BYOD is a ticking time bomb for B2B resellers The Bring Your Own Device (BYOD) trend among organisations will mean a £2bn sales boon for UK service providers within five years but will "significantly disrupt" the B2B hardware channel, says the analyst firm TechMarketView. Senior management within firms and younger employees, particularly those under 30, expect to use …
I use the kit that my employer provides to do the work with which they task me. I am not prepared to provide my own kit to do that with it, no matter that it may be a better fit for the purpose than anything the procurement team can find, if it's their kit then it's their responsibility to make it fit for purpose, sufficiently secure and to bear the cost of any necessary maintenance and upgrades.
By the same token, if I am providing and specifying the kit with which you work, then I will have control of the budget, security and permitted functions thank you very much. I'll fix it when it breaks and upgrade and replace it as necessary, but that's my call. You'll get what you need, but not necessarily what you think you want (because you're wrong).
This.
If I had to provide my kit then there's no way its use would be shared between home and work (not without separate partitions anyway), so it'd more than likely be exactly like my works laptop; sat in a docking station all the time unless I take it home for on-call (why do people lug their laptops to and from work when they have no intention of using them until work the next morning?).
I can't help this BYOD stuff is some bollocks invented by beancounters because they can get rid of procurement costs, without realising the support costs will skyrocket because the admins will have to make a plethora of devices secure for the network / install various things that are usually rolled out for whatever bespoke applications the company uses.
Because, with any decent employer, that laptop is probably more powerful than anything they could afford.
I know I use my work laptop at home almost as much as I do in work. And when there is an emergency (about the only thing I would work from home for free for), I can just log in remotely and have ALL the tools I have in work just sitting there. Because of quite open and flexible policies, it means I can check my work email at home and my home email at work, too.
Also, it's a laptop. If you have one, it's because a desktop wouldn't be suitable (I know this isn't true for a lot of people, but it's true for myself) because you *do* need to move it around. This is why I have a laptop and not a desktop despite having an office to myself - because sometimes I need to lug it around and do things on it elsewhere (even once inside a crawl-space) and having remote-access to a desktop wouldn't be anywhere near the same in those circumstances.
I certainly don't think of my laptop as a status symbol. Hell, I spend most of the time it's off-site trying to hide the damn thing even though I never leave it unattended.
But since I've worked somewhere which has a policy of letting me buy things to my specification, I haven't bought myself a personal computer. It wasn't planned, only incidental, and I've asked that, should this laptop be replaced (we have a 2-year PC replacement policy) I be allowed to keep it rather than it filter down to our "second-hand use" pile. If I hadn't broken it's predecessor's screen-hinges through over-use, then I'd have kept that too. Both were the most powerful machines I'd ever used at the time.
And my employer benefits - I get decent tools that I'm much more familiar with, I do take care of the machine a lot more than I would a work desktop, they do get their money's worth of use out of it, they do get a remote IT manager with all his tools available at all times for emergencies (though they know that if they abuse that, it stops), they do get the occasional benefit such as me pulling in code from my personal projects into work projects and/or working on work projects when I think of something useful to add (and, yes, I have clarified the intellectual property situation - work done on my projects is mine, work done on their projects is theirs), and it doesn't cost them any more than a "not-off-site" policy (we already have accidental damage warranties that cost next-to-nothing and barely use them).
A lot of our staff take their laptops home. It can even be a bit of a pain to get them all back in for upgrades / replacements so we have to give notice when that happens en-masse. But it means that people come to rely on them, thus take more care of them, and they have no excuse for not having finished their work ("I couldn't get in" or whatever), and the extra associated cost is minimal. It also means that the workplace has much less value to a robber! (We've yet to have any thefts of staff laptops, but we have had only two breakages over three years, so it's hardly a chore). Everything is security marked, encrypted, and traced anyway, not to mention worked into the policies as the property of our employer, but we expected a lot worse when we started.
We get the odd rogue program installed (e.g. some game they've bought normally) but, to be honest, the staff don't have admin access and don't need it and they hardly even notice. About the only thing I do for them is the occasional Flash upgrade so they can watch BBC iPlayer. Everything else, they are happy to install / run as their normal user even at home.
And with TrueCrypt installation, and the fact that I'm the only one who can actually take any data off-site (and not just my own work which staff would be emailling / taking home via USB key anyway), and being the responsible IT guy (so it would be my head anyway), they know their data is pretty safe. But, yes, I take it home a lot, I've watched movies on it, I've taken it on holiday on the plane, etc. You might think I'm being showy, but it makes sense for everyone involved.
Value your staff, trust them and provide them with decent tools and they will take care of them. Treat them like children who can't be trusted to have anything and they'll act like that out of spite. And the laptops we buy for staff (mine's a bit of an exception) are pretty much the bog-standard cheap business laptops - but you don't see them complaining because it means that *they* don't have to fork out for them. A lot of staff enjoy the freedom of taking their laptop home, even when they have iPads and iPhones galore at home of their own.
Does your employer require you to visit other sites or run errands? Do they provide you with a car?
I know it's not a perfect analogy, but it's a useful one. The real road warriors get a company car. Other employees might get a mileage allowance. And those of us without a car get discriminated against.
Not really, it's all remote access. The customer I deal with is in a different country. I was a virtualization sceptic, but after having my laptop getting slower and shitter (while senior staff get new ones for the oh-so-resource-intensive powerpoint), i wouldn't mind having my environment sat on a big grunty blade that I can login to anywhere, without having to lug this dead weight around. Some minor support issues could even be done via rdp on my smartphone when I'm not in the office.
In the days when I worked for Big Business...
If I needed to travel by car for a work purpose, then I used a company pool car. High mileage users (and managers!) got a company car, the rest used the pool cars (or a hire car if none was available). Under no circumstances did the company pay mileage and ask you to drive your own car - because it quite probably wouldn't be insured for business use, and definitely wouldn't be insured if you had other colleagues in the car with you.
Only drawback was driving an unfamiliar car at 6.30 in the morning!
This is nonsense. The reason the company you worked for didn't pay mileage is that it is no longer financially worthwhile (either for company or employee) to provide mileage allowances for using your own car.
15 years ago, it was a good deal for both employee and employer, and so everyone and their dog was getting mileage allowances.
A laudable goal, but sometimes impractical. I'm astigmatic and need to use a larger font to avoid eyestrain. The 17" screens my workplace supplies can certainly fit this font, but my effective screen real estate is reduced in the process. As I often use multiple windows that need to be cross-referenced, my job becomes harder if I cannot see them all at the same time.
So, I would like to have a larger monitor. However, because the standard monitor is still suitable for purpose, I would have to make a special business case and jump through multiple hoops to get it. This could take months, during which time I'll either get less work done or suffer regular headaches. Or, I could bring in a spare 23" that I had lying around doing nothing at home and use that. Which I am doing, right now. My business case is still processing, but until it gets filled or even if it gets rejected, I'll be able to work properly without hurting myself.
Fair play to you for getting the job done, but if you need the kit to do the job then it's down to your employer to provide it, not out of courtesy but as a legal obligation. If you can't do the job with the kit provided then it's not fit for purpose and that's that. I don't do my job out of the kindness of my heart and I don't expect any such sentimentality from my employer. I sell them my time and skills for them to use as best they can. If they can't equip me properly then that's their look out. I'll do my best to improve the way that the job is done but I am not subsidising them.
"I use the kit that my employer provides to do the work with which they task me. I am not prepared to provide my own kit to do that with it"
With respect I think you are approaching this backwards.
The trend here is not for businesses to force employees to provide their own kit but rather for them to cater to the preference some staff have to work on their own devices.
If someone wants to work on an iPad that they bring in from home and we can make that workable then why not?
Obviously if they don't want to bring their own kit then they can use the PC provided for them which is a suitable as it ever was.
Fair point, I guess it depends on context. In my context I need to enforce a rigid separation between the customer's data and the rest of the world. There can be no possibility whatsoever of it leaking onto out corporate machines, let alone any personal kit.
I also may have been screwed over too many times, which has given me the mindset that what happens at work stays at work. My own kit is mine, not my employer's. When I walk out of here I walk out without having to prove that I've removed all trace of my employer's gubbins from my kit. Your mileage is obviously different from mine. If this lot want me to use a paperclip it's coming out their budget, not mine.
I'm happy to bring my own mouse and keyboard. A better 24" screen would be on the wishlist but it is awkward taking one of those in and out of the office. The basic computer itself is usually ok.
If I have a stonking pc/laptop of my own I might consider a VM but no way am I mixing work and home environments. I once cloned my work laptop as a VM so I didn't have to lug a laptop to/from work. That worked quite well.
I use my own mouse and keyboard at work. Work have standardized on some quite cheap tacky MS wired keyboard and mouse.
I'm someone who actually spends the vast majority of the day touch typing, not looking at the keyboard, so for me the most important things are consistency of keys, the action and travel on the keys and feedback.
These laptop style keyboards drive me nuts - I spend most of the day coding in vim, where the escape key is hugely important (switches between insert and normal mode), so after a day using these new keyboards, I bought a 2nd hand Model M. My desk is now easily the noisiest in the office, the reassuring sound of clicky keys fills the air.
Still trying to get them to upgrade our stupidly small 2nd monitors from 17" to something I can actually read a page of code on. 22" widescreen in portrait mode would go down a treat.
"Work have standardized on some quite cheap tacky MS wired keyboard and mouse"
Bang on the head. That's why BYOD is popular. Because a small minority dont want what everyone else uses perfectly well (probably an iPhone user too).
You'd be lucky not to get a slap from me. Work supplied device or P45 your choice.
There's a big difference between an input device and the computer itself; my work will provide 'natural keyboards' (like the ones they have in nature) and weird vertical mice that no-one else can use if you complain and say that your wrists will probably fall off if you use normal kit. I'm guessing most employers will out of fear of some litigious twat going after them for thousands of pounds if they don't.
Indeed, this is happening across many large organisations and in significant deployments (100s - 1,000s). Public sector organisations are also deploying BYOD (or to be correct, Choose Your Own Device - CYOD) projects - we've been involved with a number of mobile device management (centralised security and configuration) deployments in local government, NHS and other bluelight organisations, as well as the usual early adopter verticals in the private sector (finance, legal, pharma, petrochem, etc.)
The cost justification of allowing someone to use their own kit and gaining their extra productivity in return for a small cost per device (to secure the organisational data on the device) is very compelling. Users accept and embrace the flexibility and mobility improvements a BYOD/CYOD project provides and the organisation gains from increased agility and mobility.
To be fair, many projects are being driven by another initial requirement in the primary phase, but CYOD is usually top of the list for the second phase. This is real and it's happening now - I fully agree with the author of the article - the impact of the move to predominantly iOS (i.e. Apple) and BYOD (i.e. mobile telcos) devices is disrupting the traditional PC hardware channels. Be prepared.
I work for a global business that made a ten-figure dollar profit last year and I can promise you it is happening here.
If there's a culture of getting things done then people don't want to say no to things like workers picking their own tools.
If it is possible (within the normal requirements of security, cost, and other over-arching concerns) then we do out best to make it happen.
A lot of current infrastructure technology lends itself quite readily to this sort of thing.
I'm contracting for a global manufacturer, and they're seriously mulling it over. Only problem is, no-one seems to be really thinking it through - I have heard a senior, supposedly technical, manager (yes, I know it's an oxymoron) say "just sign the authorisation and that's it - people can bring stuff!" No mention of security or anything.
I have posed the question that if I bring a Macbook running Office for OSX, and edit a Word doc which I then send to a Windows user, and they find that the Word doc contained a virus, whose liable? I might not have AV installed. Is AV even a mandatory requirement for the Windows user? Where is that written down? Does the client-side LAN need to become nothing more than a DMZ? What am I allowed to connect to? If I was a DBA, would I be allowed to connect directly to business DBs?
Brainy icon because someone needs to apply a bit of thought to this stuff.
Its not just small start ups, BYOD is coming to our FTSE 25 company at some point soonish. We will be supplied with an amount of cash to buy a device which must be available for work for a specified period and we must have in place a service agreement with someone that ensures the device is looked after in the same way as those that dont BYOD. This is being done through our benefits scheme (so work effectively controls what devices (although its win laptops or Macbooks) and ensures the service agreements are in place. I know a number of people that are so unhappy with the kit provided by our IT partners that they will be changing over as soon as possible. There are also a number of people that have started using thier own iPads as well for certain things and whilst these arent supported there is a "blind eye" type approach to it at the moment with a trust that the users will follow security policy etc...
You're right I am the same AC and it is boring, but no more so than the usual trolls that turn up here. They've been posting the same one sided inaccurate BS of their own for years. There's no stopping them!
If El Reg can write a headline that doesn't reflect the facts, so can I
in what way is this bullshit? Google do love to sniff data, they won't even let me enable gps on my android phone without giving them "anonymous" data. (if it was genuinely anonymous it'd just be a lat lon pair and of no value at all). We all know their "accidental" wifi data slurp was not accidental. The android store has plenty of malware on it.
It's a perfectly legitimate point of view to be paranoid about them. If you're in charge of a businesses' IT and you think this is bullshit then you're not doing your job properly.
"in what way is this bullshit? Google do love to sniff data, they won't even let me enable gps on my android phone without giving them "anonymous" data."
Then maybe you should learn how to use your Android phone and stop trolling. You can enable GPS without sharing information, you cannot enable AGPS without anonymous data because the A part (Assisted GPS) needs that anonymous information to umm, assist you in getting a fix.
"When you check this option, you’re asked whether you consent to sharing your location anonymously with Google’s location service, to help improve the service."
See: http://support.google.com/ics/nexus/bin/answer.py?hl=en&answer=169100&topic=1091383&ctx=topic
fuck you! It's a sony xperia play with the latest sony build of Android. Going into settings for location I have "Use Wireless networks" and "use GPS satellites". With "Use wireless networks" unchecked I touch the "use GPS satellites" option and the message I see is "Will collect anonymous data while using GPS, Agree or Disagree". If I select disagree it doesn't turn the GPS on. You can link to all the support topics you like, get the device and you'll see I'm right.
And get a login you anonymous pussy, or would that make it too obvious that you astro turf for google?
for sure the pressure is there. That's what people already want and they want it very badly. Its particularly wanted by the senior execs.Matching it up with any kind of data security is going to be a game and three halves, you know fines handed out for data stored on personal devices and all the rest of it, and the support is a pain in the neck. Already got enough problems trying to run VPNs over whatever cruddy and highly limited broadband connection the user has got at home...
I wanted it for years. I know better what device fits me, and if I don't have it I lose motivation. If it were only for the laptop with a higher resolution. Or with a better antenna so that it works in every corner of the hotel I am in. Or a better trackpad.
I have a couple of customer laptops, which work well but feel so crappy. The poor people using them (including me)!
the senior execs need sometimes access to the data in the most unbelievable places, where a laptop, or sometimes even an ipad has no place. you can't expect them to take all their hardware everywhere and they are crucial to the company so they have to take informed decisions fast.
About VPN: I have a fast 3g connection and connect with the ipad (through citrix receiver) to a virtual windows desktop. it's great in times of need and it's fast too.
And yeah, they'll sell less phones and tablets maybe. I still expect that each person bringing their device will still need a computer for the next 5 years.
Its called a business case, make it and if you find it overall makes sense (including all the costs) then it will be accepted.
At present its just a whinge, been hearing those for 20 years.
Do the research into all implications, get buy in and overcome the businesses reservations.
Key point of a business case is how much does it really cost and what are the risks not just purchase price.
Seen business cases for saving large amounts of money being refused due to risk.
In some way I welcome BYOD. I don't have to lug two phones around, I can have a laptop that suites what I want to do.
Certainly when it comes to laptops most companies tend to have a one size fits all policy, suited firmly to the lowest common denominator.
Yes your senior exec only needs to run excel, powerpoint, outlook and watch some porn, but us power users do the above, but in addition may be running an X-windows client, visio, a browser with about 10 tabs open, a couple of PDFs and a load of putty windows. So our requirements are 17" screens, a minimum of 4GB memory, 4 core processor and large fast disk.
The lowest common denominator does not work, hence why more and more people are creating Vmware images of their work laptop and running the image on a personal laptop.
... what your company is prepared to give you. It may be that their 'upgrade cycle' is way out of sync with actual needs or they are only prepared to give you the lowest spec available. Sometimes it fells like it would be worth a significant amount of cash to be able to put your new i7 laptop on some long running chore or not to have to wait for weeks for 'IT' to OK the install of some simple utility or other.
In yer dreams, most IT policies are against it. And as others have said, if I was to use my device at work, I'd want some kind of compartmentalisation. I certainly would not want my personal mobile number known to work - I am not paid to be on-call 24/7.
If the work environment was hosted as virtual image (or "in the cloud" as the PR wonks would have it) then almost any device could connect via SSH or similar and work carried out using that. Devices could even be swapped and work continue (if using SCREEN, MOSH etc). Maybe that's the way to go?
The main stumbling block would be open standards (or lack thereof). Far too many things would still be tied to proprietary crap.
My time costs the company something around $100 per hour. So saving 5 minutes per day (minimum) by upgrading to an SSD and some more RAM for a couple of hundrend dollars is a no-brainer.
So dear control freaks among you, get off your horses and start i) educating, ii) listening to and iii) serving your internal customers.
For years I have fancied going for a younger model, think of the excitement of cruising round with a nice sexy modern version that makes you the envy of your friends.
Admittedly it would be high maintenance, unlikely to do exactly what you need, you would be constantly apologising because your work was suffering. Interfacing to your legacy devices is likely to be difficult or costly. The risks of getting in trouble due to transferring secrets would be very real.
Yes you can have an affair with a new model but the risks are high and the benefits are likely to be transitory.
Tell them to buy a sports car or get a hair transplant.
Done carefully and properly managed you might well get away with it. But part of the drive behind this seems to be cutting procurement costs its unlikely the IT budget is going to go up?
Fed up with companies deciding the individual employee has to provide and do everything that rightly should be the business' responsibility. Reached a point where it isn't clear what benefit there is to being an employee any more. End up managing oneself anyway, and now it's a case of supply your own kit, and go work from home rather than expect your own desk in a room with a nice environment. Why should we cater for you ? In fashion business practices seem to have lost the plot over the last few decades. But there again I think the rot started when they stopped calling Personnel, Personnel, and started admitting that employees were simply humans used as resource for the company.
Saw what happens if you connect a modern smartphone to a modern Exchange network.
Users own phone was able to join to the exchange server no problem. But the exchange server did force the users phone to adopt a PIN for unlocking it, and reserved the right for a remote wipe.
If you want to read company emails on a phone - aside from running some webmail acces, you have to bow to some corporate control over your device
Fascinating riposte but ultimately, it will come down to business cost. If a business sees considerable saving in allowing or encouraging BYOD or CYOD and advances allow it to do so safely, it will happen and is indeed happening right now. You want to bury your head in the sand or join a commune at the top of a hill waiting for the end of the world, go right ahead. Why are people in this sector so afraid or sceptical of technology leads and changes, a path they should be so familiar with?
For those of us who like to work to ISO 27001 BOYD/CYOD is a load of Billy Bollocks. Why have I installed Network Access Controls to protect my data and systems from people - who I may not know about (yes consultants, you know who you are!) - being able to attach any device and slurp data off as and when they like?
Then again what data I hold is different to to guy in the next office/factory down the road. BOYD/CYOD may well suit their purpose.
When it comes down to it really it is all about Risk, trust and ,as bloody usual, Security of assets. Data being one of your most valuable ones.
You don't. You have a trusted network, as nailed down as necessary to satisfy your evaluated security requirements, and an untrusted (wireless?) network, which can only reach nodes on your trusted network through your controlled VPN (probably, but not necessarily, via the Internet).
If your security needs are so stringent that this won't work, presumably you don't allow anyone to connect from home either.
The elephant is the endless support call crap from users. They will expect IT to fully support their choice of hardware with preloaded bloatware incompatible, weirdar5e addons, resource competition with games their kids use etc etc etcon the same device. And they won't take 'sort your device out' as an answer.
I work in a hospital. We are not going to let people use their preferred tablet/laptop/pc/phone or anything else. If you need to use a particular tool, we may need to get one for you but, if it isn't ours, it isn't connecting to our network.. So BYOD - No. CYOD - possibly depending on what you do or how senior a management person you are.
I am sure, many or most people in the UK want us to be really tight with their personal information. I would like the police, tax man and every other public body to be as enthusiastic about protecting mine.
"I work in a hospital. We are not going to let people use their preferred tablet/laptop/pc/phone or anything else."
Interesting. Our (NHS) hospitals certainly do have personal devices connecting - they just need to accept the pushed Exchange policies (remote wipe, encryption, password strength etc). Since the alternative would cost hundreds per doctor and give less than no benefit besides some CYA, it didn't happen - nor should it. When the archaic centrally-puchased overpriced junk is still clanking around with IE6, it really can't pretend to have anything to teach anyone about securing their devices - up there with getting the Krays to give ethics training.
Depending on how you implement BYOD/CYOD if everything is via Terminal/Remote Desktop Services or VDI then the support stops at the connection. Security is already there you can stop them saving to the device in question if you wish and the consumer/customer/employee gets to work on something that he/she feels more comfortable with and isn't some bog standard low level tat box that is bought for everyone because the company cannot afford to buy several hundred/thousand top of the range devices for all its users every couple of years. As a systems admin I find this a good option of course there is some initial expense but ongoing costs drop sharply this may then mean the company do not ahve to make redundances is this very much to ask really?
when some big "Titsup" causes huge fines and a tarnish to reputation.
Grow some balls and say NO! You can't secure our data onyour device!
Publicly make scapegoats out of those whom are the cause of data loss, etc.
BYOD should definately not be allowed, if you care about your organisations reputation and data.
The rant-y way you expressed your comment makes me question whether you work in a real enterprise environment and how senior you are.
This incredibly blinkered black/white world view may be par for the course for 1st level support guys but any CIO worth their title will know that everything is "shades of grey" and a matter of balancing complex priorities; and you don't sound like one.
He sounds like someone in the real world who is more interested in security than buzzword of the month.
He does not sound like a CEO or any other person whose specific job is to wear a suit and attend meetings. His attitude shows some familiarity with the real world of business and information security. Real world people wear suits and do meetings too. They just do other things as well - things that.
Could well be a CIO. Many of them suffer from the "Cassandra Syndrome". They Know what is happening, what the business does and needs but non productive types try and discount them because they argue against getting things just because they are cool and excellent status symbols. Watch out for them in meetings. hey will not help with the game of Bulls**t Bingo because they would rather say something meaningful.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
