Whatever happened to BYOD and do we need to worry?

Deciding on a CYOD strategy

If you ask an 18-year-old if a smartphone is a selling point of a job and they’ll laugh at you. People are used to choice outside the workplace and they want choice in the enterprise. If you give people an iPhone, they’ll want an Android device, and vice versa. You can probably never make all users happy with the devices you give them in a CYOD strategy.

Since businesses first gritted their teeth and allowed users to bring their own smartphones and tablets to work, the IT landscape has changed entirely. Do enterprises still need to be concerned about BYOD?

The first wave of consumerisation five or six years ago led many businesses to seek novel ways of dealing with increased demands for mobility from a tech-literate workforce.

Employees were buying their own high-powered smartphones and tablets, and wanted to hook these devices into enterprise networks and applications. Under the weight of worker expectations, bring your own device (BYOD) emerged as a coping strategy for the business, allowing workers to use a single, personally-owned device for work and non-work purposes.
Now, in 2016, BYOD seems to be yesterday’s trend. Other related movements have emerged, such as choose your own device (CYOD), where workers select from a pre-approved list of devices and COPE (corporate-owned, personally-enabled), where devices are provided by the business but available for non-work activities.

The Bring Your Own Device phenomenon is reshaping the way IT is purchased, managed, delivered, and secured. Our editors and analysts will delve into what it means, the key products involved, how to handle it, and where it’s going in the future.
So is BYOD still relevant, and how are businesses managing the use of mobile devices in the digital age? ZDNet spoke to the experts and finds out what really happened to BYOD.

Making the most of mobility in modern organisations

Richard Corbridge, CIO for the Health Service Executive in Ireland, looks back five years and thinks about how IT leaders at the time were going to help the business make the most of mobility. He says CIO concerns associated with the consumerisation of technology were meant to be solved by two mega-trends: BYOD and gamification, where elements of game playing are used in business.

“The theory was that if we could exploit these two things, then every person in every organisation would become an IT super-user overnight,” he says. “We believed we could even do away with some service needs, as IT was owned by the personality of the organisation, rather than the business itself.”

So how has the theory panned out in practice? Five years later, Corbridge says many BYOD strategies have been written, yet there remains a nagging lack of achievement. While organisations know what they want to achieve in theory, the practical realities demonstrate that the core aims of BYOD are often unfulfilled.

“We still see two mobile phones in the hands of most management teams, particularly in the public sector where the idea of BYOD was just too hard,” he says. “As for gamification, we see it more and more appearing in how consumers are persuaded to be part of a collective, but it still hasn’t quite changed the thinking of many delivery functions in organisations.”

Alastair Behenna, an experienced IT leader and consultant at The CIO Partnership, believes BYOD has indeed reached a plateau. He believes that, with large degrees of variation, allowing people to use their personal device for work purposes has become a standard practice in most firms.

However, the impact of consumerisation should not be taken for granted. Behenna says the absorption of BYOD into technology strategy has produced big business benefits, certainly in terms of helping to demonstrate how digital technology can change organisational processes for the better. “BYOD has been a hugely valuable trend,” he says.

“It was a key catalyst that stimulated the bridge between the old way of thinking – which stated that only maximum IT control could work for the business – and new realms of thinking, which suggested that organisations could free up systems and services to benefit innovation, growth and personal responsibility.”

Subsuming BYOD into good working practice

Omid Shiraji, former CIO at Working Links, says BYOD has not necessarily died – it is still on the strategic roadmap of many organisations. What remains an issue for most firms, he says, is the large amount of legacy technology.

“Many CIOs are hamstrung by enterprise software and security requirements,” he says. “These longstanding issues can make it difficult to move quickly, especially for well-established businesses. The creation of a mobile strategy is probably still much easier for a company that is just starting out.”

Legacy constraints are not the only concern. User demands in a digital world evolve faster than the strategies that businesses create to help make sense of mobility. Such evolution means that many of the subtle strategic variations of BYOD are also flawed.

Shiraji says CYOD, for example, is probably too inflexible as a strategy to deal with the demands of a mobile workforce. Giving employees a choice from a short list of tools is not enough. Access to a company-approved device might once have been seen as a perk of the job. Now, says Shiraji, it is almost an irrelevance.

“Ask an 18-year-old if a smartphone is a selling point of a job and they’ll laugh at you,” he says. “People are used to choice outside the workplace and they want choice in the enterprise. If you give people an iPhone, they’ll want an Android device, and vice versa. You can probably never make all users happy with the devices you give them in a CYOD strategy.”

David Reed, head of IT and data operations at the Press Association, recognises that managing a fleet of mobile devices can be a challenge, particularly when the business is trying to satisfy staff who are keen to use one device for both work and personal purposes.

“Although workers are more comfortable with the devices they’re using, it also means that they access documents, data and services outside of the IT department’s control. At the Press Association, we wanted to centralise this control,” says Reed. “The COPE strategy we implemented has enabled us to provide our team with a top of the line mobile device that they want to use.”

Reed worked with EE and provided PA’s workforce with 850 smart devices from hardware makers including Samsung, Apple and HTC. The approach uses EE’s mobile data management systems, including MobileIron, to ensure compliance with mobile security policies is managed centrally.

“That way we were able to set policies that were implemented on every device, such as password length and complexity,” he says. “We were also able to decide what the journalists can and can’t see, and which applications they can and can’t use. We can remotely lock and wipe devices if they are ever lost or stolen, a key security feature we could never achieve centrally with a BYOD strategy.”