Pros and cons of BYOD around productivity, security, standards, costs and policies discussed in lively debate
At the recently concluded Public Sector Chief Information Officer Convention and Exhibition (CIO Convex) 2016 in Malaysia, Mr. Mohit Sagar, Editor-in-chief at OpenGov moderated a debate on the contentious issue of BYOD (Bring your own device). The strong arguments on both sides presented serious food for thought.
The proposition: 'Malaysia should have a favourable policy on BYOD'
Mr. Gerrit Bahlman, Director of Information Technology, Hong Kong Polytechnic University, Hong Kong and Mr. Thillai Raj T. Ramanathan, Chief Technology Officer, MIMOS Berhad, Malaysia were speaking for the motion.
Arguing against the motion were Mr. Glenn Ashe, Former GCIO Attorney General Department, Australia and Mr. Ganesh Kanagarajah, Head, Strategic Products and Services Governance, Group IT PETRONAS Risk Management Division
For the motion- Mr. Ramanathan
Mr. Ramanathan took the floor to make the case in favour of the motion. He listed several points, based on his experiences, supporting the idea of a favourable BYOD policy:
Against the motion- Mr. Kangarajah
Mr Kangarajah presented several arguments against adopting BYOD:
For the motion- Mr. Bahlman
Productivity perspective: Mr. Bahlman stated that for the millennial generation there’s no separation between work and life. BYOD would enhance productivity for them, allowing them to manage their personal affairs, while working.
Security perspective: Employees might use their own device irrespective of guidelines. It might be better to allow it, regulate it and provide a work environment on the device to ensure security.
Against the motion- Mr. Ashe
Mr. Ashe questioned the proposition itself, asking who or what is the BYOD policy favourable for? Is it favourable to the Malaysian government, the employees working for the Malaysian government?
He admitted that BYOD has a role to play in today’s workplace. But serious thought is required before going full steam ahead with it. He brought up security concerns and said that it was essential to protect data assets. It would be important to have a structure in place before embarking on the BYOD journey.
He said that there is no longer much difference between enterprise and consumer devices. And BYOD enhances communication and boosts collaboration. So what is of benefit to employees is beneficial for the Malaysian government as well. And he said that technology rightly implemented can take care of security concerns. You can easily create a sandbox on the phone and wipe that if the device is lost.
Does BYOD actually reduce cost? If staff is company issued devices, from a vendor, the company knows the cost and can manage the cost. But with BYOD, you will need a whole bunch of administrative controls to monitor the devices, prevent data leakage. Also, what happens if a device is lost or it breaks down, maybe due to work related issues.
Critical data should not be present on the devices in the first place. If it is not, then the question of administrative controls does not arise.
All data must be classified. Non-sensitive data, which might be bulk of what some employees are dealing with can be stored on own devices without adding to risk.
BYOD might be more expensive in the short-term because systems and services would have to be re-designed from the ground-up, to ensure that important data is protected. But it is an investment which will pay off in the long run. Successful implementation of a secure BYOD environment demonstrates a commitment to understanding your data.
There might still be mixing of personal and work data on staff’s own devices, notwithstanding best efforts. If an Ipad is lost, the IT department might want to wipe it clean remotely. But what f the employee doesn’t want because he/she has valuable personal material on it.
Conclusion – A consensus
By this time, views seemed to converge, though the debaters were supposed to be on opposing sides. Strong policies are required and policies cannot be created reactively, on the fly. Also, policies by themselves might not be enough. Constant monitoring is required.
BYOD implemented the right way can enable delivery of internal services with flexibility and agility, enhance productivity, collaboration and innovation.
The debate was not over yet!
The debaters appeared to have moved to the side in favour of the motion. When Mr. Sagar asked the audience, composed of officials from the Malaysian government’s digital agencies, if they supported a favourable BYOD policy for the Malaysian government, the answer was a resounding Yes.
But there were a coda yet to come.
Mr. Sagar asked the audience if they would be okay with the IT department in their organisation installing applications and implementing security controls on their personal devices, there were more than a few NOs heard from the audience. They were not willing to relinquish even partial control over their devices.
Like many other aspects of digital transformation, it is clear what needs to be done, in theory. But it is about people at the end of the day. That has to be kept in mind for practical implementation of any policy or strategy and that would be the crucial difference between success and failure.
We release new articles daily on trending topics within technology and the public sector. Subscribe to have weekly digests of our articles conveniently sent to your email address.
Mövenpick Hotel and Convention Centre KLIA
One Farrer Hotel
Sheraton Towers Singapore
Putrajaya Marriott Hotel
Marina Bay Sands, Singapore
JW Marriott Jakarta