I think most people would agree that the blurring of the boundary between our working and personal lives is accelerating. I know from many discussions that some people are more comfortable with that trend than others. Typically those yet to see their 35th birthday seem to be mostly supportive, those that have gone past that milestone tend to be at best more sceptical at the value proposition. There are countless case studies on highly successful companies that demonstrate their success is linked in some way to their employees having a personal commitment and deep affinity to the corporate objectives. However, recently I have read a few reports which argued that part of building that alignment can be enabled by removing the distinction between corporate devices and personal devices. They argue that in some way this step impacts on the psyche of the employees making work more personal and so building a stronger sense of ownership. Typically the term used in this context is Bring Your Own Device (BYOD) although there is a variant which has proponents where the employee is enabled to select device of choice from a defined catalogue, namely Choose Your Own Device (CYOD). The latter is intended to mitigate perceived risks associated with the operating model of BYOD and its implicit wide range of device options.
I must confess to have some doubts on the impact ascribed to BYOD in the context of employee empowerment. I certainly accept that it can reduce operating expenses and decrease the level of corporate investment in enabling technology. I have been involved in defining and deploying a BYOD strategy twice thus far in my career. I can point to the financial benefits arising from trading convenient access to selected corporate data stores from employee’s smartphone for the cost of providing a corporate variant. However, the more I talked to CIOs who have deployed BYOD schemes and some of their highly enthused employees I have heard the empowerment message coming through loud and clear. A very confident “millennial” enthusiast for BYOD pointed out to me that she saw her smartphone and tablet as being in many ways an extension of her personality. The growth of highly personalised wearable devices which often have a key link to the smartphone of choice is only going to make this blurred boundary more challenging. It seems likely that intelligent watch is going to become mainstream particularly now with the arrival of the Apple Watch. People are not likely to distinguish between their personal and corporate watch. They will want the benefits from their device of choice in the workplace both in personal and corporate terms.
However, accepting that engagement can be driven upward by a BYOD scheme it is very clear that the most important “D” in that context is not the “device” but rather the “data”.
Information assurance and how the corporate data set is protected is undoubtedly the key to unlock BYOD deployment and the promise of more engaged, committed and enabled employees. If you cannot securely manage access to the corporate data employees need or want or both to access from their own device then the scope of the BYOD deployment is going to be constrained and most likely disappoint the user community. We can all identify sectors where this constraint is in place. Indeed it is clearly shown when you look at BYOD adoption by industry sector analysis that there are sectors where there are specific restrictions driven by information assurance policies.
I recently read (in a Forrester report I think) that by 2017 over 50% of private sector organizations will no longer provide devices to their employees. This same report highlighted that the majority of IT decision makers believe they would be at a competitive disadvantage if they do not embrace BYOD. A quick look via the internet search engine of your choice will provide a great deal of material on how to define and deploy a BYOD policy.
There are some great case studies available from the early adopters with interesting insights including one that stuck in my memory of a company whose network performance was crippled as the BYOD was so successful and their policy did not limit the number of devices each employee could bring to the party. The vast majority of what I have read focuses on the criticality of managing access to the corporate data and so the associated risk. So you have the classic compromise situation whereby the drive from employees for an expansive BYOD deployment needs to be balanced with a securely managed data access model. If these two aspects can be balanced then there is undoubtedly huge value in what can be derived from embracing BYOD. Indeed many would argue that approaching corporate IT from the “IT consumerisation” user perspective can lead to valuable innovation of the corporate data security model. A good case for this line of argument is made by Stacey Leidwinger in her blog post entitled “Embracing Employee Empowerment“.
At the heart of this debate are what might be termed two absolute truths. Employees that are frustrated and thwarted by restrictive technology will generally find a way around those obstacles or at the very least introduce risk by trying to do so. At the same time in the digital age it is clear that security of corporate data must not constrain user enablement. I think it is well recognised today that King Canute like IT departments that attempt to resist the oncoming tide of end user expectations are going to find themselves drowning under a wave of “Shadow IT” challenges. They may well find that crucially in so doing they have driven a range of key business risks subterranean too.