Every six months, an employee at electrical contractor Rosendin Electric will walk into CIO Sam Lamonica's office in San Jose with a question: "How come I can't use my own phone for work?"
Rosendin Electric has thousands of employees, hundreds of smartphones, more than 400 iPads and a few Microsoft Surface tablets — none are Bring Your Own Devices.
"We would probably never have a BYOD environment here," Lamonica says.
Lamonica isn't alone, either. There's a growing BYOD backlash among CIOs that threatens to derail the once-high-flying computing trend. For instance, CompTIA's spring survey of 400 IT and business executives found that 51 percent of respondents at large companies are not doing BYOD at all.
BYOD is a natural extension to consumer tech invading businesses: a convenience for employees tired of carrying around different devices for work and personal uses, but a headache for security-minded CIOs forced to follow the whims of a workforce with greater influence over technology purchases.
Ironically, it's exactly the kind of poor choices employees might make — along with the underlying security risks involved in those decisions — that has Lamonica blocking BYOD. In other words, he can't trust his employees to be smart about technology devices, apps and cloud services.
"We have a user base that might not, in a lot of cases, make the right choices," Lamonica says.
Marble Security Labs analyzed 1.2 million iOS and Android apps and found that business information is inadequately protected by consumer apps on BYODs.
Attackers have found ways to publish malicious apps or to attack mobile users over SMS or through compromised Wi-Fi hotspots on both platforms, Marble Security says. Moreover, iOS threats such as hostile configuration profiles, unencrypted email attachments and backup hijacking present new opportunities for hackers.]
With company-owned devices instead of employee-owned devices, Lamonica says he can better manage and secure them. He wraps mobile device management software from MobileIron around tablets and smartphones and remotely wipes lost or stolen devices without having to worry about an employee's expectations of privacy, because, well, there isn't any.
Rosendin Electric also gets volume discounts from wireless carriers, while avoiding the BYOD baggage of expense-reimbursement hidden costs, taxable paycheck stipends, or credits on wireless bills.
Personal Touch Without Buying Into BYOD
Despite his tough stance on BYOD, Lamonica does allow employees to use certain lifestyle apps and store personal photos on company-owned tablets (although the company reserves the right to wipe them). With MobileIron, Lamonica can separate and contain business apps and data from personal apps and data. The company also helps employees set up an iTunes account, including buying them a $50 iTunes card.
By being able to personalize company-owned iPads, employees out in the field tend to treat them as prized possessions. The breakage rate for iPads at construction sites is surprisingly low, Lamonica says.
Sign up for MIS Asia eNewsletters.