If there's one company I didn't expect to have massive growing pains with BYOD, it's IBM. Then again, maybe they're more of a poster child for the promise and peril of BYOD than we might have expected.
Their problems with Consumerization of IT are, in the abstract, no different from the same issue any other company has faced when they start a BYOD policy: access to potentially disruptive services; a proliferation of unwanted and unauthorized software within the organization; unclear consequences for many actions.
But everything I've heard about IBM's corporate culture tells me it's a place where IBM comes first--their tools, their software, their processes, their systems, their everything. Small wonder they get antsy when people bring in third-party solutions like Dropbox, even if those products and services provide valuable benefits to the business.
This might have worked in decades past, but it's becoming increasingly untenable for companies of its size -- or, for that matter, any size. Heterogeneity's the way IT works now, with BYOD only being one part of that picture. IBM may never have gotten fired for buying IBM -- along with plenty of other people, once upon a time, but what about now?
So what's behind IBM's sudden reassessment of BYOD?
They're worried about leaks. And rightfully so. One of the major challenges of any BYOD arrangement is how to keep insiders from walking out with the company's intellectual property -- which is the single biggest way corporate espionage continues to be committed. (It isn't hackers, Anonymous notwithstanding.) Shutting off access to Siri was apparently part of this, as they didn't know what happened to the queries once they were made.
But the newest trend in COIT, and a rising one, is professional versions of the same services with management policies built in. Box.com, for instance, has all this and more. I suspect just about every "personal" service launched from now on will come with a "professional" tier--and if it does, it better have disclaimers about what's done with data gathered from both regular and corporate customers.
Their BYOD policy wasn't as well-thought-out as they hoped. Based on what the above-linked article says, it sounds like IBM's BYOD initiative was rolled out with the expectations that end users would know how to deal with their own devices; but they didn't, for the most part, have that knowledge. (Says the article: "'We found a tremendous lack of awareness as to what constitutes a risk,' says Horan. So now, she says, 'we're trying to make people aware.'")
Their expectations were wrong. What you expect to get from BYOD is as important as how you go about implementing it. One telling quote from the piece: "The trend toward employee-owned devices isn't saving IBM any money" (according to IBM's CIO, Jeanette Horan). The problem, as I've seen elsewhere, is how you define savings. Perhaps for them the projected costs of supporting BYOD -- and especially, the cost of setting up retroactive protection measures -- exceed any imagined gains in productivity.
But until they produce some hard numbers to back that up, I'm going to go out on a limb and say the gains provided through BYOD (and everything that goes with it) are more than worth the hassle, if only in terms of employee satisfaction and comfort. Some of those things cannot be quantified easily or conventionally, especially if you're only looking at the current quarter or a season or two ahead.
I'm sure even IBM recognizes it can't keep its finger in the dyke forever. COIT is something you either make happen, or which happens to you -- and there's only so far they can turn their own clock back before it breaks. But if IBM gets it right, they could serve as one of the better models for others to follow, instead of a classic example of what not to do.