Choose your own device (CYOD) may be a better route for businesses to take to ensure a balance of business security and staff flexibility.
With pressure to control the consumerisation of IT in the workplace growing ever-stronger, it is tempting to think that a full-blown bring your own device (BYOD) strategy is the only game in town (option available) for today’s business.
Yet for some businesses, a better first step in balancing the data security needs of the business and the demand by its staff for flexibility may be to adopt a more cautious ‘choose your own device’ approach. After all, they may question why an organisation can’t manage its IT procurement so that it purchases devices staff actually want? Isn’t this going to be better for both the company and its staff?
For some businesses this can be the right choice, as there may be little or no need for a wide choice of devices in the corporate catalogue to cover the needs or aspirations of its workforce. It may be more expensive in terms of hardware costs, but a CYOD approach will ensure greater control over the range of devices coming into the organisation. Here again, co-funding options may provide a suitable middle ground in balancing issues of cost and control.
In deciding which route to go – BYOD or CYOD – there are a number of challenges to address as the business moves towards enabling a more flexible workforce. In the area of support, for example, the more complexity you add in terms of functionality or range of devices, the more expensive it is to service – a hidden yet significant cost. Does a CYOD approach genuinely give staff the choice they are comfortable with or is the device portfolio too restrictive, encouraging employees to bypass corporate policy?
Tariffing presents another problem. With personal and professional use on the same device, how does the company control the cost? For example, should a company be paying for an employee’s personal downloads and calls? How should a mobile bill be split in terms of payment? Again, a CYOD approach may be more controllable for the business, though it may fall short in giving staff what they want.
Similarly, security presents a major issue. Historically this has been viewed almost exclusively in terms of protecting corporate data, for example in the case of a lost or stolen device. More recently however, individuals are becoming increasingly concerned at the potential for the employer to access their facebook downloads, remotely erase personal contacts or block them from sites such as their bank account for example.
Effective device management can help overcome these issues by allowing IT policies, content, privileges of smart devices to be managed securely, whether corporately owned or the personal property of the user. For companies with a lesser appetite for risk, the emergence of a dual persona will in future enable corporate and personal data to be kept in separate containers, ensuring that corporate data can be held securely, at the same time maintaining privacy of personal data, together with separate billing.
So, BYOD or CYOD? The bottom line is that the decision will depend on the attitude of the business to a wide range of issues, including upfront investment and ongoing management costs, tariffing, security and meeting the aspirations of a more demanding workforce.