Recent research from IDC shows a clear picture: IT organizations are increasingly unhappy about BYOD and now want to curtail or end the practice.
Their stated concern: The costs are too high and the savings too low. But those concerns are misguided and likely masking a secret agenda to regain control over mobile devices, not to save money. Face it: BYOD was never popular with IT.
BYOD was never about saving money, except for CEOs who wanted employees to pick up the cost of smartphones and tablets -- even cell plans -- though they were used for business advantage. Many analysts and pundits warned these CEOs years ago they wouldn't get real savings in this cost-transfer attempt. If your CEO didn't listen, don't blame BYOD.
In some cases, BYOD does increase costs -- usually because IT or executive management did it wrong.
I want to be clear: I don't think BYOD is the right approach for every company and certainly not for every employee at every company. It makes sense in some circumstances, and its use should be thought through carefully. The notion of "forced BYOD" -- where everyone must have a smartphone available for work use -- has long troubled me.
But three big reasons to support opt-in BYOD for at least some employees are the following:
- To allow users whose mobile work is occasional to access appropriate corporate systems: It's cheaper to enable such support than to buy all these folks smartphones or tablets and pay in full for their cellular plans. But by all means, foot the whole bill if you don't like BYOD -- who's stopping you?
- As a mutual convenience for employee/contractor and employer: Individuals get to use one device rather than two, on a network they likely get a family plan discount for using, while companies get broad adoption while reducing the overhead of purchasing and asset management of device, as well as reducing the the purchasing and management overhead of cell plans.
- To jump-start the use of mobile in your business: That was the original purpose of BYOD -- IT was blocking mobile usage, so employees acted on their own, supported by their business managers. But that was 2011-13, so this rationale is -- or should be -- less necessary.
The cost of managing a BYOD is the same as for a corporate-provisioned device. They use the same management and security tools and policies, after all -- or they should. If you're paying more to secure and manage a BYOD unit versus a corporate-provisioned device, something is very wrong in your administration.
Your cellular costs should be lower for BYOD users because you are sharing the costs with them, not paying the full freight. You'd need a massive user base to get carrier discounts for an all-corporate-provisioned approach that make your total cost no more than if you split the cost with your users. That's unlikely at most companies.
Where BYOD ends up costing too much falls into two areas:
- Too many people are allowed to participate. Basically, you're paying for more management licenses and security tools, and you're subsidizing the cellular costs for more users than you want to. It's not that you're paying too much per user but that you have too many users you're paying for. That's easy to fix: Tighten BYOD eligibility to whatever level makes sense for your organization. Mobility is not a right, but either a work requirement (corporate-provisioned) or a mutually beneficial convenience (BYOD).
- You're overly managing, so you're making mobile management and security (both BYOD and corporate-provisioned) cost more than it should. For example, you may have unnecessarily high admin costs to assess and split user bills, rather than do a simple fixed reimbursement per type of employee. You may have too much security and management in place for some classes of users, treating everyone as if they carry the nuclear launch codes. It's called overkill, and it's a common disease of some IT organizations. Start treating management and security based on realistic risk for each user group, and align your costs (and access!) to those risks.
I suspect much of the proclaimed IT dissatisfaction with BYOD really reflects a desire to regain control over mobile devices, using false arguments around cost and security.
If your goal is to control all user endpoints, then say that and pay for it. It's easy -- and cheap -- to block home users, whether they work with PCs, Macs, smartphones, or tablets. No one has a right to BYOD or even a corporate-provisioned smartphone, after all.
But if your goal is not total control, BYOD should be part of your portfolio -- and a part done with an intelligent framework based on a risk/reward calculation.