Guest Column | September 23, 2013

Enterprise BYOD Has Benefits — If You Overcome Challenges

By: Kyp Walls, director of product management, Panasonic System Communications Company of North America

Not long ago, the technology provided by employers to their workers was equal to  — if not more advanced than —what they had at home. Today, with the widespread use of tablets and smartphones, the inverse is true; personal technology is often more advanced than what is available at work. As a result, some employees feel as if they are using substandard technology on the job.

This phenomenon is a major driver in the Bring Your Own Device (BYOD) trend. Over the last few years, often driven by c-suite desire to use the latest and greatest technologies, BYOD has taken root.

At first glance, the benefits of BYOD are immediately apparent. The ability to reduce costs associated with the purchase of computers, phones and tablets, is attractive. In the BYOD scenario, employees are often responsible for data plans associated with their mobile broadband connections, another benefit to the employer. Many have also claimed that morale and productivity increase when employees use the devices they want versus the company-issued option.

While there appear to be benefits associated with BYOD, it takes little effort to uncover potential drawbacks. The primary issues fall under the categories of IT support, security, and engineering.

For IT managers, the immediate issue associated with BYOD is increased complexity. IT staffs accustomed to servicing a limited number of devices, the vast majority of which were on a single OS, are faced with the management of numerous devices and operating systems in a BYOD environment. The use of multiple OSs can also lead to application complexity, with different apps —depending on the OSs being used —being required to access enterprise resources. If apps are being created internally, the developers are also faced with the constant pace of mobile OS upgrades. While web-based applications can help alleviate this, they tend to compromise performance and are useless in disconnected mode, like most air travel or for a surprisingly high number of in-building locations.  When facing these challenges, it becomes increasingly difficult for IT to ensure a quality end user experience.

IT market-research firm Vanson Bourne recently surveyed 2,200 IT managers and found that the added demand on IT resources brought on by BYOD — including IT support, network bandwidth, remote-access servers, and enterprise applications often used by mobile workers — is increasing far faster than most IT departments can handle.

Adding to the IT challenges is the fact that by 2015, 80 percent of recently-installed corporate wireless networks will soon become obsolete because of poor infrastructure planning, according to a study by research firm Gartner The report suggests that enterprises will have to deliver four times more wireless access points to provide future Internet performance that is similar to the performance in the pre-BYOD era. Gone are the days where an enterprise could plan for a one-device-per-user ratio. With BYOD, each employee may use multiple devices, straining the wireless infrastructure.

Another challenge BYOD creates is security. Whether it’s the lack of security features found in consumer devices, regulatory compliance issues, poorly defined and/or followed policies or the propensity for users to lose devices, security challenges abound in BYOD environments.

Check Point software released a survey of 790 security professionals, which found that 67 percent thought BYOD increased the risk to corporate data; 63 percent worried about controlling access to networks and online resources, and 96 percent said the number and variety of connected devices is growing.

According to a Gartner study, the right of users to bring their own devices inevitably conflicts with the need of the organization to keep its systems locked down in order to reduce security risks. The study also found that the proliferation of devices with inadequate security made it difficult to properly secure certain devices, as well as to keep track of vulnerabilities and updates.

Although companies with BYOD strategies in place should be talking about security, it’s not clear they are.  This Gartner study found that 70 percent of organizations allow BYOD but only a third have policies that keep those devices from becoming security threats. Further complicating the security issue, a mere 26 percent of IT managers believed end users really understand the limitations in using mobile devices safely or within policies set by the corporation.

With consumer devices lacking some of the enterprise security features IT departments desire, lost devices become a real issue, and mobile devices are notoriously easy to lose. According to a 2012 survey, more than 8,000 mobile devices were left behind at just seven of the country's largest airports in 2011. Compounding the security threat of lost devices, a Javelin Strategy & Research study found that 62 percent of smartphone users do not use password protection, potentially exposing corporate data to serious risks and possible financial liability.

In the Check Point survey, 79 percent of security professionals said they’d had an incident during the past year involving mobile devices. For just over 40 percent of respondents the security event cost more than $100,000; 16 percent said mobile-security breaches had resulted in costs of more than $500,000.

These costs should be especially concerning for businesses with compliance mandates such as PCI DSS, HIPAA and GLBA.  In these cases, certain information security requirements call for the safeguarding of specific data that must be followed even if the data is on a mobile device owned by an employee.

Another element of the BYOD challenge is the fact that consumer devices are not engineered to meet enterprise needs. For example, many consumer tablets have inaccessible batteries. When a battery is drained the device must be recharged even if work still needs to be done. When a battery reaches end-of-life, the device typically must be retired (or perhaps sent in for service).

For field workers, the glossy screens found on consumer devices make it difficult to see and interpret data in broad daylight or other environments with high levels of ambient light. The most common cause of mobile device failures are drops and spills, but consumer devices are not robust enough to effectively deal with these issues. Even temperatures can challenge the average consumer device. Many consumer tablets, for example, have sub-100 degree F operating ranges, so simply being left in a car with the widows rolled up on a warm day can result in a failure.

In the event of damage or a failure, user owned devices create another issue for IT.  If the owner of the device is responsible for repair or replacement, as is usually the case, what happens to that user’s productivity while they explore their options?  Shopping for a replacement device or getting a unit in for repair can take several days or weeks, all the while hampering the user’s ability to work and/or communicate effectively and costing the organization dearly.

Devices engineered for enterprise use feature serviceable or user-replaceable batteries; daylight viewable screens with anti-glare and anti-reflective screen treatments; operational temperature ranges that can accommodate extreme environments; the ability to handle 4-foot drops to a hard surface and ingress protection ratings that allow them to be used even in inclement weather.

With its clear challenges, one wonders if BYOD is the right direction for enterprises with limited IT resources and potential security or compliance concerns. In fact, some research indicates the BYOD demand may not be as high as expected. An IDC report showed that despite the recent excitement around BYOD, only 20 percent of employees were interested in bringing their personal devices to work.

There are clear benefits to expanding the mobile device ecosystem beyond the traditional laptop. A broader set of devices will enable employees to select the right device for the job, which is a clear productivity driver.

But limiting devices and operating systems while still embracing these new technologies will achieve a balance between employees’ need for the convenience and productivity provided by new technologies and an enterprises’ need to manage and secure devices and company data.

Selecting devices that are purpose built, and meet the needs of the users, will ensure productivity while reducing the support needed from your already strained IT department, creating an environment where everyone wins.