What businesses must consider before embracing BYOPC

In 2013, a study reported that more than 50% of the Fortune 500 companies would soon allow their employees to use their personal computers for work-related tasks. Since then, we have definitely seen more on this front, especially because a mobile workforce prefers to work on mobile devices. But is it only about their preferences or the convenience BYOPC offers? Are there no business implications? Well, there certainly are – else BYOPC, as a trend, would have died down too, just like so many others. 

According to Duncan Stewart, Director of Research for Technology, Media and Telecommunications at Deloitte Canada, “Because employees are truly bringing their own computer, nothing gets expensed to the company.” So an increasing number of companies are embracing BYOPC, with some going a step further and giving employees allowances to buy work computers.

However, businesses must understand that although they aren’t paying for those computers upfront, there definitely are certain cost implications; and as it turns out, a few privacy and security issues, too, that need to be addressed. As Paul Lee, UK Partner and Global Head of Research for the Technology, Media, and Telecommunications (TMT) industry at Deloitte, cautions, “Although BYOC allows the IT environment to become more flexible, it also increases complexity.” That’s precisely why, businesses must have BYOPC policies in place.

Many organizations already have experience with BYOD policies for smartphones wherein employees access corporate emails through their mobile phones and the company pays for the monthly data and voice plans. When it comes to BYOPC, however, the situation is slightly more complicated. BYOPC lets employees connect their computers to the office network and perform a wide array of tasks. It also allows them to access HR functions, time logs, payroll and the enterprise social network through their personal systems. So it goes without saying that risk factors associated with BYOPC are graver. 

But as most companies rightly believe, given the benefits BYOPC promises, it’s worth the time and effort required to address these problems.

For businesses that employ huge numbers of contract workers, a BYOPC policy can be very beneficial. It makes more sense to let these workers use their own computers instead of giving them laptops for a month or two. Moreover, BYOPC can help companies that are expanding or acquiring other businesses avoid the cost of buying new computers when onboarding an expanding workforce. The BYOPC approach also appeals a lot to technology workers who prefer working with specific kinds of software, hardware and/or operating systems.

However, there’s good reason for businesses to consider all (cost, security and privacy) aspects while framing BYOPC policies. Companies may have to make web versions of some of their enterprise software available, which would have a considerable impact on engineering costs. They might also have to incur costs to enable users to access enterprise functionalities using VPN (communications between the employee’s device and the business systems will also have to be protected). Business must also have network security policies in place  so access can be automated and security protocols enforced.

Dealing with privacy-related issues, on the other hand, can be a little more challenging. Even if employees comply with security policies willingly, they would never want employers to have full access to their personal devices or data. And this can pose a risk if the PC is stolen/lost. So although businesses have the right to protect corporate data, privacy laws may prevent them from, say, wiping the drives on an employee-owned PC. It is, therefore, imperative for businesses to set and enforce policies that clearly define the responsibilities and liabilities of those opting for BYOPC (maintenance, updates, virus protection, etc.)

Having an Acceptable Use Policy, one that specifies the responsibility of the device owner to protect corporate information, can truly make a difference in this regard. Such a policy entails that employees protect personal computers that store business-sensitive data from theft/loss. It also allows IT teams to mitigate risks arising out of employees installing unauthorized apps on PCs that store critical business information.

Moreover, since employee preferences vary, they may bring in PCs of various makes running on different operating systems. Businesses must identify and allow only such makes and operating systems that can be easily configured and offer better management capabilities. However, the only way businesses can enable their employees without raising security concerns in such scenarios is by choosing a UEM solution that’s capable of supporting a wide range of devices as well as operating systems. For example, while most UEM solutions can support Windows devices, a few platforms have the ability to manage Chromebooks.

UEM solutions can help businesses secure and manage all business apps installed on employee-owned devices. They are designed to allow employees to easily access business mails, contacts, apps, intranet, calendar, content repositories – all within encrypted work containers on their devices. UEM solutions can also wipe corporate data stored on personal devices remotely, without touching employees’ personal data and send contextual  alerts to users as and when required. 

However, businesses must choose a robust, scalable solution that can do all of this without adversely affecting employee productivity. 42Gears UEM, with features like data loss prevention (DLP)/enterprise data protection (EDP), mobile application management (MAM), support for multiple platforms (macOS, Windows, Linux and Android) and more, can ensure information safety while enterprises allow their employees the flexibility to bring and work on their own computers.