Mobile devices and tablets are transforming the way employees work and how IT supports them. The BYOD (Bring-Your-Own-Device) strategy has several benefits to your organization and end-users, especially the cost-cutting in terms of procuring new devices for your staff. Furthermore, it is a well-known fact that individuals are at their best efficiency when they work on their own devices and technology. This trend towards mobility stems from the increasing awareness of cloud computing. A Gartner research estimates that by 2020, 85% of companies will adopt some form of the BYOD program.
Using ITIL to Help your BYOD Strategy
Managing a mobile workforce that has company-issued devices is much simpler in terms of security and compliance. The BYOD concept brings with it an increased vulnerability to security issues and consequential business risks.
BYOD poses 3 key challenges to business, for which ITIL offers solutions:
1. Information Security:
Today, many handheld devices such as mobile phones, tablets, and personal laptops pose a huge threat when it comes to information security and accessibility. A mobile device can easily be lost or stolen. Recent research shows that nearly 113 mobile phones are lost or stolen every minute in the US. Additionally, an employee might leave the company or change departments, and there may be no way to ensure that the device does not retain sensitive passwords. Furthermore, it will be difficult to manage the software that is installed on the device; the employee will still have access to confidential information and the network. This information could land up in competitors’ hands or any other illegal or unethical organizations.
ITIL recommendation:
ITIL recommends a corporate policy or IT policy as to what information can be stored on a local device, including making all networks password protected and configuring the devices such that information can be locked or wiped if the device is lost or stolen.
2. Compatibility:
Different users are going to be using different devices and platforms. This is going to complicate the IT department’s work. Your sales department might be having a mobile staff and all of them may be using their own devices with different platforms.
ITIL Recommendation:
The cost to support the BYOD strategy could be passed on to the user. The IT department can provide the business with two choices. First, they can build the applications your employees need to use on their devices if you can limit the number of devices used by the workforce. If the cost is passed on to the user, then limiting the number of devices may not be needed. Second, IT can build different platforms for devices to use, while the number of applications can be limited.
3. Governance and Compliance:
This is another serious issue caused by BYOD. Employees could gain access to unsecured networks and software that has not been approved by IT, which could compromise security and in turn impact the productivity of the organization. The cost savings you had managed through BYOD might be overturned by these complications. Without an air-tight governance policy, you will not be able to avoid any rule violations and theft of intellectual property.
ITIL Recommendation:
ITIL recommends a comprehensive governance policy – for both internal and external governance. Access management is a critical component of this policy. Employees need to be educated about the policy and their feedback needs to be incorporated. Consultation with HR and legal teams is also essential to devise a secure governance policy that will complement your BYOD strategy.
Today CEOs and CIOs realize that there can be a middle ground where you can give your employees enough freedom to innovate and work with flexibility, and also have control over security and governance to protect confidential information, especially in the case of highly secure environments such as financial organizations.
BYOD is a technology shift that could benefit companies in terms of long-term profitability, while ITIL can help you to keep it on a leash and ensure your organization and its information is secure.
