byod

The Hidden Costs of Bring Your Own Device (BYOD)

Bring Your Own Device, or BYOD is the act of allowing employees to bring and use their own phone, laptop or tablet to carry out their work.

The practice, which has seen many businesses cut hardware and service costs is widespread, with 74% of businesses using or planning to implement BYOD policies.  

Affording your employees the opportunity to use their own device with the operating system they are most comfortable with and use personally and socially can make them more productive and increase the quality of their work.

However, while business owners might revel in the perceived cost savings that BYOD presents, as case studies outlined within this article will demonstrate, there are hidden costs; both financial and non-financial.

Read on to find out about:

  • The security risks associated with BYOD

  • Losing out financially by not taking advantage of volume-discount rates

  • The risks associated with blurring the lines between business and personal data and security use

Whose data is it anyway?

One of the most important considerations to take into account with BYOD is the security and protection of sensitive company information. If workers are using their devices for both personal and company use, they need to take the proper measures to protect their devices from malware and viruses, and have clear training to ensure that company data is protected. This of course will cost the company time, not to mention the additional support required from IT departments to secure information.

A further consideration is the backing up and deleting of data. For example, should an employee have their contract terminated or resign, there needs to be a reliable system in place for remotely wiping sensitive data, and of retaining any important information the employee may have on their device such as client information. There are measures that can be taken to remotely track information like Teamviewer and Chrome Remote Access, but businesses need to ensure that they obtain permission from employees before remotely accessing their devices, particularly when deleting content.

Smartphones and tablets should be just as secure as laptops and desktops. Certain security measures should be put in place before allowing BYOD access to your company network, such as remotely accessible pass codes, mobile data encryption software and remote management tools that can allow you to wipe or lock a lost or stolen device. There are a number of apps and software available for this purpose.

It’s not as cost effective as you may think

While businesses may bypass hardware costs by embracing BYOD, they are also side-stepping scalable volume-discount opportunities, and are likely to be absorbing the majority of a monthly voice and data plan through expenses. This can often cost considerably more than the device or the plans they could obtain as a business by buying larger pools of data and minutes. Businesses also ought to consider their obligation to contribute towards insurance and other similar expenses related to that device.

Businesses should also be aware of the additional cost when it comes to installing work-related software and security systems designed to protect company-sensitive information. These BYOD security installs and ongoing maintenance need to work across the multiple devices, platforms and operating systems chosen by members of staff. Your IT department will have to account for additional time learning and implementing required security measures across a plethora of devices, as opposed to having one preferred piece of tech and a system that would require less time and re-education for your team to familiarise with.

Legal Implications

It’s important that when drafting your BYOD policy, you take into consideration that the line between personal and work use of a device can be a grey area. Your policy needs to be clear and concise on matters of privacy so that your employees can fully understand and give permission for you to remotely and automatically install security and other company software and updates on their devices. Furthermore, you need to be clear on how you plan to handle data and information in the event of a termination or resignation.

You must also consider employee’s likelihood of downloading commercial applications that are outside of your company’s control. Your policy should address the use and storage of company data in apps like Dropbox to either prevent their use, or ensure that you have access to all work-based data. Paul Hill, senior consultant at System Experts, provider of compliance and security consulting services, suggests that when writing your company policy, you spell out the stipulation in exact language such as “employees should not store any company data on cloud-based storage services unless explicitly authorised in writing by a manager”. It’s important to keep on top of and enforce your policies to best protect yourself and your employees in legal terms.

The growing trend of BYOD can be more convenient and often effective for your staff, however there are a number of costs and considerations associated with a BYOD policy that need to be carefully considered before being implemented. Take the time to decide whether it may be more cost effective to provide company devices or to allow BYOD, and if you do go with a BYOD policy, be sure to consider all angles before putting it in place.

Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals. To view more IT content, click here.

Insights for Professionals