As many IT departments struggle to keep up with yearly technology changes, company employees increasingly want to use their own devices to access corporate data.
It's part of a growing trend dubbed Bring Your Own Device (BYOD), which encompasses similar Bring Your Own Technology (BYOT), Bring Your Own Phone (BYOP) and Bring Your Own PC (BYOPC) initiatives. All of them have evolved to empower workforces through the so-called 'consumerisation of IT'.
As part of this consumerisation, BYOD encourages company employees to work on the device they choose - accessing corporate email on their iPhone 5 or using a Google Nexus 7 to view text documents. The goal for SMBs? Increased productivity and reduced costs.
But BYOD also has a darker side. If not fully understood and regulated, it can threaten IT security and put a company's sensitive business systems at risk.
There are some key advantages to operating a BYOD strategy, including increased employee satisfaction (they can work more flexibly), cost savings (reduced hardware spend, software licensing and device maintenance) plus productivity gains (employees are happier, more comfortable and often work faster with their own technology).
As Mark Coates, EMEA VP at Good Technology, points out: "By enabling employees to securely and easily access corporate data on their own device, productivity levels will naturally increase. In terms of cost savings, there are huge benefits, since SMBs will not have to manage and fund a second device for employees."
Shaun Smith, technology practice director at Xceed Group, agrees. "At Xceed Group, allowing the use of consumer devices has helped improve both productivity and staff motivation," he says. But he also strikes a note of caution. "For a company to decide if a BYOD strategy would work for them they need to ensure due diligence is conducted - simply evaluating the benefits versus risks."
There are already several key players providing BYOD solutions, ranging from complete sandboxed access through to more lightweight (but user-friendly) solutions, which are policy-driven. The key issue is to guard against data loss or leakage.
Smith has some practical advice for anyone trying to develop a BYOD policy: "Where any device accesses or stores corporate data, a full risk assessment should be carried out against a variety of threats, and appropriate mitigations put in place. This could include anti-malware, encryption, passcodes, remote wipe, preventing jailbreaking, and sandboxing.
"Invest in a solution such as Good for Enterprise that offers BES (Blackberry Enterprise System)-like functionality to Apple and Android devices, partition all corporate applications and data on devices to restrict the ability to 'cut and copy', enforce eight digit alpha-numeric passwords with a special character and install VMware or Citrix virtual clients on tablets."
An effective BYOD solution will enable you to secure the data, not just the device. With this approach, IT departments need not worry about compromising security in the name of usability.
"All in all, [BYOD] is about being innovative and helping your employees to work better," says Coates. "Employees want to use the devices that they are comfortable with in the workplace. They want to have the same experience at work that they have at home. People are used to using applications now, rather than browser-based solutions. By giving employees what they want, companies will ultimately benefit."