Skip to main content
part one: byod

Never has there been a better time to be in the market for shiny electronic devices – and never have office machines seemed so drab by comparison.

There once was a time when there wasn't much difference between a home device and one furnished by your employer. But, thanks in large part to one shiny-object-peddling company in particular, the market for consumer smartphones and tablets has advanced by leaps and bounds. Sharp design and easy media consumption have become hallmarks of the consumer market, and now, all of a sudden, everyone wants to take their iPhones, iPads, MacBooks and other high-end tablet or smartphone to work.

Confronted by this wave of gadgetry, IT companies have coined a new term: BYOD – "Bring Your Own Device."

"There's a younger generation that grew up with these devices and absolutely wants these kinds of technologies, because it's the way they've always worked," says Daniel Reio, director of marketing for CDW Canada, an IT solutions consultancy.

Sounds like a good thing, right? Not necessarily.

For companies, it's a mixed blessing at best. Stray devices are the bane of corporate IT, which must somehow keep a company's worth of computers running, safe and secure. Non-standard systems mean demands for non-standard support. External devices also pose a security threat. They might be outdated and vulnerable to malware, which they can transmit when they connect to the corporate network. And they raise the ever-present risk of sensitive data going astray: The more portable a device, the more likely it is to get lost.

But there's opportunity here as well. Young workers are attached to their devices, and talented staff might prefer a workplace that accommodates their IT habits, rather than disrupting them. That could mean better productivity, happier staff and lower capital outlays.

In smaller companies, without a budget dedicated to IT staff – or even IT equipment – BYOD can be the rule, and not the exception.

As a feature on the IT landscape, BYOD is here to stay. Making it work comes down to how a company handles the challenge. In the coming weeks, we'll look at some of the tactics a company can use to accommodate workers' devices without compromising the company. Here are some points to watch for:

Being stingy with your access

Just because personal devices can accompany workers into the office doesn't mean that they should get all-you-can-eat access to the network.

Network administrators can decide to what extent employees' devices can connect to shared resources. E-mail administrators, for instance, might insist that only a limited number of e-mails – say, 50 at a time – can be downloaded to a remote device, mitigating the effect should the device be stolen.

A 2011 TELUS survey of Canadian businesses put missing mobile devices near the top of the list of information security worries. Remote-wipe software is a growing field that promises to wirelessly erase data from devices if they're reported missing.

Consider the world of thin clients

Another approach to integrating workers' devices into the workplace is virtualization. That means using their device as a thin client – essentially, a very slick remote control – to operate a Windows desktop at the office.

With software from companies such as Citrix, even an iPad can be used as an interface to control a computer in a remote location. The images on that computer's screen are beamed to the iPad in real time, and the touch screen and keyboard inputs from the user are beamed back to the office computer.

One advantage of this approach is that it no corporate data actually resides on the client computer, solving security concerns; another is that IT barely needs to support an outside computer. The downside is that using one's computer as a remote control for another computer obviates many of the benefits of using one's own computer in the first place.

Focus on the human element

Some IT problems will never be solved by technology. Keeping information secure in a world in where data flows freely back and forth between work and home is a problem that neither hardware nor software can fully solve. After all, iPad or no iPad, what's to stop an employee from e-mailing himself or herself a spreadsheet of this year's financials to work on at home? Younger employees joining the work force might never have considered some of the ways by which data can go astray. It falls, as ever, to the squishy business of educating humans.

A written policy can be invaluable to the task of maintaining order in an environment where work and personal hardware co-exists. Mr. Reio suggests implementing a policy that establishes in writing, among other things, what data is allowed to be copied from the corporate network; what data can be transferred on to employees' devices, and the company policy around e-mailing files.

Enforcement has to be part of the package, too "Policy has to cover off what happens if a breach is made," Mr. Reio says.

After all, at the end of the day, network security is only as strong as the people using it.

Special to The Globe and Mail

Other stories can be found on the Web Strategy section of the Report on Small Business website .

Join The Globe's Small Business LinkedIn group to network with other entrepreneurs and to discuss topical issues.

Our free weekly small-business newsletter is now available. Every Friday a team of editors selects the top picks from our blog posts, features, multimedia and columnists, and delivers them to your inbox. If you have registered for The Globe's website, you can sign up here. Click on the Small Business Briefing checkbox and hit 'save changes.' If you need to register for the site, click here.