BYOD: Haven't got a policy? Maybe it's time you did

Most organisations still don't have a strategy for dealing with the demands of bring your own device - but pressure to have one continues to build.

Most IT organisations have yet to grapple with the thorny issue of bring your own device (BYOD) but they are increasingly facing pressure from above and below.

While 12 months ago BYOD was being driven from the top down - the CEO demanding IT support his or her iPad - according to Mike Cansfield, associate vice president at analyst IDC, increasingly it's being driven by younger, junior staff who see less of a strict divide between their work and personal lives - and want to use the same hardware both in and out of the office.

"The next generation of workers are much more comfortable with not keeping those two things separate," Cansfield told a Vodafone-sponsored roundtable in London.

As a result, he said, companies are increasingly putting a BYOD policy in place. According to IDC's research, 20 per cent of companies have a BYOD policy in place and 15 per cent are working on it. But that leaves the majority - 65 per cent - nowhere on this issue yet.

And fewer companies are going beyond having a policy in place that allows staff to use their own devices in the office, and taking the next step - offering BYOD stipends so that staff can buy their own hardware.

Rob Walker, partner at consultancy Ernst & Young, also speaking at the event, said: "It's happening everywhere. If you bury your head in the sand you are just storing up problems for the future."

However, even if BYOD is hot, don't expect it to cut costs, he warns. In most cases the BYOD device is an additional piece of hardware rather than a replacement: "I'm not yet convinced that it's a cost-saver. I am yet to see BYOD as substitution. It's an incremental device. But until you get substitution you don't cut costs."

The benefits of BYOD are largely in flexibility and making the company attractive to new recruits. "It generally increases productivity," said IDC's Cansfield.

In some respects the rise of BYOD is a reaction to years of the IT department offering a limited range of hardware - their version of Henry Ford's "You can have any colour so long as it's black".

It's also a consequence of the increasingly standardised and modularised technology infrastructure used by businesses today. Standard - and increasingly cloud-provisioned - applications are easily made available on smartphone and tablets in a way that wasn't previously possible.

Simon Gale, CTO at IBM workplace services, said that as a result of BYOD, IT organisations are looking for new ways to secure their infrastructure, as the security perimeter changes from the physical device to the data.

"You had a standardised layer that was the device and the operating system. What BYOD is doing is taking away that opportunity for standardisation and so the IT department is trying to work out where that level is".


Steve Ranger is the UK editor of TechRepublic, and has been writing about the impact of technology on people, business and culture for more than a decade. Before joining TechRepublic he was the editor of


Our BYOD remains unchanged...NO. Only company resources can be connected to the network. This has been the policy for years. It applies to laptops, desktops, and now the various mobile devices. Feel free to access our web applications, but don't even attempt to connect to the network. Since we're a govt contractor, the reasons are pretty obvious. I don't understand the whole BYOD movement to begin with. Seems foolish. Do you bring in your own desk and chair, office supplies, and furniture for the lobby? Not likely. Why on earth would you provide your own IT when you're not being compensated for it? If you can't do your job with the tools you are provided then you need to bring it up to your management, not prop up the company out of your own pocket. Are you that desperate to be cool? Wait, I think the current term is "hip". (Wasn't that the word used in the 50s?)


As companies start to develop BYOD policies, it’s important to keep the security considerations of BYOD in mind and determine early on how to manage them. As a Symantec employee focused on mobile security and management, I like to tell people that the concerns surrounding BYOD are a lot like those involved with driving a car. Are there potential hazards involved with both? Yes. But can those hazards be avoided? Of course! In both cases, preparing for the various hazards by being properly equipped with appropriate protections and tools is necessary. We recently acquired Nukona, which makes mobile application management, or MAM, technology. This is a great BYOD ‘accident avoidance’ solution. Spencer Parkinson Symantec


When personally owned devices are used for company business, is the company responsible for insuring the device, repairing it or replacing it if it gets lost or stolen even if it is used for company business? The argument, of course, is that it is then up to the user to look after their own device and, in the long term, it will be cheaper for the company as it doesn't have to provide the hardware itself. Naturally, though, IT will have to hand-hold the users and field any connectivity or accessibility issues on not just a standard set of corporately approved devices but on every mobile device known to humankind!

Editor's Picks