What is IT Consumerisation? What is the buzz about BYOD (Bring Your Own Device) in the IT industry all about?
If you pick up any IT publication at the moment, or visit most IT websites on virtualisation, you will no doubt read what is being termed ‘the consumerisation of IT’. What exactly does this mean and what are these writers talking about?
CIOs nowadays are confronted by young, skilled people who want to use their own equipment—mostly Apple devices—instead of the ugly and unproductive equipment their companies use. The borders between working for the company and working on private issues are becoming blurred.
If we look at this realistically, do we want users to ‘bring’ their own devices? This could lead to companies seeing an influx of all sorts of random pieces of kit that have no place within a corporate environment.
Or can we trust people to choose appropriate equipment, and take care of their devices and company security policies on their own? And in addition to that, can companies reduce IT spending by implementing the BYOD concept?
BUY Your Own Device versus BRING Your Own Device
What the IT industry is realizing now is that the answer should really be Buy Your Own Device. Companies should be looking more to provide the cash for the user to buy an appropriate device that can be supported by their own IT departments. Does this mean companies are trying to curb or block the users’ freedom? No. It is simply a way of safeguarding the company and the users themselves, and preventing them from bringing in a device that will infringe on productivity, increase IT management costs, or lead to security issues. So allowing users some flexibility in selecting a device that suits him or her is a more realistic way of moving along with the consumerisation of IT.
Another question BYOD raises is how does a company decide who can and can’t buy their own device? Should a company implement a policy to allow ALL users to BYOD? Perhaps there are some users who realistically need a particular type of desktop or laptop so you don’t want them to bring their own. Perhaps there are other users who, for security reasons, need to be on a device that is located in a particular room or department.
Do companies really want users to be able to go to the local PC shop and buy any device they want? This is an issue that is a little more difficult to regulate, but it is an essential question for the company to ask in order to avoid problems further down the line.
The pull toward buying an iPad is very strong right now. They are very sexy, very popular devices that are right in the forefront of consumers’ minds due to all the advertising and product placement. The problem is that ‘Joe’ in marketing may buy an iPad and then find out that he can’t really perform his job on an iPad. So what happens next? Does the company now need to buy Joe a computer that is suitable for his role, so they have now paid TWICE for Joe’s device? Does this mean some rules concerning which devices the users are allowed to purchase are necessary? Should the users be provided with a list of devices they are allowed to purchase? Looking at users’ job functions and compiling lists of devices they are ‘allowed’ to purchase creates overhead.
A company could provide a cash amount in the users’ paycheck, or through some other means, allowing the users to purchase a device best suited for their role. But what about VAT if the employee is given a raise in salary or some cash for buying the device? There are a lot of VAT issues to be considered. Unfortunately this VAT topic differs in each country, making it difficult for an international company to implement a general rule. So is it an option to provide employees with money to buy their own devices in one country and not allow it in some other country?
If a company provides a user with cash up front to buy a device, what if he or she leaves the company the following month, walking away with the asset as purchased? As far as the law is concerned, it is the user’s property. If the company wants the user to buy a three-year warranty with his or her device, what about dividing the cost by 36 months and giving the user only 1/36th of the cost of the device via his or her monthly salary? Sounds good in theory and it gets around the termination concerns, but now the user has to front the cash for the device, which many don’t want to do. This is another big issue to be considered if Buy Your Own Device becomes the solution of choice.
If the user works on a great new innovative design for the company on his or her own device, and leaves the company, then who owns the intellectual property? The innovative design was created by the employee whilst he or she was working for the company, but the work was performed on a private device. This will often come down to how the employee’s contract is worded, but becomes a little bit muddled when the user has used a private device.
In light of all of these problems and concerns, Buy Your Own Device doesn’t seem to be the right way for companies to run IT.
Support in case of a failure
What about the warranty? What about a hardware failure? What about support? I myself own an iPad and I know that if something goes wrong I have to take it back to the Apple store.My nearest Apple store is about 20 minutes away. Even if it’s a very simple problem to fix and takes a technician an hour to resolve, I have now spent two hours away from my desk. This is two hours of unproductive time. If the Apple technician decides that the device needs to be sent away, then what do I do?
Does one still need local support, and if so how does a local IT support team, or a centralised team, stay up to date with the many different devices now appearing in the company? The cost for this strategy, from a support perspective, could be immense. If a device needs to be sent off for repair, it is going to an outside company over which one has no control. How does one know that the corporate data on the device will remain confidential? Does the company need to tell the users to take the hard drive out before they send the device to be repaired?
Safety and Legality
Two often-overlooked aspects of these strategies are legality and insurance (or safety). Company assets are usually purchased within the country they are destined to be used in. And as company assets, they are insured against damage to the device. How then could a company stop a user, for example from the UK, from traveling to the U.S. and buying a cheaper MacBook? Say the user then brings the American-made MacBook back to the UK, buys a converter plug and plugs it into the office power sockets. The power supply that came with the U.S. MacBook would only be certified to operate within a U.S. office or home. If something goes wrong with the device and if, for example, the office burns down, what happens if the insurance company discovers the cause was a privately-owned device purchased in the U.S., using a power supply only certified for use within the U.S. and not the UK? The insurance company may not pay up, or even worse they may pay up but then go after the user for cause, potentially bankrupting him or her.
In the above scenario you also need to ensure he or she adheres to all legal and VAT/tax requirements. If the employee bought the device in the U.S., did he or she abide by all the rules and pay the relative VAT when bringing the laptop back into the UK? This area is a potential minefield that needs to be carefully planned and regulated before a company implements such a policy.
BYOD and VDI
Some of the above-mentioned issues can be handled and solved if the introduction of the BYOPC/BYOD strategy is combined with the implementation of a VDI strategy. Areas such as support, employment termination, intellectual property, and other common sense issues can be addressed through the implementation of a solid and well thought-out VDI strategy. If you provide all users with a VDI session, which is the corporate desktop delivered to an end-point, then you know the following (given of course that the device is capable of running the VDI session): 1) the data on the device is secured, 2) once the employee leaves you can terminate that VDI session, and 3) all designs created are held within the corporate VDI environment so IP belongs to the company.
You also know if a user walks in with a MacBook or an iPad or another device currently not used by the company, you can install session agents from VMware, Quest, Citrix, Sun, or others that will allow the device to receive and run the virtual desktop.
Many T-Systems customers are using VDI for access from home or roaming but also for BYOD. Technology is mature and stable; previous limitations (display of movies and audio) have been solved.
T-Systems’ Managed Workplace Services provides you with a central environment based on security guidelines, role-based authentication and rollouts of applications that can be individually tailored to your needs. For companies that want their employees to use their own devices, VDI offers a secure and stable way to access company environments from any device they want to use.
Companies are looking seriously at BYOD, and some are already implementing or have implemented this strategy. A lot of thought, planning, and legal consultation needs to take place before such a strategy is rolled out.
I believe that companies looking to implement this practice should really only do so if linked to a VDI strategy. This combination can help avoid a lot of the pitfalls, both minor and catastrophic, that could ensue as a result of a poorly implemented BYOD strategy.
Vendors are only now starting to look at where their obligations lie when working with customers and SIs around the minefield of consumerisation of IT in the workplace. Whilst this is a difficult subject to tackle from an HR, legal, and accountability perspective, it is one that the market will look to the service integrators to take the lead on.
This is the position T-Systems is taking in this industry boom. We are at the forefront of ‘enablers’ of BYOD. We have process, documentation, and clear roadmaps to help customers get from their legacy environment to a BYOD environment.