Don’t tell Inland Revenue, but the corporate mobile device is going the way of the dinosaur as we enter the age of the ‘bring your own device’ (BYOD) workplace – a change taking many employers by surprise.
It’s all part of the ‘consumerisation’ of IT, driven by the ever-increasing array of mobile gadgets freeing people up to work anywhere, anytime. So, it’s not surprising growing numbers of employees are using their own smartphones, tablets and Android devices to shares files and data - inside and outside the office.
But how many Kiwi employers are addressing – or even aware of - the meteoric rise of the BYOD workplace? Certainly, tech sector employers are years ahead of others, seeing BYOD as the norm and already looking at how to address the next issue – BYO Apps.
But for the mainstream, BYOD as the norm is sneaking up unannounced. Indeed, the employers I have spoken to are generally unaware BYOD is an issue, or are resorting to blanket banning of personal devices from work as a solution. This is simply unsustainable.
So what are the risks and rewards of the BYOD workplace and how to prepare for it? There are clear benefits for organisations that encourage (or at least condone) BYOD. Evidently, corporations which have adopted a BYOD policy report that it has positively affected the employee’s view of the company and has created gains in efficiency, productivity and creativity. Most importantly, they have reported that their BYOD policy has helped them recruit and retain young talent. (See infographic below.)
For Gen Y (born between 1981 and 2000), policies encouraging BYOD are extremely popular. In a recent United States survey of 2800 Gen Y professionals and college students, 71 percent indicated that mobile devices should be allowed for personal and business use, 81 percent wanted to choose their own device, 68 percent believed that the company should allow them to access social media and personal sites with work devices; and (astonishingly) 40 percent of students and 45 percent of professionals said they would accept a lower paying job if it had more flexibility on device choice, social media access and mobility.
In spite of this growing demand, many employers fail to create or communicate policies regarding BYOD. A recent United Kingdom survey of 2,151 staff indicated that while well over half used their own devices at work, 40 percent of them did so without guidance from their employers and a further 14 percent were unaware that their employers had policies in place governing their use. More alarmingly, 46 percent of employees who used their devices for work claimed their IT departments were either unaware of or ignored BYOD.
The momentum for change will be driven by a core group of trend setters who embrace new consumer technology. These early adopters may bypass any device policy seen as outdated and will use consumer devices, software and apps despite the lack of IT support and probably without management being aware of the situation. At best, this core group is a catalyst for change and innovation within the work place. At worst, they are a security nightmare waiting to happen. So should you be more concerned about the device you know about – or the one you don’t?
From an employment law perspective, it is important that an employer fairly signals to employees what its policy is regarding acceptable use of personal devices. An employer must be realistic: most organisations simply lack the tools to monitor and enforce draconian security and device policies. The success (or failure) of a policy relies upon employees “opting in” to a policy seen as sensible and fair. Matters that a policy covers should include:
· What “acceptable use” is (this will differ from a device used solely for work purposes);
· What devices, apps and app support are approved;
· Whether there will be a ‘register’ of approved devices;
· What measures need to be taken to secure the device and the data;
· How the employee is to be reimbursed for data charges and roaming fees;
· How employee personal data and work data is to be kept private and distinct;
· Who “owns” personal and work data;
· What happens to the device and data when the employee’s employment is terminated;
· What the consequences of a breach of the policy will be.
Once a policy is in place, employers need to ensure they communicate it to their employees (especially those fond of shiny new gadgets).
If all of this seems overwhelming, just think how difficult it will be to tax!
Craig Mundy-Smith specialises in internet-related employment law issues, bartlettlaw.co.nz.