By Jeff Castillo, Country Manager Fortinet Philippines
One of the defining traits of globalization is that it drives ubiquity; not just ubiquity of products, but ubiquity of habits and attitudes, and nowhere is this more obvious than with consumer electronics, applications and use.
Technology manufacturers view the world as a single global market split into individual sales territories, while consumers are increasinglyusing the same social applications, regardless of which society or country they originate from. The iPad user in Japan will be using their device in the same way as their contemporaries in the UK, Argentina, Sweden… So it is hardly surprising that users’ habits, attitudes and expectations are falling into line across the world, regardless of international boundaries, local culture, or regional legislation.
Yet it would appear that the world of enterprise lags some way behind the user and is all-too-often inadequately prepared for BYOD. And with a whole raft of new connected devices emerging, this situation is set to only become more serious.
A recent Fortinet survey of Generation Y users has revealed the extent to which international attitudes to own-device use in the workplace is levelling out between users, while corporate approaches to management and security are out-of-step. Conducted across 20 countries, the survey of 3,200 employees aged 21-32 showed that over the last year there has been a strong upward trend in the overall number who view BYOD as something that empowers them in the workplace, from 26% in 2012 to 45% in 2013.
Clearly, BYOD has become common practice around the world, with adoption assisted either through a complete lack of policy from employers (51%), or, to a lesser extent, company policy that authorises and adequately manages own-device use (32%). The latter is of course the most desirable. If BYOD is a growing reality of modern life, it makes sense to manage it well.
Globally, just 19% of companies have policies in place that prevent own-device use in the workplace. Apart from being commercially disadvantageous in many cases, this negative response is also undermined by a strong tendency for users to contravene company policy. Over half (51%) of users surveyed admitted they would contravene policy banning the use of personal devices at work or for work purposes.
This last statistic is worrying, and highlights the degree to which user attitudes and corporate attitudes are misaligned. The ideal scenario would be one where BYOD is accommodated and well managed and where users do not feel a need to act in a way that is contrary to the company’s wishes or security. Only then would the attitudes and expectations of users and business be in harmony, and for the benefit of both.
On closer analysis, the survey also reveals the degree to which disparity of attitudes differs around the world, with some countries, and indeed industry sectors having a more mature approach to BYOD than others.
India leads the way with 76% of users stating their employers had BYOD policies in place. However, India also has a higher-than-average number (34%) for which the policy prohibits own-device use. But while not perfect, at least the Indian market has recognised the scale and potential impact of BYOD and has been conscientious in its approach. This contrasts dramatically with South Korea where 61% of organisation do not have a BYOD policy and where just 10% prohibit BYOD use. The country’s own government has in the past highlighted the problem it has with cybercrime, but with such a lax approach to BYOD use, it is hardly surprising the problem exists.
Perhaps unsurprisingly, banking and finance, IT and telecoms and manufacturing are the sectors that lead the way with regards to having a mature and conscientious approach to BYOD. These are the only sectors where having a policy allowing the use of personal devices is more commonplace than having no policy at all or having a strict prevention policy. But considering the extremely sensitive nature of the data these industries deal in, it is to be expected that they would have a more mature approach to BYOD. By contrast, agriculture/fisheries/forestry and media/publishing/broadcasting have the most lax approach, with no policy in place being common.
The emerging challenge facing the world of enterprise is not just one of bringing their approach to BYOD up to speed so it more closely matches the attitudes of users, but of thinking about the future evolution of BYOD and new connected devices and user habits. With 50% of users surveyed agreeing that new devices such as Google Glass, smart-watches and even connected cars will find a place in the work environment, the threats to the corporate network will only become more complex. The BYOD headache will not go away soon.
The Fortinet Survey is a stark reminder to organizations that own-device use is a tsunami that cannot be stopped, and subsequent potentially devastating waves created by new devices will follow. Increasingly BYOD needs to be approached from a network perspective if the organisation is to effectively and safely integrate it into the daily work processes. This can be achieved by implementing policies, authentication and control at the user level. By accepting the inevitability of BYOD and recognising its evolving nature, and by putting policies in place to manage it, BYOD can be a far less problematic factor of the modern working environment.