Tips For Making Sure "Bring Your Own Device" Doesn't Blow Up In Your Face

If you're using your own smartphone or tablet for work, here's what you need to know to make sure you're protected and your data is safe.

My Making Sure BYOD Doesn’t Mean ‘Bring Your Own Disaster'post from several weeks ago struck a chord with readers, who weighed in on the values and dangers of bringing your own device to work. In this post, I would like to share what I learned, and provide some practical tips for making sure your BYOD experience is a delight, not a disaster.

First, some reasons why BYOD is happening. The pressure to support BYOD is being driven by several business factors:

[b]· Consumerization of IT[/b] – For the first time, individuals have better hardware and software tools at home than they do at work. This ‘capabilities gap’ is driving people to enhance their work environment with tools from the consumer world.

[b]· Competition for new hires[/b] – The fierce competition for young talent is prompting businesses to acquiesce to recruits’ demands to use their favorite devices; it used to be just Macs, increasingly it now includes a variety of tablets and smartphones.

[b]· Changing patterns of technology buying[/b] – More and more, to solve specific business needs, information workers are downloading and installing unsanctioned software on corporate hardware devices, without the blessing of central IT.

[b]· Companies have not yet figured out the right mix of devices they need to support their business[/b]. Will it be desktops, laptops, tablets, and smartphones, or just some of these? In the meantime, companies are letting people pick their own tools, until it becomes clear what works for everyone.

The BYOD trend is will play out in within 3-5 years, according to Sanjay Poonen, President & Corporate Officer, Technology & Innovation Products, Head of Mobile Division at SAP (which has a mobile device management solution called Afaria.) By that time, companies will be buying mobile devices for their employees, just like they buy laptops today. Long-term, Poonen predicts organizations will buy laptops, tablets, and smartphones for employees.

What You Need To Know

Until BYOD plays out, you should be concerned with the following three aspects of your smartphone or tablet: the device itself (in case it breaks, or gets lost or stolen), software applications, and content such as email messages, contacts, and documents.

One set of useful tools is mobile device management (MDM) solutions. If your company uses an MDM solution—and there are many on the market (Gartner lists MobileIron, Airwatch, Good Technology, Zenprise, and Fiberlink as market leaders), you are in a better position than most. MDM solutions typically store your corporate data in a safe business ‘container.’ Information stored in the container falls under the company’s responsibilities. If you leave the company, corporate IT can delete information in the container without affecting your personal information.

Devices

Insist that your company produce a policy that details their rights and responsibilities for the device and its contents. Peter Frankl, VP of Lifecycle Management at Absolute Software, which offers a mobile device management (MDM) solution, told me that companies using MDM often provide an enrollment process for mobile devices. When an employee brings their device to work, they may be directed to an enrollment website that details usage policies for the device. This clarifies up front, the terms and conditions for acceptable usage as well as rights and responsibilities. Even without an MDM solution, companies should provide a structured registration process for employees.

Software Applications

Several people I spoke with noted that companies and employees should be aware that applications purchased from public app stores remain the property of the employee, since applications are tied to physical devices, not to company accounts. On the other hand, applications downloaded from corporate app stores can usually be ‘wiped’ from the device using an MDM solution; these applications usually belong to the organization.

Content

Email and documents remain two grays areas of which you need to be aware. Some MDM solutions provide secure email, some rely upon third party solutions, while others still don’t provide any support at all. Therefore, pay special attention to what happens to your email since email messages stored on mobile devices can contain sensitive data that can be compromised if the device is lost or stolen.

Documents are another area that require strict attention. Some MDM devices offer their own secure containers for documents, while others rely upon third party tools like Dropbox or Box. But keeping documents off the device altogether may be the best strategy of all. Companies using Microsoft SharePoint for document storage and management can access documents securely through products like ‘harmon.ie for SharePoint,’ which also obviates the need to store documents on the mobile device. Yaacov Cohen, harmon.ie co-founder and CEO believes that keeping data off the mobile devices is an effective way to reduce exposure to liability and data leakage.

At the end of the day, people will work from whatever device is most convenient, whether that be a PC, a mobile device, or a cloud application. Therefore, it is important for organizations and employees to continue to monitor industry best practices, while being vigilant about their own exposure, at least until the BYOD chapter comes to a close…

If you have any other ideas about BYOD or have personal experiences related to BYOD, please share them at: dlavenda1@hotmail.com or tweet me at: @dlavenda..

—Author David Lavenda is a high tech marketing and product strategy executive who also does academic research on information overload in organizations. He is an international scholar for the Society for the History of Technology.

Disclaimer: the author is an executive at harmon.ie.

[Image: Flickr user Thomas Leuthard]

Add New Comment

1 Comments

  • $38788420

    "The BYOD trend is will play out in within 3-5 years, according to Sanjay Poonen, President & Corporate Officer, Technology & Innovation Products, Head of Mobile Division at SAP (which has a mobile device management solution called Afaria.) By that time, companies will be buying mobile devices for their employees, just like they buy laptops today."

    I want to think this is true.  I used to buy thousands of pagers and Blackberries, so I'm a big believer of bulk purchasing for support and contract negotiations. And I believe in corporate control for corporate data and assets.  But a big driver for BYOD comes from the ability to granularly personalize these devices to the point that they're practically an extension of the body. What's going to change in the next 3 - 5 years? The big change has to be an ability to fully transfer a personal mobile persona onto a corporate-owned device, maintain full security and compliance on that device, and then allow that persona to then be moved to another device of the employee's choosing.