With wave upon wave of new, consumer devices coming into the enterprise in the hands of employees, the question 'How can I put this on the network?' is ringing loudly in the ears of CIOs.
Concerns over security and support costs have led many to reply, 'You can't,' while others have made concessions where they can.
Like it or not, most realise that the push from employees to bring their own devices to the enterprise table — what’s been labelled BYO Computing (BYOC) — is a trend that’s here to stay.
The ability to access anything they want, from any device they want, from anywhere, is something that a growing number of users are demanding.
These employees are the ‘digital natives’. Technology is an inseparable part of both their work and social lives, and they want to use the technologies that they believe are best for the task at hand.
The idea behind BYOC is to let them.
At its heart, BYOC is about productivity. Its premise is that users are more productive when empowered by the technologies they prefer.
If your marketing department have cut their teeth on Macs, for example, it makes little sense for the business to force them to use Windows 7 if it doesn't need to.
Similarly, if half your executive team are BlackBerry champions, while the other half are iOS converts, isn't the enterprise best served by supporting both?
Won't it be a nightmare?
Of course, BYOC goes against many of the ruling paradigms of enterprise IT, where the holy grail has been a standards-based, tightly controlled desktop environment.
CIOs haven't wanted to lose control of their network and watch their helpdesk calls skyrocket, and concerns about security and compliance are legitimate.
But what CIOs should realise is that, if they refuse to make controlled concessions to accommodate bring-your-own devices, users will often find their own way.
One case I recently saw involved a user emailing his company's entire CRM database to his Gmail account, for example, simply so he could work on it at home, using his preferred environment.
The tension can be summed up thus. What IT departments want is security, simple management, centralised control, maximum ROI and low cost of ownership. In return, what users generally receive is inflexibility, limited access, no personalisation, slow response to technological change, and an inability to work how they'd like.
BYOC is about breaking this dichotomy.
How to do it?
For a BYOC program to be successful, users must call the shots, with the business handing over a stipend for them to spend.
The primary focus must be on the user experience, with support for as many applications on as many devices as possible.
One tool making great inroads is Citrix Receiver — a thin-client solution with an App Store like interface that allows users to choose which enterprise applications they want to access, all of which are touch-enabled and have tailored interfaces for different operating systems and devices.
The back-bone of the solution is a centralised BYOC web portal that allows users to browse and select the devices and applications that suit their needs.
Stuart Driver, Citrix’s Director of IT Services for Asia Pacific, is responsible for Cirtrix’s BYOC strategy, which is now three years old. When implementing BYOC, he recommends a five-step process:
Step 1: Survey your staff. Despite the general push, not all organisations will find their staff ready and willing to embrace BYOC. As a first step, survey your organisation to discover how much desire there is for increased flexibility in IT delivery, and whether staff want the freedom — and responsibilities — that come with BYOC.
Step 2: Set your stipend. To embrace BYOC, you need to know how it will affect your costs, and how much each user will get to spend. Analyse your current per-user 'soft costs', and deduct a savings target. If you estimate a three-year cost of $2500, for example, a suitable stipend might be $2100. You should also define a proration policy for employees who leave mid-program.
While BYOC is about user choice, you can also create savings by offering buy breaks through your central portal on equipment that you've tested. The better the portal, the less likely staff will be to shop at their local retailers, who might provide poor advice.
Step 3: Define your policies. Ensure that your BYOC program doesn't violate your HR, legal, data security and other compliance policies.
Step 4: Decide how access will work. In the same vein, set requirements for BYOC devices around data and security that enforce your current policies. You might decide, for example, that BYOC devices must use two-factor authentication, have anti-virus, and shouldn't print to devices that aren't on the enterprise network.
Step 5: Develop clear rules. For a BYOC program to work, employees must understand where they sit. Create a set of rules that will govern how the program will function. Make it clear that employees need the ongoing approval of their manager and the IT department to possess a BYOC device; that the applications they use should be delivered through the central portal; that hardware issues will be addressed by the vendor; that they must adhere to corporate policies, and so on.
User-centric computing is on the rise. The fact that it's a push coming just as much from the board as from as younger, more tech-savvy staff, would suggest it’s here to stay. By putting their own systems in place, CIOs can embrace this change while putting themselves in a position to control it.
The key is not to try to predict the future by picking and choosing the specific devices they'll support, but instead to create the programs and policies that will allow the enterprise, and its employees, to productively ride the BYOC wave.
Rhys Evans is national practice manager of enterprise information systems with Thomas Duryea www.thomasduryea.com.au
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.