CXO

What would Warren Buffett do? Advice for CIOs on BYOD

So what should CIOs do to preserve maximum productivity with BYOD, while maintaining much-needed corporate security? We'd be wise to take some pointers from business magnate Warren Buffett.

Today, companies around the world are embracing the BYOD (bring your own device) trend by allowing employees to use personal mobile devices for work as a way to increase productivity.

But while employee satisfaction may increase with the use of personal devices at work, IT admins are now forced to spend larger amounts of time and resources on securing and managing sensitive corporate data stored on these devices. Consequently, IT departments have imposed restrictions to limit employee device access and usage, and the result is a double-edged sword: Employee productivity has been stifled thereby eliminating the added value that BYOD can bring to an organization.

So what should CIOs do to preserve maximum productivity with BYOD, while maintaining much-needed corporate security? We'd be wise to take some pointers from business magnate Warren Buffett, who said, when encountering a productivity dilemma with his textile company, "Should you find yourself in a chronically leaking boat, energy devoted to changing vessels is likely to be more productive than energy devoted to patching leaks."

Buffett's advice can apply to the IT industry as well. Instead of trying to "patch the leak" by limiting BYOD, IT professionals should devote their energy to "changing vessels" by adjusting their approach to their work and setting employee freedom-of-choice as a high priority.

As smartphones and their access to the Cloud continue to gain momentum, BYOD consumerization will penetrate deeper into enterprises, forcing IT to find its place in a new service-oriented world. Success in this consumerized environment requires IT to fully understand employee preferences in order to deliver secure, yet non-limiting services.

How would Buffett approach this? An avid bridge player, he once commented that in order to succeed, you must be willing to modify your existing behavior or approach as you gain new information. "In bridge, you behave in a way that gets the best from your partner. And in business, you behave in the way that gets the best from your managers and your employees."

The same is true in IT. Listening to employee needs and becoming familiar with the way they use their apps and mobile devices will enable IT departments to discover opportunities that optimize employee mobile devices. Taking it one step further, IT should develop dedicated applications that open useful mobile access points to company data, relying on user experience and user interface experts to assure the quality of the user experience.

Although keeping up with the high standards of usability may demand added resources from IT in the short term, significant time and money will be saved on support over time. Investing in more user-friendly applications today will lead employees to become more independent, and demand less direct guidance and support from IT in the future.

And what about securing corporate data? Security threats shouldn't stop IT from seizing the great opportunities that BYOD brings, especially with the emergence of new solutions that prevent corporate data from being stored on individual devices. When information is not saved on individual devices and never leaves the company environment, the data remains secure, allowing IT to easily enforce and manage security policies without limiting employee freedom-of-choice or restraining productivity.

Just like in a game of bridge, there will be winners and losers. In the long run, those companies that are the first to follow employee preferences and acquire the necessary knowledge and experience to maximize the potential of mobility will enjoy a significant competitive advantage. At this point, the IT mindset is what matters most. Changing this mindset will keep everyone focused on company business needs even while faced with security challenges. Building a new BYOD "vessel" now, rather than simply "patching the leaks," will eventually enable IT professionals to help drive their companies to new levels of productivity and success.

And who would know better than Warren Buffett?

Israel Lifshitz is the Founder of SysAid Technologies, a global IT Service Management (ITSM) company. SysAid's software solutions are used by more than 100,000 organizations in 140 countries, spanning all industries and company sizes.

8 comments
sisraell
sisraell

Thank you for your comments. Let's clarify more regarding the security: I agree that securing BYOD can be a nightmare. If you put your company data in devices it is very complicated and even nearly impossible to effectively secure your company data with all the variety of devices, OS's, and locations. But if you will be able to keep the data in your company and just allow the users to access the data from remote devices without the ability to download the data, then the security task can be simpler. In this case, the security task is just to make sure the gate to your data is secure enough, e.g. two-factor authentication and making sure passwords are not kept on devices. Of course you still will need to deal with security but itÂ’s possible to make it a more reasonable effort.

chris_p_intel
chris_p_intel

Michael, I just wrote blog on this re productivity benefits and costs of implementing (http://intel.ly/T1n4x4). Intel IT enabled BYOD starting in 2010 and we have generated an estimated 7 million hours of extra productivity as a result at Intel. Another resource you might find handy is this Consumerization Planning Guide from the Intel IT Center - lays out 5 steps for embracing. (https://www-ssl.intel.com/content/www/us/en/mobile-computing/consumerization-of-it-planning-guide.html)

yvesmarchand
yvesmarchand

The most significant problem with having a myriad of devices brought in to the corporate environment is that there is such a plethora of software and hardware that managing security across all these devices is nigh on impossible. A company can and should adopt BYOD if it can find a way to secure such devices universally. To me, allowing any and all BYOD becomes the proverbial "leaking ship". Corporate IT should instead be looking at how to satisfy employee personal preferences and meet the security and productivity needs of the business no matter where the device is. This former requirement should spend less time on brands of devices and more on whether these devices actually meet those personal preferences. The company can then issue a standard device for those that don't care and allow employees to purchase specified devices that satisfy the performance and security requirements of the company. To some extent, BlackBerry attempts to provide the tools to corporations through its enterprise solutions that offer uncompromising security and the Z10 and Q10 phones which allow for partitioned work/personal spaces where corporate IT has 100% control on the work side and nothing on the consumer side can get at the work side. BlackBerry has certainly delivered historically on the corporate security and performance side. It remains to be seen if BlackBerry can gain consumer acceptance but I suspect once consumers get their hands on these devices, they may very well prefer them over anything else out there, especially if developers come through with a rich and useful set of apps.

IMFerret
IMFerret

This comment is misleading: "When information is not saved on individual devices and never leaves the company environment, the data remains secure" Why? Because all it takes is a device with access to an environment to be compromised and you;ve lost your security. The data can stay where it is and still be insecure. A fully informed and complete approach is to mitigate the breach of the devices used to access data. With managed devices it's hard enough, with BYOD this is near impossible.

Michael Kassner
Michael Kassner

I keep hearing that productivity is increased, but I have yet to see any research or hard evidence to support it. Next you say companies are embracing BYOD. Can you give us an idea as to what the percentage is (hard data again) and what embracing actually means?

chris_p_intel
chris_p_intel

Devices don't secure Data .. People do. However data distribution and security policies should absolutely be inplace with BYOD. Leaving confidential information on your desk is very different from storing is an unsecure desk drawer vs having confidential information in a safe that is broken into. Business Data and Personal Information distribution should be tiered to BYO phones based on the level of security those devices have

Tony Hopkinson
Tony Hopkinson

Very polite. One wonders at potential motives in not presenting that if in upper case in 40pt bold, colour = SCREAMINGRED; Well actually one doesn't, does one, one knows the motive, it's big, fat and green.

rsquaredg
rsquaredg

People have been trying to unsuccessfully measure the increases in productivity afforded by desktop computing for years. I suspect that increases in productivity may have more to do with not falling behind your competition - employees, students and retirees that have immediate and unfettered access to their data (whatever that data is for them) are inherently more productive and BYOT takes that to the next level.

Editor's Picks