As we all know technology is changing all the time and new products are constantly hitting the market place.
When I started my IT career I turned up to work and was given a desk, telephone, Desktop PC and mobile phone. Nowadays there are iPhones, iPads, Kindles, Blackberries etc. and a growing trend is for staff to bring these devices into work and synchronise them with their 'work' equipment.
Having been in charge of Service Delivery we had a policy that 'non work' or non standard IT equipment would not be supported by our 1st and 2nd line support staff. Needless to say this didn't go down too well with the higher echelons of Senior Management. When we explained the reason for taking this stance;
- increasedrisk of viruses
- increased cost of support
- taking resources away from dealing with potential Major Incidents that would affect the bottom line or market share
...this soon focussed the mind.
However some companies are encouraging this, but taking this approach has pitfalls, especially if there are not processes and procedures in place to manage and control. This is where the ITIL framework can assist. Many folk think that ITIL and Service Management is about managing static platforms, servers etc. and is not as effective at managing mobile devices.
I disagree, it is all about managing the risk of introducing new devices into the live environment and managing them going forward.
BYOD adds another layer of complexity to the items that good practices try to manage, for example, conforming to a corporate standard to lower cost of utilization and to enhance security and lower vulnerability and business risk.
Also think about staff turnover in a BYOD environment, what happens when an employee leaves the organization or changes departments, in terms of the accessibility that their own devices have to the company's data, information and access to the network? This becomes a very major issue and costly in terms of maintaining the security and access rights appropriately. Do the support team wipe all the company related data on that individual's device, even though the company doesn't own the asset? The guidance and governance has to be adhered too and employees that use their own devices will need to sign and comply with the company's data protection policies. Availability Management, Access Management and IT Security Management processes will need to be specifically defined and enforced.
There is the issue of compatibility, which from an IT support perspective, is where the costs can be a lot higher. If you have a number of different devices all trying to access the same services, and they are employee-owned devices, and who knows what else is being run on them, you have issues around compatibility. Also will your business applications be compatible and run effectively with these non standard devices? There will need to be a lot of 'testing' before the devices are introduced into the live environment. The Release and Deployment process will play its part in ensuring that these are 'safe' to be introduced into the live environment.
So will the trend of BYOD to work continue? Personally, I wouldn't encourage it in my organisation, however, if the correct processes and procedures are in place with all staff understanding the consequences if issues do arise, then good luck !
If your have any experience or opinion on the above article we at ITILnews.com would like to hear from you... so leave a comment...