Gaining real steam in 2017, “bring your own device” was an initiative in IT that was designed to reduce corporate overhead and increase employee productivity by encouraging employees to use their own laptops and cell phones for work purposes, rather than investing in new hardware for each employee. This means the company doesn’t have that initial and recurring outlay, but also that the employee can use the devices and equipment they’re already comfortable with.
From an IT perspective, BYOD is a terrible headache at best – instead of supporting devices and configurations that they have control over, now tickets are coming in for devices over which IT has no visibility, for software they aren’t familiar with, and by users who don’t want IT meddling with their personal devices. In many companies, it’s enough of a struggle for IT to roll out a consistent antivirus or authentication solution to corporate-owned devices, let alone on the one-off laptops or phones individuals bring in.
I’ve talked before about how balancing security and ease of use is a zero-sum game, and when it comes to personal devices, most users are heavily weighted toward ease of use, seeing security as an interruption or distraction. With the express goal of securing corporate networks, IT has a large job that is only made more difficult by the introduction of unknown devices with any number of security vulnerabilities built in – in a BYOD environment IT often doesn’t have control over when patches are applied, what software is prohibited, or what websites a user is allowed to visit on the device.
While the basic idea behind “bring your own device” is attractive to management and corporate leadership, as with so many other aspects of IT services, the total cost of ownership is a far more important metric than the up-front cost. What a company may save on initial hardware and software when they hire new employees, the amount of IT time taken to manage, address, and support that user skyrockets compared to an environment where the company mandates specific devices or software.
All this isn’t to say that BYOD is a terrible idea or that it can’t work in your specific office situation, but that your IT management team needs to be informed of any plans to move to BYOD, and listened to when they give counsel or advice, particularly when it comes to future support and security costs.
