“Pros and Cons of BYOD”
I am an expert in Personal Information Management – PIM. The risks associated with BYOD are great. AND surprise… the risks go both ways.
RISKS to the Enterprise:
1.) Security Breaches.
2.) Bots, Bugs, Trojan Horses, Malware, etc.. Does the Iranian Centrifuge incident ring a bell? Extreme example to be sure, but corporate sabotage is a very real threat.
3.) Corporate embarrassment. An employee has illegal content (Pornography, Corporate secrets of another firm.) on their device. The device is confiscated for legal purposes, discovery in a court case for example. This could be made public.
4.) Very real “opportunity loss” scenario: A sales Rep is using their iPad 3 while they are on a Sales Call at HP, Dell, Samsung, Google or any competitor with a tablet offering. Same for the phone they use. You could very easily lose the opportunity and never know why.
5.) Loss of productivity. Depending on the applications involved, not all applications may be usable on all devices. iOS cannot and will not read Flash is a good example. A corporations training videos, and or demonstration materials are in flash. Won’t work in the Apple world.
6.) Cost associated with potentially needing to re-write code into HTML-5 a platform agnostic platform.
7.) Support issues, and costs to support multiple platforms. May need to invest in several platforms in order to be able to replicate the problem in order to rectify it.
RISKS to the Employee:
1.) Personal devices will undoubtedly contain business information, making them eligible to be ceased in the case of a law suit. Discovery will mandate either temporarily or permanently confiscating the device for forensic purposes.
2.) The replacement of the device at issue may not be reimbursed by the company.
3.) You will undoubtedly have very personal information on your device. If it is confiscated, that information becomes of a public nature at the whim of the legal system.
4.) If the primary use of the personal device is of a business nature, and it is lost or stolen, the firm may not reimburse you for it.
5.) Backing up the information of your personal device will undoubtedly involve some business information. It is very difficult not to mix and segregate personal and business information. So, it follows that you may have business information on your back-up systems. This puts those systems at risk of confiscation in the case of litigation and discovery as addressed in #1.
6.) You as an individual get let go. The corporation, or Agency knows you have sensitive information on your phone, notebook, PC and or tablet. IF the information is of a very sensitive nature, and it is critical to Homeland Security, or a State or Federal Agency, it may be confiscated on the spot. Then you are on the street with no tools. When was the last time you backed up all your systems? And put the information in a “Safe Place”? You will never get those back!!
7.) Use all front end security measures to secure your devices. You do not want to be the individual that carries in the Trojan horse virus. It happened at Sun Microsystems in about the year 2001. And the “Executive” got called on the carpet in front of approximately 9,000 employees for it.
CALL TO ACTION: Mitigate the risk:
Keep personal and business devices separate. Make sure you have a reasonable business and personal backup strategy. Execute that strategy on a regular basis. Have specific Corporate Policy that details what the “Exit” strategy is for employees BYOD tools. Always use security measures on your personal devices. The first thing you see when you pick up your phone or tablet… should be a screen that asks for a security code!!