Companies need to work out what they want to emerge from the BYOD pile-up

Blues Brothers Pile UpAnybody who tells you they understand what is happening with BYOD, doesn’t understand what is happening with BYOD. Even by the standards of workplace technology, trying to get a firm grasp on the current state of play when it comes to the practice of Bring Your Own Device is particularly challenging. Surveys, opinions, research and case study pile up each day, crashing and bouncing off each other like the culmination of the multiple car chases in the Blues Brothers and just as difficult to untangle. The latest batch of news and views highlights exactly how disparate and conflicting the available information is. But underlying it all appears to be a single discernible and consistent point; while organisations may be less focussed on BYOD’s perceived advantages and rather more worried about the consequence of not implementing the practice, they still don’t trust it.

For example, a new survey from media company TechTarget of 4,100 IT professionals found that nearly three quarters expected their employees to use more mobile devices in 2014 but that the picture for the uptake of BYOD is less consistent, especially when it comes to larger organisations who are generally slower to implement the practice than smaller firms.  Among the survey’s respondents from larger organisations with over 1,000 employees, only 17 percent said end users would have final say over the choice of their own smartphones, while 40 percent would be given what the company decided for them regardless of their personal preferences.

This is pretty much the inverse of what happens with firms of under 100 employees. Amongst these, 38 percent allow full individual end-user smartphone choice while 32 percent were the decision of the employer with the remainder a combination of both.

The survey highlights the disparity between what hardware firms are willing to let people use in a work context compared to the applications and security features they apply. Under a fifth of firms allow employees to select their own data protection and transfer applications and email software. The main motivation for allowing people to use their own or preferred devices was to meet the wishes of employees according to the survey. Just over half of respondents (52 percent) said BYOD would be used to accommodate end users on their corporate network, 27 percent to implement dedicated devices for mobile workers, and 21 percent to reduce costs for personnel.

However, while the TechTarget survey claims that there is a shift to the more widespread use of BYOD, even in larger organisations, another new report claims that 2014 will see the trend go into reverse. According to the latest Global Business Smartphone Shipments: Quarterly Tracking survey from Strategic Analytics, the portion of new smartphones purchased for business use that are corporate-owned increased each quarter throughout 2013. More than 35 percent of third-quarter  sales of smartphones used for business purposes were corporate-liable, compared to 32 percent in the same quarter of 2012 which the report claims is a significant jump considering the steady growth of BYOD volume and the expectations that the trend would go in the exact opposite direction.

If true, the reason may not be hard to find. However much they’d like to accede to the demands of employees to use devices they know and like at work, organisations still don’t know what to do about  the security issues. The tensions these two forces apply on businesses might reach breaking point in the very near future if you believe yet another report from a company called SailPoint claims that most companies still lack the controls necessary to implement BYOD properly and securely. It found that while 80 percent of organisations allow employees to use personal devices to access company data and networks, more than half have reported problems with ex-employees trying to access information.

The report is based on a survey of 400 IT managers from US and UK firms with at least 5,000 employees so we should assume that it tells only some parts of the story. It also found that of the firms surveyed:

  • 57 percent had experienced the loss of company-owned devices containing sensitive information;
  • 81 percent are concerned about business users sharing passwords across personal cloud and corporate apps to sensitive data;
  • 46 percent are not confident in their ability to grant or revoke employee access to applications across their full IT infrastructure;
  • 51 percent believe that its ‘just a matter of time’ before another security breach occurs; 52 percent admit that employees have read or seen company documents that they should not have had access to; and
  • 45 percent believe that employees within their organization would be prepared to sell company data if offered the right price.

It’s little wonder given such conflicting reports that a clear picture has yet to emerge. The only thing that seems apparent is that companies are trying to do the right thing when it comes to meeting the demands of current and prospective employees while being all to aware that they are exposing themselves by doing so. Something has to give.