Lately I’ve been talking with a lot of CIOs and IT Directors about BYOD and what it’s doing to their organization. From these discussions I’ve learned that there are two types of IT organizations: 1) Those who are being circumvented by users and are aware of it, and 2) Those who are being circumvented by users, but think they’re not.
Take for instance a visit a colleague and I had with a local staffing company. We sat down with their CIO and talked about some of their challenges. We brought up BYOD and he said that they were pretty locked down, and it wasn’t a major issue. They ran a purely Windows shop, and “only the executives” are allowed to use Macs. Tablets and smartphones were not allowed to connect to the corporate network, and the users seemed to be doing just fine.
He was right; the users were doing just fine. As we left, we glanced around a small portion of the office and counted 12 Macs and four tablets. Seeing that those devices were located in cubicles about the size of a large phone booth, we concluded they probably weren’t the executive team. This IT department was being circumvented by end users, and they had no clue it was happening.
IT organizations who are not aware of what their end users are up to are in for a very rude awakening. The old days when corporate issued the PCs and locked down users is over. Users have the tools and know-how required to access corporate assets from their personal devices, and if IT tries to stand in the way, the user will find away around them. In meeting with several companies, I’ve identified three actions that have (in general) helped companies leverage BYOD for their IT organizations:
- Embrace it. By showing users that you want them to have freedom and choice, you show them that you care about their productivity. Instead of fighting against users, you welcome their suggestions and preferences, and gain a stronger relationship of mutual trust. Organizations who force policies and compliance on their users typically drive users to IT circumvention. Additionally, many companies can see cost reduction from requiring fewer corporate assets as users bring in their own devices.
- Adopt a self-management approach. Users have more tools than ever before to get their work done. They want the ability to control what applications they use, where they store their data, and when necessary changes to their technology take place. By giving them the tools to be able to control those things, users will find greater satisfaction in working with IT. You will of course still need to comply with security best practices, but companies that have adopted self-management have found it much easier to work with users on defining security policies that meet standards but still allow freedom.
- Invest in user technology. Now more than ever, IT has the opportunity to prove their value to the business. We see more and more IT organizations that are driving company revenue growth by providing cutting-edge technology to their users. We have found that CEOs and CFOs are much more likely to buy off on technology that delivers value to the user and helps drive business growth. The technology that IT provides to the users also reflects directly back on IT. When users receive value from the tools IT provides, the user is much more likely to value IT’s contribution to the business.
Businesses who approach BYOD in this way can’t go wrong. Of course, each organization will need to take a look at their security requirements and adjust their approach accordingly. But as IT plans for the future, they also need to ask themselves the critical question: “Am I being circumvented?”