After reading the headline to this story, you’re probably thinking to yourself “acceptance”? Isn’t BYOD about deployments and management? Isn’t it about policies and risk mitigation?
Sure, but it’s also about accepting the fact that we’re already beyond the BYOD point of no return.
The five stages of BYOD adoption eerily mirror Kubler-Ross’s five stages of grief:
- Denial. “Are any employees really going to access our ERP suite on a mobile device? Those tiny screens make it just too much bother.”
- Anger. “No, we will not grant you access for your iPad. This is a work environment, you slacker. You’re just going to use it to play Angry Birds anyway, and then click over to the CRM app when your boss walks by.”
- Bargaining. “Okay, you can use your iPhone, but not Android. And you have to sign a waiver giving us the right to wipe your phone remotely whenever we want.”
- Depression. “What on earth are we going to do about this BYOD problem? How are we going to pay for this? How are we going to manage and secure this? It’s a Sisyphean task. Just shoot me now.”
- Acceptance. “This BYOD stuff isn’t really as bad as it seems. There are tons of tools out there for both security and management. You know what, once employees are reliably and securely mobile, remote work becomes more constructive, downtime between meetings can be productive, and, hey, I have this idea for a cool app that would tie our CRM to our social-networking efforts...”
I recently attended the MobileCON conference in San Diego. BYOD tools, suites and schemes were everywhere. Vendors were liberally rolling the term BYOD into their collateral and affixing it to their booths. The focus of all of this was security, management and productivity, yet BYOD has the potential to be much, much more.
Is it unreasonable to interpret BYOD as a sign of things to come, to regard BYOD as being as much about the changing workplace and the evolving nature of knowledge work as it is about basic mobility? Is it unreasonable to think of BYOD as a potentially disruptive trend that, alongside social media, will fundamentally change how businesses interact with their customers?
Changes in Time: Coca-Cola Pushes beyond BYOD to a Real-Time Supply Chain
Coca-Cola Enterprises is somewhat cautious about BYOD. They accept iPhones and BlackBerries, but not Androids until the platform matures more and bulks up some of its basic security. They’re also using the MDM (Mobile Device Management) solution from AirWatch to help secure and manage mobile devices.
Still, even with mobility a reality and not a future goal, it’s not a straight line from mobility to productivity and new ways of interacting with customers. Data that could benefit mobile employees may still be locked in various silos, ERP, CRM, marketing analytics suites, etc., and if it is difficult to share data from one application to another in-house, it can be nearly impossible to do so from a mobile device.
And it can be tougher still to figure out how shared data will actually improve the customer experience.
“Mobile platforms allow people to connect with one another, not only with colleagues and friends, but with brands,” said Esat Sezer, SVP and CIO of Coca-Cola Enterprises, one of Coca-Cola’s largest bottlers. “[Coke is] one of the most followed brands on Facebook. We have 50 million followers, which increases every month. What does that mean? To consumers, it means that they want to not only connect with a brand socially, but they also want to collaborate with it. Smart brands will build on this new social relationship to better serve those consumers.”
For Coca-Cola Enterprises, a B2B company, they aren’t focused so much on consumers, but on retail partners in the supply chain. In their case the “customer” could be a convenience store or fast food restaurant. As the company became more mobile, Coca-Cola Enterprises wanted to transform its supply chain into a “real-time, event-driven” one. In a supply chain with 30,000 delivery drivers and 11,000 merchandisers, anything aspiring to real-time must by definition be mobile.
To tackle this challenge, Coca-Cola Enterprises deployed Software AG’s webMethods, an application integration and business process management (BPM) platform. With webMethods, merchandizers can clock in and out on their mobile devices, deliveries can be tracked via GPS, and a delivery person stocking shelves can report back on any point-of-sale buying patterns he or she may notice.
If the bottles in an end-of-aisle display that has some sort of social media component, through say a QR Code, are always sold out, and the cold bottles in the cooler are not, that’s an important insight that is easy for a delivery person to detect – if they are paying attention, and if it is easy to report this fact back to headquarters.
Then all of that information can be fed into applications like SAP and pulled back out to share with other relevant applications as needed.
Changes with Security: Shifting the Focus to Risk
I mentioned earlier that most BYOD discussions center on security. There’s a good reason for this. Managing non-corporate-owned devices is hard, and BYOD changes risks.
“When companies think about developing a BYOD strategy, some of the most complicated pieces of the equation are not technology issues but those that fall in the realms of liability, ownership and privacy,” said Phil Hochmuth, an analyst at IDC.
Businesses must think about new use cases that will emerge in the post-BYOD era and plan for them accordingly. Most businesses are already moving towards a risk-based security strategy (versus just defending perimeters), so the challenges posed by BYOD should feel different in degree, not in kind.
“Organizations that leave networks wide open to employees' mobile devices will have a hard time containing access to and controlling the use of sensitive corporate data in today’s extended computing environment. As organizations go beyond basic wireless and Internet-only access and offer broader network, data and corporate mobile applications, IT organizations must contend with the risks of this new mobility paradigm,” Hochmuth said. “Enterprises should consider solutions that allow policies to be applied based on user, device, network, application and data leakage risks.”
When Jerusalem-based Hadassah University Medical Center started investigating BYOD, they sought a solution that would offer better network visibility as the first step in the BYOD adoption process.
“[Gaining network visibility] allows us to understand what types of devices are connected to our network,” said Barak Shrefler, chief information security officer for Hadassah University Medical Center. “The second challenge was control, basically the ability to enforce our security policies based on the device’s type and behaviors.”
After evaluating solutions from Fiberlink, AirWatch and a few other MDM vendors, Hadassah UMC eventually selected the NAC (Network Access Control) solution, CounterACT, from ForeScout, rather than an MDM solution.
“As an IT network security manager in a hospital environment, you must be very creative, for example to accommodate medical devices such as CT Scanners and Blood Pressure Monitors, on your network. ForeScout’s agentless solution helps us to do that,” Shrefler said.
In essence, Hadassah UMC’s process involved recalibrating security risks, which meant shifting the focus more firmly towards protecting sensitive types of data rather than just worrying about devices. After all, connected devices in a hospital setting can be all over the map.
Changes with IT-Employee Relations: Employees, not IT, Are Leading the BYOD Charge
The sad fact is that most organizations are behind the eight ball with BYOD. Employees are already mobile. Nearly 50 percent of U.S. mobile subscribers own smartphones and 22 percent of U.S. adults already own tablets.
Your mobile employees are probably more likely to forget their wallets at home than their smartphones, and they will figure out ways to work on those phones (and tablets). Yet most organizations don’t have formal BYOD policies in place (I’ve talked to analysts and executives at MDM companies who put the number in the 15-20 percent range).
This is a good news-bad news scenario. First, the bad news, which is obvious: you’re opening yourself up to huge risks by not having BYOD policies in place.
The good news is, though, that once you catch up, your users will have already blazed trails and can provide you with guidance on how to get the most out of your newly mobilized workforce. They will know which apps fail, which need better interfaces, which ones just don’t function over mobile data networks, which need APIs developed to connect them to other relevant apps, etc. Your employees may have even thought through new use cases you couldn’t in a million years have planned for because they only emerge after employees gain mobile work experience.
Changes in Collaboration: Sandler Consulting Gets Closer to the Customer Mindset
When Sandler Training, a sales and sales management training firm, began investigating BYOD, it did so with an eye towards collaboration. Sandler sought a collaboration platform that would enable their thousands of consultants to access, share and collaborate on a large library of documents, including training resources and internal communications.
Since much of the consulting and training takes place offsite, Sandler Training needed a way to keep all their mobile consultants up to date with the latest training resources. The challenge was passing this information through to mobile devices and tablets while also protecting intellectual property.
Sandler Training adopted the collaboration platform from SkyDox to solve this problem.
“Individuals are now working on the most recent document at all times, eliminating duplicate work, the need to deal with clashing feedback, and versioning issues,“ said Luke Davies, managing director of Sandler Training.
Thus far, this sounds like a pretty standard benefit of online collaboration. But once collaboration is extended to the mobile channel, IP theft becomes a much bigger issue, which is why many firms like Sandler avoid going mobile.
However, by assigning folder and document-level access rights in the client workspace, Sandler Training prevents unauthorized third-party downloading or distribution of confidential documents and intellectual property.
The ability to track document access at the page level also allows Sandler Training to determine if and when each document was opened. Moreover, Sandler can begin to see how clients interact with the content. They can see with whom it was shared, and they can observe which pages clients spend the most time on.
In other words, without ever asking for feedback from clients, they can get it, and they can tailor future content in a way that conforms to what clients value and how they share and use the data they value.
Most BYOD-focused vendors (MDM, NAC, collaboration vendors, etc.) won’t try to sell you on using BYOD to better gain insights into customer’s behavior patterns. Perhaps, they should.