Many companies are moving to a BYOD system. And the move is understandable given anticipated employee efficiency and productivity increases as well as cost savings for employers. On the other hand, companies also need to be aware of the problems that can arise when moving to a BYOD environment, including employee push back and increased security concerns.

BYOD Can Garner Cost Savings - A BYOD Case Study

In 2012, the U.S. Equal Employment Opportunity Commission (EEOC) undertook a BYOD pilot, during which the EEOC was able to significantly reduce the information technology budget for BlackBerry mobile devices. The EEOC explained,
Last year [2011], the EEOC was paying $800,000 for its Government issued BlackBerry devices. Subsequently, the EEOC’s FY2012 IT budget was cut from $17.6 million to $15 million, nearly a 15% reduction. The EEOC’s Chief Information Officer, Kimberly Hancher, significantly reduced contractor services, eliminated some software maintenance, and slashed the agency’s budget for mobile devices -- leaving only $400,000 allocated for Fiscal Year 2012. . . . [As a result of several cost saving measures discussed below,] FY 2012 costs were reduced by roughly $240,000[.]
Importantly, before implementing changes, the EEOC evaluated use of existing devices. Specifically, the EEOC found that,
75% of our users never made phone calls from their BlackBerrys … Email is the killer app. They either used the phone on their desk or they used their personal cell phone to make calls because it’s just easier. We also found there were a number of zero-use devices. People have them parked in their desk drawer, and the only time they use it is when they travel.
After evaluating the existing environment, the EEOC was able to form a plan to implement several cost saving measures, including pressing their "wireless carrier, a GSA Networx contract provider, to help cut costs or risk losing the EEOC’s BlackBerry business." The EEOC also eliminated zero-use devices and moved the remaining BlackBerry devices to a bundled rate plan with shared minutes.

But, moving to a BYOD environment can also be problematic. While employees desire to use their own devices, they may also push back on a company's efforts to monitor and track the devices. Moreover, as IBM learned in its implementation, employees must be trained on best practices to protect their devices and avoid security pitfalls.

IBM Experiments with BYOD

IBM is a sophisticated technology company whose storied history of innovation dates back to 1880. IBM holds more patents than any other U.S. based IT company and has lead the list of top patent recipients for 19 consecutive years. Yet, when IBM adopted a BYOD policy in 2010, similar to other companies, it too encountered technology challenges

In an interview with the MIT Technology Review in 2012, Jeanette Horan, IBM's Chief Technology Officer, reported that her IT department was bogged down with security issues brought about by employees using certain apps (e.g., Dropbox), forwarding internal e-mail to public e-mail services, and creating open Wi-Fi hotspots with their mobile devices.

According to the MIT Technology Review, Horan's team "surveyed several hundred employees using mobile devices, [and found that] many were 'blissfully unaware' of what popular apps could be security risks." In general, her team "found a tremendous lack of awareness as to what constitutes a risk."

Given the lack of awareness among IBM employees of security risks associated with mobile apps and time spent addressing these concerns, "[t]he trend toward employee-owned devices isn’t saving IBM any money . . . Instead, [Horan] says, it has created new challenges for her department of 5,000 people, because employees’ devices are full of software that IBM doesn’t control."

BYOD Is Not For Everyone

It is important for companies to recognize that a bring your own device approach is not appropriate for every company. True, IBM, the EEOC, and many other organizations have managed to make BYOD work for them. But, that does not mean that this approach is the best approach for every organization. As is clear from IBM's experience, companies may not see an immediate cost savings from moving to a BYOD environment. On the other hand, companies could realize immediate cost savings by eliminating zero-use devices as did the EEOC.


Resources and Supporting Materials
  • White House Digital Government - Bring Your Own Device - A Toolkit to Support Federal Agencies Implementing Bring Your Own Device (BYOD) Programs (August 23, 2012)
    • Includes three BYOD Case Studies:
      • Alcohol and Tobacco Tax and Trade Bureau (TTB) Virtual Desktop Implementation
      • U.S. Equal Employment Opportunity Commission (EEOC) BYOD Pilot
      • State of Delaware BYOD Program
    • Includes Sample Policies
      • Sample #1: Policy and Guidelines for Government-Provided Mobile Device Usage
      • Sample #2: Bring Your Own Device – Policy and Rules of Behavior
      • Sample #3: Mobile Information Technology Device Policy
      • Sample #4: Wireless Communication Reimbursement Program
      • Sample #5: Portable Wireless Network Access Device Policy
      • **Disclaimer - inclusion does not constitute endorsement or approval.
  • Brian Bergstein, IBM Faces the Perils of "Bring Your Own Device": After letting its employees use their own phones and tablets for work, the company confronted a flood of insecure apps from the open Web, MIT Technology Review (May 21, 2012).