technical report
TRANSCRIPT
Memorandum
To: Readers
From: Atem John Yak AJP
Date: April 7, 2015
Subject: The Consequences of “Bring Your Own Device (BYOD)” Research Report
Attached is a completed report on the consequences of BYOD on the network. The research
extensively discusses what is fueling the rise of BYOD and both positive and negative effects on
networks. The research also provides some best practice recommendations for organizations
wishing to implement BYOD on their network.
In this package, you will find the following:
Executive summary
Table of contents
The research report
Appendix
I hope this will help you assess the suitability of BYOD for your organization. Please let me
know if you have questions.
Best regards,
Atem John Yak
The Consequences of “Bring Your Own Device” To the Network
Source: (Alfano, 2012)
For Poor Man Grill Blog
Author:
Atem John Yak
April 7, 2015
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK i
Executive Summary
Bring Your Own Device (BYOD), a new trend in the workplace, according to Loucks, it
is defined as “the practice of employees bringing personally-owned mobile devices (e.g.,
smartphones, tablets, laptops) to the workplace and using those devices to access company
resources such as email, file servers, and databases” (Loucks). A recent research survey by
organizations like Cisco Internet Business Solutions Group (IBSG) revealed, “an astounding 89
percent of companies surveyed are enabling their employees to use their own devices —
specifically, mobile devices such as laptops, smartphones, and tablets — for work purposes. The
study also showed that 69 percent of IT decision makers (up to 88 percent in some countries)
feels that BYOD has been a positive development for their organization” (Loucks).
On the one hand, doubt has been cast concerning the benefits companies reap when they
implement BYOD. BYOD promises tantalizing value such as:
Greater employee productivity
Employee satisfaction
Lower costs
Mobility and innovation
On the other hand, some fear the following negative consequences:
Security risks and the complexity of managing devices on multiple platforms,
The effects on employees' health
Privacy
Costs of implementation and strain on IT department budgets,
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK ii
Fear of litigation and loss of employees’ morality (Loucks).
This research report examines what has contributed to the rise of “Bring Your Own
Device” in the workplace, and its consequences on the organizations as well as on employees.
This report examines and analyzes both the positive and negative effects of “Bring Your Own
Device” and bring them to the forefront for various decision makers such as security
professionals, IT managers and Chief Information Officers (CIOs) to help them reach an
informed decision.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK iii
TABLE OF CONTENTS
Pages
Executive Summary …………………………………………………………………………. I
Introduction………………………………………………………………………………….. .1
An Overview ………………………………………………………………………………… .2
What Is Fueling BYOD Demand in the Workplace ….............................................................. 3
The Benefits companies Reap from Implementing BYOD in their Networks...........................7
Case study: Intel …………………………………………………………………………….... .8
The Dark Side of BYOD …………………………………………………………………….. ..9
Security……………………………………………………………………………………….. .10
Cost……………………………………………………………………………………………. 13
Strain on IT Departments………………………………………………………………………14
Privacy………………………………………………………………………………………….15
Workplace Morale and mobility………………………………………………………………..16
Health Concerns………………………………………………………………………………..16
Summary, Conclusion, Recommendation ……………………………………………………..17
Reference ………………………………………………………………………………………18
Appendices
Appendix A: Hillary Clinton’s Email Scandal ………………………………………………...20
List of figures
Figure 1: …………………………………………………………………………………….. 4
Figure 2: ………………………………………………………………………………………6
Figure 3: ……………………………………………………………………………………... 7
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 1
The Consequences of “Bring Your Own Device-BYOD” To the Network
Introduction
Bring Your Own Device (BYOD), a new phenomenon in the workplace that is wreaking
havoc on its networks, is defined as the practice of employees bringing personally-owned mobile
devices (e.g., smartphones, tablets, laptops) to the workplace, and using those devices to access
company resources such as email, file servers, and databases. To determine the extent of how
widespread is the concept of BYOD in workplace, Cisco Internet Business Solutions Group
(IBSG), “interviewed nearly 4,900 business leaders and IT decision makers in nine countries
from January to July 2012. This study revealed that an astounding 89 percent of companies are
enabling their employees to use their own devices — specifically, mobile devices such as
laptops, smartphones, and tablets — for work purposes”(Loucks). The study also showed that
“69 percent of IT decision makers (up to 88 percent in some countries) feel that BYOD has been
a positive development for their organization” (Loucks).
On the other hand, doubt has been cast about the benefits companies reap when they
implement BYOD. While BYOD promises tantalizing value such as greater employee
productivity, employee satisfaction, lower costs, mobility and innovation, some fear negative
consequences: security risks and the complexity of managing devices on multiple platforms, the
effects on employees’ health, privacy, costs of implementation and strain on IT department
budgets, fear of litigation for lost wages and loss of employees’ morality (Loucks).
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 2
This research report examine what has contributed to the rise of “Bring Your Own
Device” to the workplace, its consequences on the organization as well as on employees. This
report examines and analyzes both the positive and negative effects of “Bring Your Own
Device” and brings them to the forefront for various decision makers such as security
professionals, IT managers and Chief Information Officers (CIOs) to help them reach an
informed decision.
An Overview
What is Fueling BYOD Demand in the Workplace?
The Bring Your Own Device revolution in the workplace can be traced back to the
introduction of the smartphone. In short, it is Research in Motion’s fault. Before the phrase that
became the acronym BYOD was first uttered, business professionals were checking office email
at lunch or at conferences and making deals with foreign clients in different time zones after
hours with their Blackberries. Besides smartphones, other technological evolutions such as
virtualization and the cloud contributed or encouraged the use of BYOD (Brown). Virtualization
of applications has made it easy for employees to retrieve company or corporate data on their
mobile devices wherever they are. The virtualization of applications has encouraged
corporations to set up virtual teams that do not need to come to the office. The ability afforded
by virtualization is that employees could work remotely in the company of their families and
enjoy their independence. On top of that, recent developments in application mobility and the
cloud support have further fueled the demand for “Bring Your Own Device” across the global
network. We can blame Amazon, Google, DropBox and the Box, but that would be
discouraging innovation (Brown).
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 3
Therefore, it would be premature to say that this trend will fade with time and better
understanding of its consequences. The truth is that BYOD is here to stay, and it will be up to
organizations to decide whether to implement BYOD or not.
The Benefits Companies Reap from Implementing BYOD in Their Networks
In recent years, studies have been carried out across the globe to determine the benefits
corporations gain when they implement BYOD. For example, in spring of 2012, “Cisco IBSG
surveyed 2,400 mobile users across 18 industries in six countries, the United States, United
Kingdom, Germany, India, China, and Brazil, to understand their BOYD usage”(Loucks). They
found that companies are allowing employees to use some sort of BYOD on their networks.
Amazingly, the result is that there is a wide acceptance by companies to allow users to bring
their own devices to access company data. This kind gesture by companies to their employees to
use whatever device they are accustomed to and more familiar with has led to wider variety of
devices and applications to be managed by IT. Even though it looks like a hassle to companies
IT staff, the companies see it as a way to pass on the cost of providing a company device to
employees. Therefore, by allowing employees to use their own devices, companies have greater
flexibility on how to use technology in manner that is cost savings. This study found that
companies in all countries get the lion’s share of the value of BYOD when they used a strategic
approach to provisioning devices, providing IT support, and developing mobile policies
(Loucks). When surveyed the employees claimed that they use their own devices for
productivity, flexibility and initiatives (Loucks). The employees believed that they accomplished
more when they are using their own devices. It is important to note that productivity
improvements come from the devices and the software, mobile apps, and cloud services used on
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 4
these devices. BYOD users highly value the ability to use the applications and services of their
choice, rather than being limited to what their companies offer (Loucks). The illustration below
furnishes the reasons for using BYOD by users.
Source: (Loucks)
Figure 1: Top Reasons Users Bring their Own Devices to Work
Companies are saving money and employees are more productive. Although companies
are not benefiting equally across the countries studied, average BYOD users save 37 minutes per
week when they are on their own device. The savings, however, varied from one country to
another with a high of 81 minutes per week in the United States and a low of four minutes per
week in Germany (Loucks). On average, basic BYOD generates $350 of value annually per
mobile user (including both BYOD and corporate device users). It is estimated that companies
can gain an additional $1,300 annually per mobile user with BYOD alone (Loucks). In addition,
BYOD sparks employee-led innovation in developed countries and reduces productivity losses in
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 5
emerging markets. In developed markets (the United States, United Kingdom, and Germany), the
researchers found that the greatest productivity gains happened when companies moved from
employer-provided desktop computer to employee-owned devices. The practice has allowed
employees to be mobile and with mobility they can be creative about the ways in which they
could to do work. The companies believe that in the end BYOD pays for itself despite the costs
to implement and support upfront. This is the greatest benefit companies’ gain from
implementation and the point many early adopters are quick to point out to their doubters
(Loucks). The ways in which the BYOD program pays for itself are as follow:
Hardware costs: Employees purchase devices previously bought by the company.
Support costs: Companies can actually reduce support costs with BYOD, as Cisco did, by
implementing community support, wikis, forums, and other streamlined support options.
Telecom costs: By migrating some mobile users from corporate data plans to self-funded
plans, companies can cut telecom costs. Companies have reported being able to migrate
about 20 percent of corporate users to self-funded plans in this way (Loucks).
The number of BYOD devices is forecasted to increase to 105 percent between 2013 and
2017 and reach nearly 405 million devices (Loucks). China will top all countries by 2016, with
166 million BYOD devices, followed by the United States and India at 108 million and 76
million, respectively. Companies in Brazil, Germany, and the United Kingdom will also
experience a significant expansion of employee-owned devices in the next three years (Loucks).
Therefore, this phenomenon is not limited to US companies alone but has a global effect. Just as
the Internet has taken the corporate world by storm, BYOD will remain a part of corporate
culture.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 6
Source: (Loucks)
Figure 2: Estimated BYOD Devices in Workplaces, by Country
The bar chart figure 3 below furnished a comparison of how BYOD is current being used in
corporations. The researchers have found that in most countries and companies, mobile users
who use their own devices for work own an average of 1.7 BYOD devices. This means that a
user has at least a laptop and smartphone or tablet. Because smartphone capabilities have
improved in recent years, smartphones are the overwhelming device of choice for BYOD users.
However, with popularity of Apple’s IPad among consumers today, the number of mobile users
using it for work has risen to fifty-six (56) percent across all countries, showing how vital these
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 7
devices have become. The percentage of mobile users who use their own laptops for work is still
high at (37 percent) and well established across all countries, according Loucks (Loucks).
Source:(Loucks)
Figure 3: A chart comparing the Use of Laptops, Smartphones, and Tablets by Users at
Workplace, by Country.
Who is Who in BYOD Adoption?
The Case of Intel
The success story of BYOD is Intel. Intel, an engineering organization, was one of the
early adopters of the BYOD, which has seen immediate benefits of its implementation. The
question is how they did it. In recent article in InfoWorld magazine, Glen Gruman stated that
“Intel’s productivity has increased by 57 extra minutes per BYOD employee, and that’s $150
million per year, a whopping cost saving” (Gruman, 2012). The savings Intel gained from the
implementation of BYOD are impressive indeed. According to Gruman, this savings means,
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 8
“Intel gets $3 in return for every $1 invested in supporting consumerization . . . that means a
return of about $7,500 per BYOD employee for a cost of $2,500 per employee to enable,
manage, and secure. Intel does this without imposing draconian technology restrictions on users”
(Gruman, 2012).
Intel accomplished this because it has instituted a concept called “trust user.” This means
providing a degree of trust based on the users in the organization. Intel figured out how much it
can trust each person, and then extended that trust accordingly. This trust bestowed in users
means that they are expected to do the right thing no matter the device, app, or storage system
used (Gruman, 2012). The real dilemma here is that no security administrator or expert actually
trusts end users.
Intel uses technology to help protect information security. It deploys mobile device
management (MDM) tools to make sure that devices conform to basic policies such as enforcing
the use of passwords and encryption (Gruman, 2012). This enforcement alleviated the fear over
lost devices, and as do the controls for remote wipe when devices with sensitive data were lost.
Intel uses application development tools that let it embed and manage information permissions in
internal apps such as the ones allowing employees to access their payroll information, which it
provides to PCs, Macs, mobile devices, and Web browsers (Gruman, 2012).
Intel's focus is not on device-level tools but the information. The best way to ensure that
information does not end up in the wrong hands, is to control access in the first place. Intel
adopted the notion of “trust zones.” A trust zone in the words of Gruman is “essentially a
classification for information access” (Gruman, 2012). For example, a CIO has the highest level
of information accessibility. He/she could essentially access information in any zone wherever
he/she may be in Intel's Santa Clara, Calif., headquarters or any other trusted environment.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 9
Nevertheless, if the CIO connects from, say a hotel overseas, she loses access to the top trust
zone's information because she is connecting from a lower trust zone -- despite her credentials
(Gruman, 2012). This approach limits access to sensitive information before it gets to a
smartphone, tablet, Mac, PC, or whatever. This upfront limit removes many concerns over what
happens to information once it reaches a device -- it only gets there if the device, context, and
user are all trusted (Gruman, 2012). On the surface, this sounds like simple strategy to anyone
reading it but a nightmare to implement it in organizations, especially when the IT department
staffs are not reasonably familiar with the technology.
The Dark Side of “BYOD”
Security
Security is a great concern to most organizations or companies because it applies to all
aspects of technologies that are utilized today. The acceptance of mobile devices in workplaces
has increased the chance of security incidents. The chance of security incident is enhanced for an
obvious reason and that employees’ personal devices are portable and could be carried around ...
this means some of the devices will inevitably be lost or stolen (Jones, 2015). A lost device can
pose very real risks to companies’ data. Furthermore, these devices comes with add-on
capabilities like Bluetooth or Wi-Fi networks that are considered not secure. These capabilities
expose their vulnerabilities and open up opportunities for hackers. The vulnerability is worsened
by the fact that half of US employees report storing work-related data on their personal mobile
device(s)—even when there is no BYOD policy (Jones, 2015). Imagine this scenario: an
employee who uses BYOD one day while in a rush to get home forgets to turn off a Bluetooth on
a device and dashes to catch a metro in New York. How many people do you think will have the
ability to exploit what is in that device? The answer is everyone that has a phone or tablet. If this
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 10
sounds scary then yes, it is. If the number of people who own these devices can connect to
company networks is 60 percent, then there is undeniably a scary security situation in hand
(Jones, 2015).
“The lack of policy clarity — and the sheer absence of policy in many cases — have led
to security problems,” says Loucks. New threats to the security of company data from viruses,
malware, and network intrusion is by far the biggest downside of BYOD identified by many
researchers (Brown). The perceived danger of BYOD to corporate network security is likely a
major reason that companies in Europe have not embraced the trend as fully as others. With the
exception of China, European countries are the most concerned with the negative effects of
BYOD on the security of corporate networks. Interestingly, the concern over network security
has not made Chinese companies reluctant to embrace BYOD, since they believe the benefits far
outweigh the potential costs (Loucks).
Webroot (a private company that provides Internet security for consumers and
businesses) stated, in 2014, that “out of the 2,100 individuals surveyed, 78 percent were using
their own personal devices as part of a BYOD work policy. . . 64 percent of those personal-
device users admitted to using only the security installed when the device was purchased”
(Jones, 2015). According to Brandon Jones, “there is a wide spread disregard of security
considerations among corporate employees because just 30 percent reported using a PIN, while
the other 44 percent employ a combination of more complex password and pin and the
remaining 26 percent of the respondents have nothing in place to prevent unauthorized access to
their mobile device” (Jones, 2015). Furthermore, this study reveals, “employees between 30 and
44 years of age are among the lowest percentage of password users”—instead opting to use less
sophistical approaches like swipe patterns or facial recognition features to lock their mobile
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 11
devices (Jones, 2015). The lack of sophistication in security by most employees across
organizations and the demand for BYOD ready devices by the same employees put corporate
data in a great risk.
Consequently, one of the most important security tools for mobile devices that hold
company data is the ability to remotely wipe sensitive information in the event a device is lost or
stolen. This action is meant to take care of the problem relating to poor device security but the
lack of remote wipe capabilities in some of the devices that employees use means that a very
large percentage of mobile devices used in BYOD scenarios are putting company data and
network resources at significant risk (Jones, 2015). On the contrary, if companies try to use this
ability to protect their data, they invite a lawsuit from the affected party. For example, when
sensitive company information is embedded onto a personal device and the owner of that device
quits or is fired, making sure all company data is extracted from the privately owned cell phone
or tablet can pose an array of legal issues. Companies in the past have been sued for wiping
company data from personal devices where important personal data, such as photos and personal
documents, were inadvertently wiped away as well (Jones, 2015).
According to James Bourne, “Two in three employed Americans do not have remote
wipe activated on their smartphones, or are aware of its existence” (Bourne, 2014). To me that
is an alarming statistic pulled from a Bitdefender survey of over 1000 US Internet users aged 18
or over during August 2014. The study, conducted by Millward Brown on behalf of Bitdefender,
again highlights the need for security education among employees who bring their own devices
to work. Perhaps the most worrying aspect, however, is that even if employees gets clued in on
what is going on, they either forget or simply do not care about the ramifications – and that could
spell disaster for your business (Bourne, 2014). The study assessed workers’ BYOD security
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 12
preferences on whether their device was employer-owned or personally owned. Remarkably,
some figures turned out the same; 45.6% respondents in both categories admitted they did not
remotely wipe any of their personal devices, and 21.4% on both sides said they did not know
(Bourne, 2014).
In addition, in 2013, Varonis, a computer Security firm conducted a survey to gauge the
adoption and usage patterns of personal devices in corporate settings, and to look at security
implications of bring-your-own-device (BYOD) policies. The results of the survey were
shocking. According to Varonis, almost 74% of respondents had access to corporate data from
their personal devices—either through a formal or informal BYOD policy and only 26% had an
official policy forbidding personal device (Sobers). The study found that 50% said they lost a
device with important data on it, and more worrisome, 22% of our respondents reported that a
lost device had created security implications (Sobers). In addition, 13% said they did not have
the most basic security measure in place: device-level password protection (Sobers).
On a global scale, according to Craig Scroggie, “55 percent of Australian businesses
found tackling mobility somewhat to extremely challenging and 43 percent identified mobile
devices as one of their top three IT risks”(Scroggie, 2012). The concerns are wide-ranging, from
lost or stolen devices, data leakage, unauthorized access to corporate resources and the spread of
malware infections from mobile devices to the company network. With mobile devices being
used to access business data, the cost of security incidents can also be significant. The average
annual cost of mobile incidents for Australian enterprises, including data loss, damage to the
brand, productivity loss, and loss of customer trust was $172,000 (Scroggie, 2012).
As these examples from various studies and surveys from security firms and security
professional have shown, security is and will be a number one headache for companies
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 13
considering implementing BYOD. Protecting company data on employees’ own devices will
undoubtedly costs the company both financial resources and human resources
Costs
BYOD could be costly to the company and these costs could be directly due to
implementations or indirectly due to ligation. For example, in August of 2012, a California
appeals court ruled that employers must reimburse employees for work-related calls made on the
employees’ personal cell phone (Jones, 2015). In addition, attempting to execute guidelines and
security measures for a vast-array of devices could end up costing far more for a business than
what was initially perceived when the BYOD system was implemented. Secondly, exempt
employees, who are authorized to use their personal devices for work-related tasks, worsen the
problem; this practice can cause trouble with HR, specifically, and with a company, in general.
The perfect examples of this, is an expecting employee. If this employee during the leave of
absence uses her own device to check and respond to work email, legally, this employee is
considered to have performed company-related work for longer than a 'De minimis' amount of
time -- meaning longer than a few minutes (Jones, 2015). In this situation, that employee could,
conceivably be eligible to a full week’s salary even if worktime amounted to a mere 4-5 minutes.
This type of scenario could turn into a legal nightmare. In addition, working after hours on a
personal mobile-device may make a company liable for paying the employee overtime (Jones,
2015). Therefore, BYOD in one way or another causes company money. In this case, if
employees are not compensated for the work they have done, they have a legal ground to sue the
company and win.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 14
Strain on IT Departments
Although security topped the negative effects of BYOD, a strain on IT department
budgets and the staff’s time is also a big concern. When companies open the floodgates and
allow virtually any personal device to be part of the BYOD paradigm, it can create havoc for IT
departments. It wastes IT Support staff time that could have been used to research how an
organization can benefit from using technology effectively. The staff’s valuable time is spent
adding or removing devices from an already secured network due to an upgrade of an
employees’ device or simply replacing a defective one. In a nutshell, this wasted time costs
organizations money. The problem IT personnel are encountering is attempting to figure out how
to permit employees to access all data necessary while keeping that data out of harm’s way.
Because of the lack of standard agreed-upon policies in BYOD environments for maintaining
data security, the IT team’s time and human resources are consumed at the expense of the
company (Jones, 2015).
Privacy
“Many employees, who might be part of a BYOD policy, worry about their personal
privacy. The laptop they might use for work purposes would be the same one used for logging
onto Facebook or surfing the web, etc. It makes sense that a number of employees might feel
wary of their company having the capability to gain access to their personal passwords and
intimate information of all types”(The3DMaN, 2014). The term “spying” might not ever be said
out loud, but if staffers were to feel that spying was real in their minds, it would create a lack of
trust and uneasiness for some(The3DMaN, 2014). That would certainly not make for an overall
positive work environment.
As mentioned earlier, one of the most important security tools for mobile devices that
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 15
store company data is the ability to remotely wipe sensitive information in the event a device is
lost or stolen. Companies that have incorporated BYOD in their networks require a special
software programs to be downloaded to personal devices to enable them to be remotely wiped of
data if necessary -- if a tablet were stolen, for example. The idea of giving control of one’s
personal device to an employer increased the fear of having personal data wiped out. It feels like
you are constantly under the watchful eyes of a big brother. Therefore companies need of
protecting their data clashes with employees’ need of privacy (The3DmaN, 2014).
Loss of wages
On average, most employees who used company provided electronics, turn them off and
put them away when they arrive home, or are not on call. Having access to your work email and
information on your personal phone, tablet or computer changes this. When a new email, text or
phone call comes in during off hours to company provided electronics, most people respond the
following business or work day because that is when they turn on their devices or log into their
computers. However, with BYOD, most dedicated employees will take time out of their personal
life to promptly respond because it’s right there in front them and it’s easy to do so. Most of the
time employees do not report the personal time used for responding to work messages into their
weekly hours. Most employees say, “Well, it was only five minutes” or “I can’t put only five
minutes on a time sheet”(The3DmaN, 2014). All that time adds up without noticing it. If every
employee were to spend five minutes each of personal time unreported on a time sheet, that gives
a company one extra hour of productivity for every twelve employees – all at no cost to the
company. That adds up to a lot of lost wages and personal time to an employee over the lifetime
of a career (The3DmaN, 2014).
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 16
Workplace Morale and Immobility
The presence of BYOD in an organization could lead to a decline in employees’ overall
happiness outside of work. Taking away the time that employees could spent with families and
friends gives them the feeling they are always at work and on call. Even if an employee can force
himself or herself not to respond to work related messages when on personal time, just knowing
a message from work came in puts it in the back of the mind and leaves the employee wondering
what the message was or what it is about. If they did read the message but still have the
willpower not to respond, then they are stuck thinking about how to respond when they start
work again. This takes precious, irreplaceable time away from one’s personal life (BYOD Has
Negative Impact on Employees | The3DmaN, 2014).
Health concerns
Mobile devices have made employees immobile. With cloud computing and wireless
communications, nearly everything is doable on mobile devices, giving people less incentive to
get up and move around. This inactivity by the employees can lead to some major health
problems such as diabetes, back problems, hypertension, depression and obesity (Delgado,
2014). In addition, smartphone users may also develop a condition called de Quervain syndrome,
which also goes by the name of Text Thumb or BlackBerry Thumb (Delgado). This is where
tendonitis forms in the thumbs due to frequent rapid texting. If you couple that with eyestrain
from staring at a small screen, smartphones can end up causing unnecessary pain for employees.
In addition, laptops can lead to posture problems. Many workers now use laptops to perform
their usual duties instead of a desktop keyboard, and this can affect workers’ necks, backs, hands,
and shoulders (Delgado, 2014). These negative effects on health may even end up negating the
productivity benefits that come from BYOD.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 17
Conclusion
According to Andy Patrizio, “Gartner said companies need to find the right level of
support for BYOD programs to take advantage of the potential cost savings. Beyond the
hardware, companies have to set the appropriate level of reimbursement for voice and data cost
and despite the challenges, 90% of organizations will support some aspect of BYOD by 2017”
(Patrizio, 2014). Furthermore, companies have varying degrees of maturity in adoption of
BYOD; Patrizio predicts that by 2018, the number of employee-owned devices used for work
will double from current levels than enterprise-owned devices (Patrizio, 2014). With improved
mobile policy and cost-reduction strategies, companies could reap a wealth of benefits from
implementing BYOD. Many companies are already benefitting from this new trend in the
workplace, and one of those companies is Intel, which has successfully implemented BYOD in
its entire network. The success of Intel has will entice other companies to follow suit.
On the other hand, our obsession with connection and addiction to mobile phones and
email will intensify. The obsession and addiction has serious consequences such as security risk,
various effects on employees’ health, privacy concerns, implementation and litigation costs and
strain on IT department’s budgets and workplace moral and immobility, and employees’ wage
lost. Some of these consequences have a lasting effect on both the corporations and its
employees. In my opinion, these problems are exacerbated by this society’s obsession with
speed. The idea of “I need it and I need it now” contributes to the rise of this phenomena we now
call BYOD.
As the 2016 election campaign gets under way, we will have to wait and see if Hillary
Clinton will be the first politician to be a victim of poor BYOD implementation. I have
discussed this case in the appendix.
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 18
References
Alfano, J. (2012 ). GoSpotCheck. BYOD debates are misguided: Retrieved from
http://www.gospotcheck.com/2012/11/28/byod-debates-are-misguided/
Bourne, J. (2014). Employees are still lax on BYOD risks, survey reveals. Retrieved from
Enterprise Apps Tech: http://www.appstechnews.com/news/2014/oct/06/employees-are-
still-lax-byod-risks-survey-reveals/
Brown, L., (n.d.). Bring your own device: balancing an IT security necessary evil. Retrieved
from http://www.leebrownsresume.com:
http://www.leebrownsresume.com/wp-content/uploads/2013/12/Bring-Your-Own-Device-
Balancing-an-IT-Security-Necessary-Evil-Lee-Brown.pdf
Delgado, R. (2014). The impact of BYOD on employee health, and what to do about it.
Retrieved from http://insights.wired.com/profiles/blogs/the-impact-of-byod-on-employee-
health-and-what-to-do-about-it#axzz3W2EysaWI
Gruman, G. (2012). Afraid of BYOD? Intel shows a better way. Retrieved from
http://www.infoworld.com/article/2615361/byod/afraid-of-byod--intel-shows-a-better-
way.html
Jones, B. (2015). 5 reasons your company will not incorporate BYOD. Retrieved from
http://betanews.com/2015/01/27/5-reasons-your-company-wont-incorporate-byod/
Loucks, J. (n.d.). The financial impact of BYOD. Retrieved from
http://www.cisco.com/web/about/ac79/docs/re/byod/BYOD-
Economics_Econ_Analysis.pdf
Martosko, D. (2015). Hillary's 'email-gate' now linked to whistle-blower's description of State
Department boiler-room operation set up to hide documents after Benghazi. Retrieved
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 19
April 14, 2015, from http://www.dailymail.co.uk/news/article-2997193/Hillary-s-email-
gate-linked-whistle-blower-s-description-State-Department-boiler-room-operation-set-
hide-documents-Benghazi.html
Patrizio, A. (2014). BYOD is saving serious money for IT. Retrieved March 30, 2015, from
http://www.networkworld.com/article/2854044/microsoft-subnet/byod-is-saving-serious-
money-for-it.html
Scroggie, C. (2012). BYOD - What effect are mobile devices having on business? Retrieved
from http://www.abc.net.au/technology/articles/2012/05/10/3499884.htm
Sobers, R. (n.d.). Bring your own device demise. Retrieved from
http://info.varonis.com/hs-fs/hub/142972/file-363237218-pdf/docs/research_reports/
Research_Report_-_BYOD.pdf
The3DmaN. (2014). BYOD has negative impact on employees. Retrieved from
http://the3dman.com/byod-creates-negative-work-environments/
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 20
Appendix:
Hillary Clinton E-mail Scandal; Lessons and How to Avoid It
In recent months and if you happen to follow American politics, you may have heard of “Hillary
emailgate” as newscasters call it. Hillary Clinton’s email scandal is a prime example of BYOD
gone wrong.
Anyone interested in BYOD is cautiously warned to follow these simple rules strictly and with
due diligence. The most important technological principle to keep in mind when planning to
deploy BYOD in your organization is KISS (Keep It Simple Stupid).
1. Have a clearly defined policy for using personal email
Clinton claims that using personal email was allowed by the State Department. You probably
already have a policy about whether employees may use personal email accounts for work
purposes. Clinton's use of personal email servers is unusual, however, and you may need to
address it specifically in your policy in case anyone is inspired to emulate her.
2. Make business email easy
Clinton's reluctance to juggle two separate devices is a fundamental motivation behind the
BYOD movement. Whether the employer provides the mobile device and allows personal email
to be used, or employees are allowed to use their personal mobile device for business purposes, it
has to be easy to use the business apps or tools. When things start getting too complicated, users
like Clinton opt for loopholes and workarounds instead.
3. Segregate personal and business data
Clinton also stated, “no one wants their personal emails made public, and I think most people
understand that and respect that privacy.” Clinton was defending why she chose to delete certain
emails rather than providing the entire email server archive to the State Department. Regardless
THE CONSEQUENCES OF “BRING YOUR OWN DEVICE –BYOD” TO THE NETWORK 21
of Clinton’s motivation, in a BYOD environment employees are engaged in both business and
personal matters from a single device. The company has certain rights and obligations regarding
the protection and archiving of business communications, and the company should have access
to business data from the device. The employer should not, however, have access to personal
files or communications from the device. Provide employees with a simple means of managing
both business and personal communications from one mobile device without surrendering their
privacy ( Martosko, D. (2015, March 17).