In this fast developing nation, as technology is growing immensely and rapidly, and as some IT departments struggle to keep up with yearly technology changes, company employees want to use their own devices to access corporate data and work efficiently. And hence the policy “ BRING YOUR OWN DEVICE “ or BYOD permits the employees to bring personally owned devices such as mobiles, laptops, smart phones and so on to their workplace and to use these devices to access privileged company information and applications. This phenomenon of consumerization, that is transforming business and IT models, is now a mainstream trend in organizations even though it had been once regarded with hesitation and resistance by many businesses due to issues regarding security. With the courtesy of Intel, the term BYOD encountered its first common use in around 2009 when the company recognized an increasing usage of personal devices by the employees to work. But, when Unisys and Citrix Systems started sharing their perceptions about this trend in about 2011, this term achieved its real prominence. Now, by adopting this policy, an organization can attract and retain talented employees while increasing productivity along with easing things for their employees allowing them to work with their own devices. The usage of such devices’ is changing the way one wants to work. These devices are usually more advanced and often newer than the equipment taken up by many IT departments. Now a majority of the employees of a company own and use personal laptops, smartphones and tablets and hence this self-sufficiency among the employees is the driving force behind BYOD. Surveys have shown that companies are unable to stop their employees from bringing their personal devices to work and hence BYOD is making significant inroads in the business world.
There can be many reasons that can explain why BYOD benefits the employees and the companies. Some companies have a belief that policies like BYOD can make the employees more productive. Increased productivity comes from a user being more comfortable with their own device as being an expert user, they can navigate their device easier. It may also increase an employee’s morale and convenience by using their own devices and making the company look like an attractive and a flexible employer. It also allows an employee to carry only when device when otherwise they would have to carry more than one; one for personal use and other for working. Such policies may also incur cost saving on the companies as they now wouldn’t have to provide each employee with a device to work on and wouldn’t be responsible for software licensing and device maintenance hence assisting the employees. Increased productivity of the employees can also be seen as now an employee can work from their home with their own devices whenever they aren’t able to make it to the workplace. This has also increased the satisfaction of the employees as they can now work more flexibly.
Hence several companies such as IBM allow employees to bring their own device to work and more and more companies are now looking forward to incorporate such facilities.
However as fancy and attractive as it may seem, policies like BYOD when implemented, also has a darker side. Companies need to consider the full implications of allowing the corporate data to be accessed on personal devices that they could have very little or no control over. Increased consumerization in the workplace can increase the risk of viruses and hackers threatening their security. Although this feature of allowing the employees to work from anywhere and using any device is very beneficial, it can breach the company’s security and privacy if attacked by such threats. If an employee uses a smartphone to access the company’s applications and then loses their phone, untrusted parties could retrieve sensitive data. Another data breach can occur when the employee leaves the company. They use their own device to work. Hence they do not have to give back the device and therefore the company’s applications and other important data may still be present on their devices and may sometimes lead to misuse of such data. Also in many cases people sell their device and forget to wipe up the sensitive data that was stored previously for work. In various other cases where parents share their phone with their children, if a child is playing with such a device of his/her parent, then they may accidently send some data over email or via means such as drop box unknowingly and leak important information regarding the company. Hence, to ensure that information does not end up in wrong hands, company must put security measures in place.
So one must keep in mind before implementing this BYOD policy that if not fully regulated and understood, it can threaten security and put company’s sensitive business systems at risk. Each company must also establish rules ground regarding if an employee leaves a company, data must be deleted and he/she will be held responsible for any misuse of data and so on. And hence, it is very necessary to consider questions such as which data can employees have access to and what security measures are in place if the device is lost, stolen or compromised.
– Simran Mehta