What Is BYOD?

Much noise has been made about the consumerisation of IT and its effect on enterprise IT shops. One of the biggest aspects of the consumerisation of IT is the idea of Bring Your Own Device (BYOD). As I am heavily involved in a number of significant BYOD initiatives I thought I’d discuss some of the issues it raises, starting with this discussion of what I think BYOD is, and what I think are the different types of BYOD.

As I understand it BYOD is an approach that says instead of an organisation choosing its employee’s end user device for them, purchasing it, supplying it, owning it and supporting it – some or all of that responsibility is transferred onto the employee. In its most simple form, an employee is allowed (or enabled) to use their own personal device to access enterprise end user computing resources (email, intranet, business applications etc.).

BYOD is a reaction to several of the key factors of the current trend to the consumerisation of IT:

  • Consumer devices (specifically mobile devices) are now as powerful as , or more powerful than, corporate devices.
  • Consumer devices are easier to use, and more productive than traditional corporate devices.
  • People are demanding that they get to use devices that they know and love from their home life at work. For example, they want to know why they can’t use the iPhone which is so much easier to use and more functional than the office-supplied BlackBerry.
  • People are already buying their own personal devices and using these in preference to work-supplied devices.
  • The decreasing cost and increasing speed of mobile broadband means that people can now do things on their mobile devices that were once only able to be done within a corporate network.

These factors are leading to a demand for BYOD within the enterprise – especially when this demand is being made by senior executives.

From a suppply side, organisations are wondering if they can take advantage of these factors and this demand to reduce the costs of end user devices, or to take advantage of productivity and innovation benefits that these devices offer.

There are several different models for supplying end user devices and services that are usually called BYOD – we might call them different types of BYOD.

  1. Employees who do not get mobile devices (i.e. smart phones or tablets) may use their own device to access the organisation’s end user computing services such as email, calendar, business applications, intranet.
  2. Employees who do get mobile devices may substitute their own personal device for a work supplied one. All of the standard services and features available on their work-supplied device are available to them on their personal device.
  3. Employees who would normally get a work supplied device now use their own personal device, and are given a subsidy from work towards the purchase of the device (the device is owned by the employee).
  4. Employees are given a budget towards purchasing the device of their choice. The device is owned by the organisation. In some cases the employee may increase the budget out of their own pocket.

There are several points to note about these different models of BYOD:

  • BYOD type 4 isn’t literally a case of “bring your own device”, but it has many of the same management issues as the other types, and is often called “BYOD” in the marketplace.
  • In many jurisdictions type 3 will have tax implications (positive or negative) for one or other of the parties. New Zealand’s Fringe Benefit Tax is likely to make it unattractive here. In other jurisdictions it may be more positive financially.
  • Type 1 and 2 are usually approaches for mobile devices (phones, smartphones and tablets) only. Types 3 and 4 could (and in some cases are) applicable to desktop devices as well.
  • BYOD is a complex mixture of ownership models, policies, support, management and delivery of services to end users. These different models require different approaches to this mixture. This means that there are a number of implications for any enterprise looking to use a BYOD approach, and the implications change depending on the approach to BYOD, and the type of BYOD you choose.

In upcoming posts I’ll discuss some of these implications in more detail.

As I write further posts in this series on BYOD I’ll add links in here:

BYOD and support.

BYOD and employee expenses.

BYOD and employee expenses around apps.

BYOD and consumer law.

What is the scope of your BYOD initiative?

The business drivers for BYOD.

Some BYOD and Mobility Resources – a commentary on three government papers on BYOD.

BYOD and Your Network – delivering network solutions for BYOD.

Seize the opportunity to deliver BYOD.

BYOD is not about devices!


4 Comments to “What Is BYOD?”

  1. A customer that I’m working with at present is starting to look at BYOD. Their security architect refers to it as “bring your own disaster”.

    While there are definitely challenges around management and support of the devices, a larger challenge is ensuring that information security controls are maintained. In many ways organisations are “damned if you do, damned if you don’t”; if they don’t respond to end-user (in many cases coming of executive management) demands for the devices, existing policies and controls will be circumvented by the users and the organisation will be in a worse place, with no control or central oversight.

    • Absolutely right Jono. I think the key motiviation for BYOD and support of consumer devices is not so much because it makes sense commercailly or economically, but because you have to do something to control what is already going on.

  2. I did an interview for CIO.com last month on BYOD on some of the problems: http://www.cio.com/article/703511/BYOD_If_You_Think_You_re_Saving_Money_Think_Again

    From a direct cost perspective, there are several ways to compensate employees. One is to use expense reports on a per usage basis. Another is to use expense reports based on a fixed monthly stipend. Yet another is to directly add a stipend to the paycheck. It varies from country to country, but each of these has specific labor, tax and compliance issues.

    From a security perspective, it’s important to get employee permission to access, secure, and potentially wipe the data at rest or BYOD should be a no go. And there’s also the network and identity issues to think about, since you don’t get to pre-configure BYOD the same way that you can bulk provision with corporate-owned devices.

    From an app dev perspective, BYOD will make a mobile app strategy at least slightly more complicated if multiple unexpected OSes or even multiple forms of Android come into the workplace.

    And you’ve thought about support.

    It’s really not much different from a Bring Your Own Laptop strategy. If you let in PCs, Macs, and Linux indiscriminately and have a support structure around all of them, you’ll be fine. If not, there’s some issues to at least consider.

    • Hi Hyoun, Thanks for the comment, and the article link. You have raised a couple of good points around employee compensation, and employee consent which I hadn’t considered. I agree though – if you consider the key factors (and I intend to cover most of them over the next few days) then you should be fine. But if you don’t understand them and their ramifications, then you could find yourself in a lot of trouble.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: