There is a fairy-tale misconception that by allowing employees to use their own devices, the business will save a fortune in corporate dollars. The truth is, if not managed correctly, costs of BYOD or ‘bring your own device‘ may go up in the end. In this blog post we’ll identify the real costs of BYOD and ways to structure a good model for a BYOD program.

Transitioning Costs of BYOD

If your business is currently functioning in a company-owned model, understand that the transition to BYOD is labor intensive.  Employees will need to take over liability which could mean hours on the phone with carriers. TIP: Many companies enlist the help of an outsourcing company to assist with the transition to save employees time and frustration.

Who Purchases the Device?

Most employees initially already have a phone, however employers need to make sure that the device meets corporate guidelines as well as document policy around corporate dollars towards the cost of a phone. TIP: Employers may choose to buy the initial device, but if the employee loses it, it is important to stipulate that he/she is responsible to pay for the next one.

Paying for the Plan

Most employers provide a stipend for their employees in a BYOD environment. The market average is around $80 per month. Traditionally, any cost over the stipend is the employee’s responsibility. In a company-owned device environment, the business can group plans for a discount based on volume. Businesses can get an average monthly wireless bill to around $50 per user per month.  The average difference between costs of BYOD and corporate-liable is around $30 per user per month.

Understanding the Support Issue

The support of users is an area that companies can lose a lot of time and money with increased costs of BYOD. Who supports the BYOD phone? Here’s a classic example: the employee calls in and says that a corporate app is not working. Initially it may seem that this should go to the corporate support desk, however, we find out that a personal application the employee downloaded is interfering with the corporate application. The unknown personal information, apps or settings may interfere with the functioning of corporate information on the device. It is important to make clear distinctions up front about all support procedures.

BYOD is not a magical cost-cutter. There are many costs of BYOD, both tangible and intangible, from transitioning to a BYOD environment, ensuring the device meets corporate guidelines, paying for the plan, and ongoing support. An effective BYOD policy will address security, clearly define allowable apps, and outline support processes to keep an employee as productive as possible. Understanding and setting policy around employee/employer responsibility will put you on the right track towards effectively managing your BYOD environment.

Mobile Device Management (MDM) is fast becoming the acronym of the moment as organizations struggle to deal with the ubiquity of mobile devices amongst their workforce.   As workers are more and more vocal in their desire to utilize their own devices in the workplace, security management becomes crucial in protecting the organization’s data.  Mobile Device Management (MDM) software monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises[1].

“The era of fully supporting company-owned devices is giving way to an era of managed diversity in which tiered support for employee-owned, consumer-class devices is the norm. With the unabated growth of consumerization, IT leaders need to implement MDM to manage corporate and employee-owned devices, and assign employee-owned, consumer-class devices, and assign responsibilities inside IT departments for the service, application and security of all these devices.” – Terrence Cosgrove, Gartner

MDM functionality typically includes over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, etc., and apply to both company-owned and employee-owned (BYOD) devices across the enterprise or mobile devices owned by consumers[2]. Let’s take a look at the specific benefits.

Implementing a well thought out MDM policy will far outweigh the costs of doing nothing.  Without some sort of controlled MDM, companies will likely see reduced user productivity (if the IT standard does not suit the user’s needs), higher noncompliance costs incurred by users who circumvent IT standards, and the cost of users’ time and efforts in attempt to support themselves, increasing indirect costs[3].  An organization must enforce a unified security policy that incorporates control and the ability to remotely manage all supported devices. The benefits of implementing MDM include:

  • Remotely support all employee owned and company owned devices.  Support and updates can be done over the air (OTA), thus enabling employees freedom with corporate backing.
  • Ability to remotely wipe clean lost or stolen devices.  The MDM platform will enable security teams to quickly remove confidential corporate information from lost devices, regardless of location.
  • Control and direct what applications are allowed and which are restricted.  Remote monitoring of mobile devices will continue to ensure corporate security is not jeopardized by unauthorized apps.
  • Maintain detailed record of user device statistics.  Employee usage statistics can be very beneficial when reviewing employees for performance, productivity, cost, or reprimand.
  • Ability to automatically push software updates to devices remotely.  Devices can be automatically and uniformly updated without impeding on employee’s time.
  • Ensure employee devices are password protected.  MDM enables security teams to remotely manage passwords to ensure that information is protected at all times.
  • Employees can choose their own device of liking.   Staffs utilizing their device of choice are more likely to enjoy working on it.  Forcing a particular device, such as a BlackBerry, may hinder productivity.
  • Reduce employee downtime and cost per user.  Since security and updates are managed over the air, employees are not inconvenienced with schedule intrusions.

MDM does require a harmonization between enterprise operations, IT, and security teams to ensure that mobile device architectures match overall corporate security policies, but with BYOD becoming more of the norm within organizations, an effective optimization platform is vital to protect security while proliferating productivity.

[1] Wikipedia, 2012, Mobile Device Management-Definition

[2] Finneran, Michael, BYOD Requires Mobile Device Management, Information Weekly Mobility, May 7, 2011

[3] The Enterprise Innovator, Gartner Says Enterprise Mobility Management is Essential for IT Success, May 9, 2012

Image courtesy of [Stuart Miles] /

Employees are more mobile than ever – they can work from just about anywhere they choose, and need less and less equipment in order to be productive.  In addition to mobility, the convenience of using fewer devices to manage personal and professional tasks is fast becoming the norm for many employees, preferring one mobile device suited for all needs.  Organizations are more challenged than ever to control, track and manage the amalgamation of mobile devices, service plans, and the ever expanding ocean of apps. Because of this, wireless expense management has become far more complicated than in decades past, when there were far fewer devices and plans to manage and where it was fairly common for the enterprise to adopt a top-down approach to wireless expense management.

BYOD, or ‘bring your own device’ is a program whereby employees utilize their own mobile devices to perform their day to day duties, while granting them access to necessary corporate information.  Email, calendars, and required apps are made available to employees via their mobile devices, eliminating the need to be tied to their office or requiring them to use company-issued equipment.

Because of the recent consumerization of IT, the need for an effective BYOD policy is more evident than ever, as many employees use their own devices and laptops for work regardless of whether or not they receive support from their IT departments.  An effective and strictly enforced BYOD policy will help mitigate the security risks this type of usage evokes.  While BYOD programs have certainly enhanced mobility’s value to an organization, it has without question complicated the issue of productivity.

The arguments behind the BYOD trend suggest that employees are more productive by using their own device, cost is reduced because companies do not pay for the devices, and corporate IT departments do not have to devote resources toward the management of these devices[1].

However, when faced with the fact that more than 60% of companies do not even track the personal usage for their employees’ devices, productivity becomes objectionable[2]. Thus, employees could be claiming any number of calls or minutes as reimbursable expenses and management wouldn’t be the wiser.  If left unchecked, this lack of verification could have a cumulative, detrimental economic affect to the corporation.

In addition to the expense management issues, BYOD policies can expose a plethora of security liabilities often overlooked by management.  In the unlikely event of a lawsuit where phone records need to be subpoenaed, the possibility of acquiring them is slim if an employee is using his or her own device.  Since most companies reimburse employees for their business-related mobile usage, the likelihood of possible record falsification exists.  In addition, the process of reimbursing an employee is a soft cost that needs to be added onto the actual cost of the reimbursable expense.  According to a recent Aberdeen Group study, cellular telephone monthly reimbursement averages $70 per month, which is only $10 less than what average companies pay for wireless expenses[3].  In addition, most reimbursements occur monthly through expense report processing, which costs an organization on average $29 to process, causing the expenditure to climb over the industry average.

To ensure productivity amongst employees who adhere to BYOD, corporations require strict and specific policies.  A well thought out BYOD policy must address the issue of security.  Whether they like it or not, employees should be required to create screen-lock passwords on any personal device that will be used to access corporate data.  With just a swipe of the screen, an employee could unknowingly be exposing sensitive, confidential corporate information.

The issue of IT support for employee-owned devices can be complicated.   This is where productivity can be stalled completely if an employee has an issue that he or she cannot resolve on his or her own.  If it is a network or connectivity issue, will there be corporate IT support?  What happens in the case of damaged hardware or broken equipment issues, or if the device is lost or stolen?  Will IT support those types of problems, or is the employee required to resolve it on his own?  Can the employee count on management to provide a ‘loaner’ device while their own is being repaired, or is the employee essentially out of commission until the original device is fixed?  While these questions are debated, productivity will universally suffer.  Not only is the employee affected, the IT department and management will need to devote time to fixing the issue so the employee can get back to work as quickly as possible.

To what degree will the corporation support the device in a BYOD environment?  Since the combination of personal and professional programs and apps will exist on the device, what happens if a personal app creates a problem that interferes with the ability to access email and other company information?  An effective BYOD policy should outline what apps will be allowed and which will be banned due to any potential security or legal risks whatsoever.  What if a poorly written instant messaging client steals your organization’s address book? These are serious questions to address in a BYOD policy[5].  Who owns the apps, programs, information and the device?  Ownership becomes cumbersome in a situation where the device is lost or stolen and corporate IT needs to wipe the device clean of all information – including the employee’s personally stored information.  Additionally, if an employee leaves or is terminated, who owns the data?  If a BYOD policy is adopted, it must be clearly defined that the employee agrees to the consequences if data security is jeopardized in any way.

The question of whether or not productivity is enhanced with a BYOD policy is not easily answered.  In an environment that has a strict policy surrounding the usage of personal devices is much better poised for increased productivity than those corporations with loosely enforced guidelines.  An effective BYOD policy will address security, clearly define allowable apps, and outline support processes to keep an employee as productive as possible.

To get started on crafting an effective BYOD policy, contact us!

[1] Aberdeen Group, Expense Management for a New Decade, March 2011
[2] Park, Hyoun, Wireless Expense Management:  Control International Roaming and the BYOD Revolution, Aberdeen Group, October 2011
[3]Aberdeen Group, Expense Management for a New Decade, March 2011
[4] Park, Hyoun, Wireless Expense Management:  Control International Roaming and the BYOD Revolution, Aberdeen Group, October 2011
[5] Hassell, Jonathan, BYOD policy and the employee ‘exit wipe’, CIO New Zeland (Online), May 2012