Will BYOD save money?
“BYOD programs can reduce cost, but they typically do not,” says Chuang.
“From the CIO’s perspective, not having to purchase devices for staff can reduce expenditure,” says Gedda, “but they also have to make sure BYOD doesn’t have the negative effect of increasing support time and hence costs.”
There are “potential savings on hardware, as you are shifting the burden of shortened device renewal cycles on to the employee,” says Absalom.
However, “there are multiple extra costs to consider,” he says.
Companies may give employees a stipend to buy devices, and reimbursing multiple individual voice and data charges is more expensive than paying for a corporate plan, he says.
Also, the organisation will likely need a third-party management service and “extra man-hours and expertise required at the service desk to manage” different devices and operating systems, he says.
Organisations may find they get more for their money with BYOD, says Chuang.
“Offloading the management of nonstrategic devices from IT [allows] limited fixed-cost resources to be applied elsewhere,” Chuang says. Also, employees may be more likely to work outside the office, he adds. “It is very compelling for IT when they consider that eight hours extra work each week is a solid chunk of salary in dollar terms!”
What are the risks?
“Security remains the top challenge since mobile devices are generally not secure,” says Soh.
“Personally owned devices present risks to the network in the form of unintended denial of service and other threats to network stability, such as the spread of malware,” Chuang says.
“If not managed properly, there is a high risk of data loss,” says Absalom. “If there are no controls or policies in place, the IT department can have no view over what data is being accessed and by whom. Devices with corporate data on them could be lost or stolen, or hacked if not encrypted, and the business would have no idea it even happened.”
With people frequently trading up for new devices, “leaving data on old devices can add to this risk,” adds Gedda.
Security policies for BYOD could raise privacy concerns, notes Absalom: “Organisations must have fully informed and explicity consent from an individual to monitor or access any personal data ... The best way to get around this is through a corporate policy, part of the employment contract, that outlines the rights and responsibilities of both employer and employee.”
Beyond security, organisations must ensure corporate apps work across all devices and there is adequate support. Gedda asks, “If a tablet or notebook experience a fault, will the worker be able to continue working productively, or will there be a few days or weeks of disruption while the issue is resolved?”
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.