Enterprise Mobility: The Indian CIO’s perspective
Sunil Lalvani, Director, Enterprise Sales, RIM, writes that personal devices infiltrating corporate environments is one of the most disruptive but promising trends in IT
When put together with a sound IT infrastructure and management strategy, the use of personal devices in corporates has given rise to the Bring Your Own Device (BYOD) trend that is here to stay. CIOs, although apprehensive, are trying to facilitate rather than hinder the process. The primary reason for this is the strong upside associated with this phenomenon.
A recent survey by Accenture among Singapore workers revealed that two-thirds of those surveyed enjoyed greater job satisfaction when allowed to bring their own devices owing to increased flexibility and freedom.
The factors driving this phenomenon are plenty and one can always argue that BYOD has been around, even though unnoticed, ever since the personal computer and the Internet became part of the office environment. IT departments have often had to lock down PCs to prevent malware infestations, and with access to USB ports blocked and the ability to install useful apps revoked, end users started to use their personal devices to get things done. Also, with the blurring of official and personal space, document collaboration services, and social networking sites are increasingly being used for business purposes. However, concerns over data leakage and usage if these tools are used for personal ends during work hours have led to many Indian CIOs recommending blocking access to these Web sites. Frustrated by this, employees are once again turning to their smartphone or tablet devices to remain collaborative and productive.
The marketing of consumer-centric, high-tech equipment, software and services has also spurred the growth of this phenomenon. The millennial generation, spoilt for choice, has grown to be as tech conscious as it is fashion conscious. The eagerness of young professionals to stay connected, participate, and make an impression has helped fuel the sale of smartphones and now tablets. The middle managers above them, mindful of moving with the times, have also embraced these easy-to-use devices. Moreover, while the inclination of employees to use personal devices for work is understandable, even CIOs in most organizations do see merit in the trend.
With so many factors supporting this inexorable tide of device proliferation, trying to block it may prove counter-productive for employee satisfaction and morale. However, the process to allow, enable and secure personal devices in work environments is far more complicated than it sounds, with enormous security and compliance issues at each stage.
To implement BYOD in its true spirit, the organization has to cater to integrated enterprise apps to work seamlessly across a plethora of device types. This problem of device diversity and the device management can be effectively addressed by investing in mobile application delivery and Mobile Device Management (MDM) platform.
Securing employee participation is another issue that Indian IT leaders will need to deal with. At the heart of most BYOD plans is the assumption that users are willing to give up some level of control over their personal devices in exchange for access to corporate resources, such as networking and e-mail.
It’s a prudent approach to have the end user sign a contract to this effect while also ensuring that employees understand that they are responsible for backing up their personal content on the device in case it is lost or stolen and the data on the device has to be wiped off. They must also accept limitations being placed on the device, which could affect the user experience.
In addition, it would be advisable to get the BYOD contracts approved by the legal and HR departments. This is so because effective mobile policies cannot be created in isolation and need to be coordinated with pre-existing policies as well as those of other stakeholders in the process.
In order to manage the dual personality of devices operating under BYOD policy, an appropriate plan encompassing the issues of specific data security requirements, employee demand, which devices enhance productivity and value, and which devices best suit the tasks at hand will need to be put in place by CIOs and IT departments covering the aspects of development of a BYOD contract or policy, eligibility, device selection, ownership, use, reimbursement and notification if lost, access to corporate resources/applications, security and privacy obligations for personal and business data.
A Virtual Desktop infrastructure (VDI) could help maintain the necessary balance between user flexibility and access and IT management and control. It could enable the organization to manage network access from all devices.
With employees filling the investment gap created by IT budget constraints, and with several other factors working in its favor, most CIOs are expecting a future of substantial device diversity.
A Gartner survey among CIOs revealed that the average number of expected platforms in the next two years was 3.5 in US and 3.7 in Europe, with most of them expecting a complex future. This was in-spite of the fact that only 28% believed that their mobile security would satisfy an auditor. Also, only about 50% signed some kind of policy document with the employee in the belief was that it was hardly effective in controlling behavior and only acted as an educational tool.
There is a need for continued efforts and investments to create a scalable, secure and manageable mobility infrastructure to support BYOD, and capitalize on the merits of this pervasive and growing trend.