Bring Your Own Device (BYOD) is a policy where employees are encouraged to bring their own device to the organization and are permitted to work on it. It is in opposition to the mainstream approach followed by the companies where they provide their device typically a desktop, and the employees have to work on it. There are workplaces where employees are not even allowed to carry their mobile phones inside. The concept of BYOD is a trend typically supported by start-ups.
While the concept BYOD is tempting, the risks can be high. On the one hand many big companies like Tata Consultancy Services (TCS), Price Water Coopers (PWC), Infosys, Deloitte do not support the policy of BYOD. While on the other hand companies like Intel, International Business Machines (IBM), Blackstone, SAP follow BYOD and are successful too. While perks of BYOD are many but a poorly planned policy can be a disaster.
The first advantage about BYOD is that it saves cost to companies in different forms. Companies shift the cost to their employees or users. Worker has to pay for most of the cost of hardware, voice or data services, and other associated expenses and in this way, company saves a lot of money. The cost of maintenance and updating also shifts to the user. There is an increase in employee satisfaction as they are permitted to use devices they prefer and are comfortable with using them. Added to this productivity also improves as they work on devices they are acquainted with and hence they can respond faster. There are situations where employees need to work outside the office. Because of BYOD, they are more available to answer emails and complete their tasks. In short, the freedom of workers increase. They work on devices they choose.
BYOD having its advantages can be a threat to an organization too. The considerable risk is towards company sensitive data that is stored on employee’s device. If an employee misplaces his device or leaves the organization than retrieving the company data is quite difficult. In a traditional business, devices come with a use policy which is computed by the company as well as maintaining and updating the device is the task of IT Department. This control is missing in case of BYOD. The concern is also towards governing the company data without having control over employee’s device. The employee can feel that his privacy is at stake.
There must be a software that should separate employee data and company data. The IT tools on which BYOD programs depend on are not quite requisite enough to do the task properly. Additionally, there is an excessive strain on the IT department as they have to manage a variety of devices with different configurations. An additional and most challenging threat to an organization is when an employee is on leave, and he works on his device for the considerable amount of time (that is longer than few minutes). In this case, the employee can be eligible to get the salary for the day.
How to fix the problem?
BYOD does not specify which device is allowed. A company in its BYOD policy should specifically mention the devices which are permitted. Service policy of BYOD Devices should be explained i.e., all the cost that the company will occur. It should mention the applications that will be banned. They should have a legal procedure as to what will be done when the employee leaves the organization, i.e., how the company can retrieve its data.
BYOD with proper policies and guidelines can be of huge advantage to a company. But when you get a high return a high risk is also associated with it.