As employees using personal devices to do work becomes ubiquitous, enterprises need to carefully assess the advantages and disadvantages to assess the safest way forward.
Smartphones, feature phones, iPad and tablets. These days your employees are bringing all types of mobile devices to work and want the ability to access mails, documents and files from them. It’s known as Bring Your Own Device (BYOD) and companies can’t exactly stop it. But then, why would you? After all, mobility is key when servicing customers regardless of geographic location or time.
Although it’s a logical and natural next step in how employees will want to access information to work, bringing electronic devices to the office also brings with it good – and bad elements.
A recent study by Harris Poll reported that four out of five employees use a personal electronic device for tasks related to work. The study also found that almost a third of those who bring their personal laptops to work used the company’s network through Wi-Fi.
Do the advantages outweigh the disadvantages? And if they do then how can you mitigate the risks? Let’s take a look at both the pros and cons of including BYOD in your enterprise.
Saving on costs
There are three key financial savings that businesses will make when implementing BYOD policies in the workplace, namely hardware, telecommunication and time savings:
Hardware: Your employees have purchased the device from their own pocket, which means that you don’t have to purchase hardware for employees, or purchase newer hardware when the existing devices are out-of-date.
Telecommunication: Employees will use self-funded plans instead of the usual corporate plans, which will be an obvious score for the company.
Time Savings: BYOD also boosts employee productivity levels. A report by Cisco found that the average BYOD user saves approximately 81 minutes every week. 81 minutes saved is a gain for any company and is an overall cost saving as well, allowing employees to do more than before.
We love the devices that we have purchased ourselves, preferring their interfaces and having a deeper understanding of exactly how they work. Your employees also spend around 6-10 hours each day on their personal cell phones, laptop or tablet. By allowing your employees to use their personal devices in the work place can have an impact on productivity and enjoyment while at work. In fact, the same Cisco report above illustrated a 33% increase in employee satisfaction when BYOD was allowed across their IT department.
Top of mind when it comes to employees bringing their personal devices is security. Access to company data and applications becomes tricky to manage as employees may easily be able to view and engage with sensitive data across multiple devices, stay logged onto work emails on cell phones and tablets, or even accidentally leak information. This leaves you vulnerable to malware threats which could have massive business ramifications.
There are also numerous other security threats that you should consider when allowing employees to access company information and applications from personal devices:
Lost/ stolen devices. If employees lose or have a personal device stolen then the threat of an unwanted third-party person(s) accessing sensitive data is real. Employees often have open email access or applications that can easily be accessed on a device at any time, particularly is these aren’t secured with passwords.
Employees leaving. What happens in the instance when an employee suddenly leaves? That employee could still have access to your company information, which could potentially expose you to a threat of leaked company information.
No fire-wall or antivirus. When employees use their own devices, you have little say in whether anti-virus software has been installed on devices or adequate firewalls are in place.
These are very clear risks to the business, but how do you mitigate them?
One of the ways that companies are tackling this problem is through the implementation of mobile device management software. This gives your IT department greater visibility over the devices, while still protecting the employee’s right to privacy. The mobile device management software allows an organisation to monitor applications to determine who is accessing them and from which network, allowing you to spot potential risks before they occur.
What happens when your employees can’t access information of application due to incompatibility of devices? Incompatibility can arise for some of the following reasons:
Devices that can’t run the required software
Devices that don’t support a specific protocol.
When employees work remotely, productivity can be heavily impacted by interrupted or just general lack of access to critical information. Take for example a sales consultant at a potential customer requiring access to certain information to close a sale. Without instant, at-their-fingertip access your sales consultant will most probably have to come back to the office to send their potential client the critical information – which by then might be too late to close the deal.
Another disadvantage of employees working from their personal devices is that you have very little control over how the device was required or what applications have been downloaded onto it. Some more tech-savvy individuals could customise their phones by downloading apps unavailable to the average user. “Jailbroken” iPhones also don’t have the same security measures in place as a standard iPhone.
These rogue devices could present a real threat for your company, opening your company up to the very real threat of downloaded malware devices that could affect your infrastructure and cripple your business.
Global ransomware attacks in 2017 show the huge impact that ransomware can have on companies. Depending on the type of virus, malware takes control of a computer system and blocks users’ access. For a company, this could mean not only loss of productivity as your employees cannot access their computers, but also could potentially disrupt servicing customers. Profit losses can be significant. The 2017 ‘WannaCry’ ransomware attack was estimated to have cost approximately USD4 billion in losses.
There’s no denying that there are some serious risks to your organisation if you allow BYOD in your company, but the reality is that employees working from their personal devices is the natural next step. In light of this, companies need to ensure that they have the right policies in place to mitigate the risks and ensure the safety of their business.
Implement a formal BYOD policy which sets out your expectations and/or disciplinary implications. The BYOD policy can also be integrated into existing policies around working remotely and ‘acceptable use’ policies.