Taking Control of Consumerisation
Mobile devices have changed the way we work. Across all geographies and all business sectors, firms are recognising the benefits of a more mobilised workforce, in terms of greater productivity and operational efficiencies. This in turn delivers a more responsive customer service, and employees also gain from a better work/life balance.
The industry analyst, IDC, predicts that more than 120m more smartphones and tablets than PCs will ship worldwide this year. At the same time, there is increasing evidence of how mobile devices and tablets are also becoming central to the way we run our personal and social lives. Facebook now has more than 800m active users and LinkedIn, the world’s largest online professional network, has more than 100m members.
The lines between our business and personal worlds are becoming blurred. Consumerisation is underpinning much of this change, turning traditional working practices upside down.
A controlled response
Today, virtually everyone carries a mobile phone, which not only lets people talk whilst on the move, but also gives access to real-time services such as calendars and email. Personal computers and tablets are being judged on the simplicity of the user interface, and convenient access to online and collaborative services.
The traditional, corporate computing model is increasingly being seen as unreasonably restrictive.
With such powerful tools available to consumers, they can select a device which suits both their personality and their needs. They cannot understand a corporate policy that seeks to prevent them from using their preferred device, and that forces them to use something which they see as less effective.
Making employees responsible for their own mobile usage has become more popular with many firms under continuing budgetary pressure. It brings together freedom of choice for the employee, and reduced capital expenditure for the business. Yet if the business doesn’t own the devices, it becomes much harder to ensure effective security, compliance and cost control.
A best practice approach
Many senior IT managers continue to argue that they must maintain a tight grip on all aspects of IT and communications. Yet consumerisation and mobility are unstoppable developments, and the question is no longer who do we give access to, but rather how do we do it.
In considering how best to respond, each organisation must strike a balance which works for all its stakeholders. In moving from a closed technology platform to a more liberalised communications environment, the right approach will depend on the type of business, its workforce and future goals and objectives. So how should organisations approach the issue from the three key persepctives of cost, configuration and security?
From a financial perspective, in the past there have been two principal options. In the corporate-funded model, the business negotiates purchasing and airtime contracts. The alternative has been to allow the employee to buy the device and negotiate their own contract.
More recently, a third approach has emerged, in which central purchasing allows users to select their own device, which is acquired on their behalf by the procurement department. This can be seen as offering the best of both worlds, in delivering the benefits of personal flexibility and choice, while at the same time giving the business the necessary cost visibility and control.
In configuring the device, there are two parallel issues. First, how can an employee be held responsible for corporate data on a personal device, and equally, what are the company’s responsibilities towards that employee’s personal data held on a company device?
The idea of insisting that the employee carries two smartphones and two laptops is at best inconvenient and impractical. However, users will find it equally unacceptable to have a device that limits access to some data or sources of information, or has some functionality restricted. This seems to defeat the essence of consumerisation.
The good news is that businesses can now access tools which enable safe connectivity on user-chosen smartphones. This allows the corporate security team to maintain an audit trail and remotely delete data and applications should the individual leave the company. Changs to settings and updates can also be pushed to each user, independent of the original source of the device.
In developing a framework that enables business agility, each organisation needs to identify and understand the risk factors involved. The speed of change will then be dependent on the cultural issue of the corporate appetite for risk.
IT departments have consequently adopted a safety-first approach, with devices locked down to a closely defined, work-only environment. The upside is that the problems of securing corporate data are minimised. The downside is that the user experience is massively compromised.
If businesses allow staff to bring their devices into the workplace, they fear that responsibility for corporate data is totally dependent on the common sense and trust of the employee. No organisation will be comfortable with this, as they will rightly take the view that anything that is not managed is compromised.
Similarly, for many years, businesses have typically taken the softer option of protecting the device on which data is held, but we are now witnessing a decisive shift towards the more secure approach of controlling the data itself.
The answer to all these challenges is to take a fresh look at IT security. Define what needs to be protected, and set up strong firewalls around it. In protecting the data, rather than the environment, it is possible to allow users to run other applications and services of their choice, which do not have access to sensitive material. Otherwise, employees will look for loopholes to view data on their favoured devices. This then creates a corporate safety net, within which users can be educated on their personal responsibilities towards corporate information.
In moving towards consumerisation, ‘big bang’ developments should be avoided. A more effective approach is to start with non-core user groups, where there is less risk, and extend to other parts of the business on the evidence of proven success.
Consumerisation of IT may be the most positively disruptive trend of the decade, according to analysts such as Gartner and Forrester, yet the signs are it will also deliver the greatest benefits - for the enterprise, its customers and its employees.
Andy McFarlane is head of marketing at Vodafone Global Enterprise