5 Things You Need to Know about BYO Tech

Two megatrends collided in big IT shops during 2010, and will continue their irresistible force/immovable object dynamic moving into 2011 and beyond, analysts say.

One is the well-ordered, well-established practice of consolidating servers and PCs as much as possible and standardizing on specific manufacturers, form factors and component lists to minimize support, training and replacement costs.

The other is the consumerization of IT, which is having as great an impact on the business world as the PC, LAN or networking revolutions, by putting the interface to almost any IT resource in a business literally in the hands of end users, according to Ian Song, research analyst for IDC.

The demand by end users for access to corporate IT resources using iPads, iPhones and other devices they personally own is one IT has a long tradition of opposing. Opposition wasn’t difficult when the devices were a Blackberry here or a Macintosh there, Song says.

The buzzword for all this — other than consumerization — is Bring Your Own. The name began as Bring Your Own PC, was morphed into BYO Computer when it began to be applied to Mac users bringing in their laptops, and eventually to BYO Device (BYOD).

1. Who owns the hardware?

It depends on what kind of situation it is. The idea of BYOD was first applied to contractors who would work for a company for a set period of time, often working with critical software or sensitive data, and then go on to another assignment, potentially at a competing company, according to Chris Wolf, research vice president for Gartner’s IT Professionals service.

Because contractors often use their own equipment, rather than PCs supplied by the company, many companies were looking for ways to be sure that, when they left, no sensitive data was left on their computers intentionally or otherwise.

More recently, at Citrix, for example, some companies have been offering stipends to let employees buy what they want within certain guidelines. Others, like Intel, give employees guidelines on what will work, and let them buy their own.

Carfax was offering employees interest-free loans for PCs, then switched to a straight stipend.

Most often employee-owned devices are smartphones such as the iPhone or very new devices such as the iPad, which IT may not have had time to react to before employees begin using them.

Employee-owned gear typically involves gadgety things they want to use in their personal lives, but that are powerful enough for business use as well, Song says.

2. Why is it a big deal?

Productivity, cost and power.

The proliferation of highly connected, powerful devices such as tablets and smartphones changed the dynamic in most companies from one in which users make requests and IT denies them, according to Dave Buckholz, principal IT engineer responsible for evaluating new technology at Intel.

BYOD amounts to a recognition that not all end users work in the same way and that making each more productive is worth the effort — and sometimes the cost — of supporting a range of hardware platforms, Buckholz says in an interview with CIO.

According to a survey of 1,100 mobile workers worldwide by enterprise mobility vendor iPass, workers who use mobile devices for both work and personal issues put in 240 more hours per year than those who do not.

That kind of productivity, and the increasing refusal of users to take ‘no’ for an answer, are two reasons Gartner predicts that by 2014, 90 percent of organizations will support corporate applications on devices owned by workers.

Consumerization, virtualization, cloud computing and an increasingly fuzzy boundary between “work” and “personal” time is making it practical for employees to be connected with full access to all their work resources wherever they are, whatever the time of day, according to Mark Bowker, senior analyst for Enterprise Strategy Group.

That fuels the desire of employees to be out of the office and connect with a device that they find pleasant, rather than be chained to a desk or a heavy laptop or other piece of hardware blessed by corporate IT.

“It really changed the way users see IT into more of a partnership,” Buckholz says.

3. Why are BYOD and virtualization always linked?

Desktop virtualization is the technology that makes consumerization and BYOD practical in a corporate environment, Bowker says.

There are two main methods: the first is to let a smartphone or tablet act as a dumb terminal, using a browser to show applications that are running on a server in the data center, sending images of the data to a handheld screen via secure VPN.

The other is to install a hypervisor on the device itself that creates a virtual “work” PC inside another computer owned by the employee. Both the virtual and work PCs believe their operating system is the only one on the machine, and neither can communicate with the other, so sensitive data are protected.

4. What about security?

Security is actually one of the factors holding back adoption of virtual desktops as a whole and highly mobile BYOD plans in particular according to a November study from U.K.-based hosted-desktop provider Molten Technologies.

Server virtualization sales are driven by the desire to save money; desktop virtualization projects are approved on the basis of agility, flexibility and, increasingly, choice, according to the survey.

Security is still the only issue that shows up as one of the top three answers in every vertical industry and every size company in the survey. “People are still worried about it because they haven’t had the time to evaluate the real risks and solutions especially in things like iPads and iPhones,” Song says.

Properly configured, a mobile BYOD device may never house any secure data, but each one is a portal through the company’s security that could be expensive in the direct cost of stolen data and liability cost of having lost a customer’s, Song says.

Truly securing corporate data that will be shared across clouds or in personal devices requires more than just virtualization, though, Wolf says. It requires limits on the kind of information end users can download to insecure devices, what they can do with that data, and where it can go.

5. Do I really have to deal with this?

Almost certainly. If not this year, then next. You may already be in the middle of the trend without realizing it.

A July study by IDC, sponsored by Unisys, found that 95 percent of employees use at least one personally purchased device for work, more than 40 percent use IM or text messaging for work and that twice as many employees report using laptops and other mobile devices than managers thought.

According to IDC, 2011 will be one of “transformation” of IT as organizations try to cut technology costs and consumers demand “a unique and compelling experience with any new purchases.”

Many of those devices will access corporate resources — with or without IT’s permission — using some of the 300,000 mobile apps that have been produced during the past three years for smartphones and tablets.

IDC predicts there will be hundreds of thousands of others, connecting to everything from phones to TVs to corporate virtual-server farms via mobile apps that will show up as the market for them grows from $10.9 billion in 2010 to $76.9 billion in 2014.

They’ll also be connected via broadband wireless and cloud-computing platforms of many types, drastically changing the “IT infrastructure” as it’s been defined until now, according to Yankee Group analyst Zeus Kerravala.

iPhone-heavy corporate applications are already common in healthcare, where HIPAA privacy rules require tight security, and the need by clinicians for efficiency demands automation.

Kraft Foods gives employees a “substantial” stipend to buy equipment they’ll use for work as part of a BYOD program for mobile workers who don’t deal with confidential information.

Follow everything from CIO.com on Twitter @CIOonline.