CIOs urged to take BYOD pleas with pinch of salt
CIOs can get away with it and satisfy the meddling kids
When it comes to implementing mobile technologies inside and outside of the company, plan, plan and then plan some more, but don’t listen too hard to your customers or users, a panel of top IT leaders has advised.
Speaking at the CIO Executive Summit 2012 in Hong Kong this week, CIOs from a variety of industries explained that IT bosses have been put on the back foot by Generation Y workers who expect and need to use consumer technologies to be effective in their roles.
“From an internal users' point of view the mobility path will be a real challenge and we need to act fast,” argued Sunny Lee, executive IT director for the Hong Kong Jockey Club.
“The younger generation of workers are saying this is almost a given … because they’re so used to using their smartphone for business. So if you want to keep them happy you need to offer it.”
Mike McCarthy, regional head of Global Infrastructure Services for RBS, agreed IT is under greater pressure from its users than ever before but argued that consumerisation is so game-changing that tech bosses need to have their processes and policies carefully worked out first.
“The challenge for IT is to remain relevant and contemporary but to be aware of the sensitivity of data and to make sure you don’t get caught up in the enthusiasm of a mass market phenomenon.”
The panel was split on exactly how much personal choice should be given to employees regarding the devices they use at work.
Henk ten Bos, CIO of Ageas Insurance, explained that BYOD plans are only being considered for senior management at the firm, while Sarabjit Anand, head of tech management at Standard Chartered in the region, said Hong Kong's regulatory guidelines do not allow banks to enable personal mobile computing devices.
However, the bank was one of the first in the world nearly two years ago to offer its employees around the world the choice between a corporate BlackBerry or an iPhone.
It has also been blazing a trail with a range of internal apps that have helped smooth business processes, although the key to this strategy too was careful planning, explained Anand.
“Internally adoption has had nothing to do with the age of our employees. The apps we are developing allow front lines to be more mobile, approve transactions on the go and interact with customers,” he added.
“Up front we set up an R&D lab. We had a very focused approach, appointing an enterprise head of mobility – the basic steps we did up front helped us to move faster.”
The panel was agreed B2C apps could keep customers happy, save money on call centre costs and even promote sustainability by saving a few trees’ worth of paper, but cautioned CIOs to exercise some restraint when deciding on their mobility strategies.
“Listen to what your customers and users say but don’t take them too seriously,” argued Sunny Lee.
“Everyone is so subjective about consumer technology you will be bombarded with noise. You need to have a good team behind you to help shape your requirements going forward.” ®
The problem is
As soon as your corporate data (esp personal data covered by the DPA) hits a personal device, the corporate loses control , but not responsibility.
If you fire a person who has synched their Outlook to their phone, and you fire them, you immediately have personal records (covered by the DPA) on a device that is not owned by an employee.
Even if they are still employed you have not rights (unless you get a court order) to examine he device, or to ensure data is deleted off it.
This is the huge Achilles heel in BYOD.
In the corporate world, the real meaning of "BYOD" is ...
... Break Your Own Defenses.
Re: @Andy ORourke (was: Sustainability)
You are right, of course, I phrased my post quite badly, I simply meant that I didnt have to connect to the corporate network at the time I required the content.
The PDF had been sent via email from an external company who were coming along to do a presentation and a foot note on each page to say it didn't contain any commercially sensitive information (it was just marketing bumf really)
I had already read the PDF prior to the meeting so I'd have an idea what questions to ask..
Sorry I upset you so much, chill man.
Infrastructure cost, development cost and security risk
BYOD has to be tailor made for each company and as such will inherit costs which will be extremely difficult to justify against the security risks. It basically means opening multiple interfaces/ports that will get attacked on an almost permanent basis. In general these interfaces will be the front end to your network/data/file servers. Security risks will have a huge impact and personally I would not like to be responsible for the results.
I cannot think of many examples where the benefits outweigh the risks. Is there really that much "good " business that can be done using the "instant success" approach ?
I'd agree with this point - "promote sustainability by saving a few trees’ worth of paper"
Was at a meeting the other morning, must have been about 60 people, each carrying the 36 page document we'd been urged to print out and bring with us (which, in the end we didn't need!)
I sent the PDF to drop box, opened it in note taker HD & so saved 18 pages of paper (double sided printing) , multiply that by all those people having all those meetings and a business does have the opportunity to save a lot of paper without compromising security.
I didn't need to connect to the corporate network and the document didn't contain any sensitive information.
As usual, common sense is required and I suspect this is where BYOD will fall down.