The holidays were a hot time for iPhones and Android smartphones. Millions sold, but they were only a drop in the bucket as both Google and Apple have easily broken the 100 million devices a year mark.
As anyone in the workforce with a computer information systems degree knows, those millions upon millions of smartphones and tablets are following their owners into work. Many people want the flexibility of using their own devices for access to corporate back-ends, databases, and applications.
It’s the consumerization of IT, a trend that causes IT departments pain and one that they can’t simply ignore. In a survey last fall conducted by Dimensional Research and sponsored by Dell KACE, 87 percent of the respondents said that employees used personal equipment for work. A full 80 percent said that they use their own smartphones, while 69 percent reported using personal PCs or laptops. The onslaught of consumer devices had a number of effects on the employees’ companies:
- 59 percent of respondents said that IT departments were supporting more operating systems as a result
- 62 percent were concerned about security breaches
- half worried about possible loss of customer data
- 48 percent saw potential loss of corporate intellectual property as an issue
- 43 percent thought that their companies would have difficulty meeting compliance requirements
- 64 percent didn’t think they knew of all employee device and software connecting to the network
It’s an extensive list of concerns that won’t go away by themselves. There are additional issues, as well. Companies that monitor computer use by employees would not automatically have the legal right to do so for personal PCs because they aren’t corporate property. If an employee leaves the company, obtaining important data from a machine could be physically more difficult. An IT department can address many of these issues through employee requirements and business processes.
First, speak with the company’s lawyers. Get their views on what the company can do, what it can’t, and how to structure safeguards. One obvious step is to monitor the network and identify hardware that hasn’t been authorized by the company. Given that people will provide IDs and passwords for access to resources, matching unauthorized devices to users shouldn’t be that difficult. Once identified, contact the employees and explain that while the company doesn’t mind the use of personal devices, there are some steps to take, such as letting the IT department install appropriate security software on the device and formally agreeing that the company has rights to corporate data on the machines.
Ensure that employees have service plans to cover problems and have alternative strategies so that if one of those devices breaks, the employee can still work. The change to personal devices won’t be easy, but with a practical approach and making employees part of the solution, IT departments can weather the coming storm.