opportunity for the benefit of all.

The concept of “Bring Your Own Device” (BYOD) is not new, but organisations have had varied success in implementing this in its purest form. Sure, most of us can now access email on our phones, but that’s usually the limit to what we can do. We’re not quite ready to let employees turn up at work with a laptop they bought at the local superstore just yet? Or are we?

On the one hand, employees are now harnessing more computing power through the latest devices in their pockets and at home, yet a large number of corporations still have their own approved devices such as laptops, desktops and smartphones which have strict policies around their usage.

Employees want the latest technology and the boundaries between personal and corporate devices are blurring. Businesses rarely operate in isolation and need to communicate with others and may have little say in the devices in use at the other end. How do we, as IT professionals, help build the bridge?

Why is it that we have a “work” computer? Do you know someone who has a “work phone” and a “personal phone”? And how can IT help enable a wider choice in the devices we use?

The explosion in social media is seriously changing the way the world communicates, so what can we do about changing the way we access our work environment? And why would business be interested in promoting this?

The opportunity

Whilst traditionally seen as a threat to the security of corporate data, the usage of BYOD within organisations brings with it the opportunity for IT departments to focus more on the delivery of services than provisioning and support of the hardware that runs them. There is also some evidence that a BYOD culture can be more attractive to employees and this can be a key differentiator in recruitment of staff. Placing responsibility for care of the device back with the users might just help lower the costs of lost and damaged equipment too.

Not needing to be concerned with the costs of end-user hardware procurement, support and maintenance of devices can help IT focus where it should have the most benefit – delivering business value.

The challenge

Corporations spend lots of time and money securing data, and rightly so. No organization wants the additional worry of sensitive data leaking on to smartphones, tablets and multiple devices that they have little control over.

Employees may be well intentioned, but keeping up with security updates to ensure that malware, botnets, keyloggers and the like haven’t compromised their devices is an onerous job (just ask the IT Security department). IT departments traditionally trust anything on their network.

A move to BYOD would mean an inherent distrust of anything not within your data center – a fundamental shift in security mindset and a difficult task to undertake. In addition, a plethora of devices now hitting your network and infrastructure may have impacts to your capacity planning processes, so don’t be overly hasty in starting to open up the network just yet!

The answer has historically been that organizations elect to provide the device, lock it down, control the updates and most likely the applications that run on them. Enter the corporate PC! This lets people access what they need and retains the security of the environment far more than “bring your own device” would allow.

Breaking down the barriers to BYOD

A number of technologies are opening up opportunities to provision applications to varied end-user devices, yet they all have some challenges.

  • Architect your applications for web-based delivery – Moving applications to a web based model is great, but you still need to ensure you can cater for all the browsers your users might want to connect with, let alone probably spend a lot of time and money re-architecting for the web.
  • Provide a “virtual desktop” – Some organisations now allow their employees to access their desktops as if they were in the office from a browser or application on their own devices. Suitably locked down these provide an “office like experience” on a multitude of devices. It is still, however, just your limited corporate desktop experience and if you’re off the web, you’re usually stuck (although some smart folks have worked out a way to provide offline desktops).
  • Virtualise your applications – Now we’re getting into interesting territory. How about delivering an application to your user that looks like it’s running locally on their machine, but is actually running in a locked down, secure virtual machine on their client which is controlled by the organisation! This provides a much more seamless experience than a virtual desktop and all the benefits of secured delivery.
  • Delivery through the cloud – Moving to cloud based delivery of applications (Office 365, Ariba, Salesforce.com and other SaaS providers being examples), organisations are able to offer services that can deliver to many devices. The challenge remains to secure sensitive data from being leaked from the cloud, but this form of delivery is already accepted by many and provides an ideal opportunity for BYOD.
  • On Device Hypervisors – With emerging technologies promising to be able to provide a “work phone” and a “personal phone” as two separate, virtual machines on your smartphone, this could be the ultimate provisioning platform for organisations. Retaining a secure corporate virtual platform that can be deployed to any device and which is seamless to the end user but isolates data to avoid leakage is seriously challenging the traditional mindset and helping to drive the BYOD agenda.

It’s happening now

Organisations are beginning to embrace the freedom that implementing a BYOD policy can bring them. By ensuring applications are built to be delivered securely from the outset and by abstracting the end device from the equation, IT departments can begin to work with their employees to unleash the productivity benefits to be had by accessing what you need, where you want it from any device. This started with the advent of web based applications, but to truly expand this to the suite of applications that are required to be delivered without compromising functionality, virtualization and application delivery technologies are now coming to the fore in realizing the vision of “anytime, anywhere, any device” access.

Anyone looking to consolidate infrastructure, refresh their desktop estate or upgrade their corporate systems would be encouraged to think about how they can offer the applications to more than just the “work laptop”.

The DMW Group‘s employees are able to purchase their own devices for work use, including laptops and phones. It runs a combination of cloud and web-based delivery to secure our end points and allow us application access. We run a plethora of various Macs, PCs, iPhones, iPads, Blackberries and Android devices and we all have the same application experience. Although the Mac and iPhone people will tell you their experience is so much cooler!