Personal Computing Device Required: BYOD Should Rule
Just like using your own car is a requirement for some jobs, BYOD should become the norm for corporate IT.
Many, many years ago, salesmen travelled on mass transit to their jobs, where they picked up merchandise and the corporate car. They travelled door to door selling their goods. One day, a smart businessman realized that cars were becoming ubiquitous, and that most of his employees were traveling to the office in their own cars. On that day, a new journey began where job descriptions included the sentence "Car and travel are required." Companies saved millions. They saved on car purchasing. They saved on insurance. They saved on car maintenance. They allowed the salesman to be as clumsy or neat as he wanted to be in the car. We are on the verge of the year 2014, and no one remembers when that journey began.
Isn't it time we do the same with computers? Less than 10 years ago, folks were shy about showing their geek factor. Nowadays it is very chic to be geek. Many of us have a cellphone, a home computer, a tablet, and an office PC. Why isn't there a COO somewhere asking employees to come up with the dough and use their own devices? IT seems to be the problem, and here are its claims:
Security: IT claims that having a non-approved PC is a security breach. Why? It could infect the network. It could upload confidential data to the web. People can run rogue programs that cause denial of service.
Support: IT claims it is too difficult for the help desk to support every device on the planet. How can a technician take a help desk support ticket when he might not be familiar with the nuances of some odd operating system?
User preference: IT claims that users don't want to co-mingle their private data with their work life.
So let's look at these three reasons and bust some myths.
Security: In my humble opinion, security and network are an oxymoron. With digital cameras, security went directly out the window. Anyone can take a picture of any screen and any sensitive data and then tweet it in a nanosecond. With Citrix, VM, SSLWeb, and HTML5 applications, the security is on the cloud. Much more than that, the amount of information we collect in audit tables is tremendous -- type of device, IP address, time, space, and even now thumbprint. It is time to figure out how to secure our applications through the web.
Support: From CompuServe to Yahoo to Google, services have been supporting different PCs, Macs, browsers, and even phones for years. And you don't hear them complaining. They figured out a way around this. Why can't the rest of corporate IT do the same? Half the support currently in the corporate world is for hardware. If we ask employees to bring their own devices, that support all but disappears.
User preference: Users now are so connected that, every breath they take, every sigh they make, they are being watched. Any corporate geek on her own can read all your cloud footprints now. She can see your tweets, your Facebook Likes, and all manner of other posts. Personal data and private data overlap, like it or not.
Of course, I'm trivializing some things, but I am trying to make a point. It is time for the corporate world to embrace a less expensive approach by allowing employees to bring any device they like to the office. It is time to have a statement on every job description: A personal computing device is required.
The Five Ways To Better Hunt The Zebras In Your Network issue of InformationWeek's Must Reads explores ways to protect vulnerable users in your company, lessons learned from the Evernote breach, how the FBI is improving enterprise insider theft detection, and more (free registration required).
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.