BYOD Roundup: Gartner predicts 1 in 5 BYOD programs will fail, what companies can and can’t see on your BYOD device, enterprise mobile stats and IT departments under BYOD pressure

byod roundup

Here’s another roundup of BYOD (Bring Your Own Device) news…

Gartner: 1 in 5 BYOD programs will fail because of overly restrictive BYOD policies


Creative Commons photo by v1ctor Casale. Click to see the source.

Most IT departments are used to having full control over company-owned desktop and laptop computers, and many come into BYOD programs expecting the same level of control over BYOD devices.  They’re not used to the delicate balancing act of dealing with both access to company information and resources and doing so on workers’ personally-owned devices. ZDNet points to a Gartner report that says that by 2016, 20% of companies that implement a BYOD program because they’ll exert too much control over employee-owned devices in the name of information security.

What can the company see on a BYOD/COPE device, anyway?

the boss

In response to concerns expressed by a number of people about having MDM software on their devices, Talkin’ Cloud’s Ashar Baig put together a quick table of what an employer can see or access on a device with MDM:

What an employer CAN see or read What an employer CAN’T see or access
  • Carrier
  • Location
  • OS version (and if the device is rooted or jailbroken)
  • Battery level
  • The phone number associated with the device
  • List of apps installed on the device
  • Memory/storage usage
  • Company email and data
  • Personal email data
  • SMS messages
  • Videos
  • Voicemail messages
  • Web browsing activity

Enterprise mobile stats and IT departments under pressure

pressure gauge

Creative Commons photo by N. Feans. Click to see the source.

SC Magazine reports these numbers from Forrester’s most recent “State of Enterprise Mobile Security” report:

  • 70% of enterprises in North America and Europe have made it a critical or high priority to provide more mobile support to their staff.
  • 60% of tablet owners and 55% of smartphone owners have selected their own device to use for work purposes.
  • 46% of tablet owners and 32% of smartphone owners have bought at least one off-the-shelf app for work.
  • 15% of employees have said that they have accessed sensitive info, such as customer information and non-public financial data, from non-work-sanctioned devices.
  • 74% of firms plan to purchase or have already purchased smartphones for employees.
  • 74% of firms plan to purchase or have already purchased tablets for employees.
  • 33% are planning to build enterprise app stores.
  • 49% plan to increase mobile app and middleware spending by 5% or more in the coming year.

The trends indicated by these numbers are creating tremendous pressure on IT departments, many of who have their hands full with their server/desktop/laptop/networking caseloads, never mind the relatively new and rapidly-changing area of mobile technology. Phil Cracknell, head of security and privacy services at Company 85, says:

BYOD is putting pressure on IT right now. Many of the elements which reflect a total cost of ownership of BYOD are not being fully recognised when business is considering and implementing or at least planning to implement.

HR/Legal issues, responsibility for a replacement device in the event of theft or malfunction – who would that lie with? The individual or the company? What would that person do if they couldn’t afford a replacement right away?

The article also quotes Richard Absalom, an analyst with Ovum, who says that in certain cases, a COPE (Company-Owned, Personally-Enabled) approach might be more appropriate and still just as palatable to employees who want devices of their own choosing:

BYOD isn’t always the right way to go, as organisations in highly regulated industries in particular may have very legitimate security and privacy concerns around it. But they do need to do something about it as it will simply go unmanaged and cause even more problems if they don’t.

It’s important therefore for a mobility strategy to understand and address the drivers of BYOD, such as employees wanting to use a single device rather than carry two phones around with them, one for personal and one for work usage. Having a CYOD (choose your own device) or a COPE (corporate owned, personally enabled) policy would still mean corporate deployment but may go down just as well as BYOD with employees.

this article also appears in the GSG blog