A growing backlash threatens to thwart the BYOD movement. To illustrate the trend, the CIO of a large electrical contractor explains why his company will 'never have a BYOD environment.' Every six months, an employee at electrical contractor Rosendin Electric walks into CIO Sam Lamonica’s office in San Jose with a question: “How come I can’t use my own phone for work?” Rosendin Electric has thousands of employees, hundreds of smartphones, more than 400 iPads and a few Microsoft Surface tablets — none are Bring Your Own Devices. “We would probably never have a BYOD environment here,” Lamonica says. Lamonica isn’t alone, either. There’s a growing BYOD backlash among CIOs that threatens to derail the once-high-flying computing trend. For instance, CompTIA’s spring survey of 400 IT and business executives found that 51 percent of respondents at large companies are not doing BYOD at all. [Related: What Is Going Wrong with BYOD?] BYOD is a natural extension to consumer tech invading businesses: a convenience for employees tired of carrying around different devices for work and personal uses, but a headache for security-minded CIOs forced to follow the whims of a workforce with greater influence over technology purchases. Ironically, it’s exactly the kind of poor choices employees might make — along with the underlying security risks involved in those decisions — that has Lamonica blocking BYOD. In other words, he can’t trust his employees to be smart about technology devices, apps and cloud services. “We have a user base that might not, in a lot of cases, make the right choices,” Lamonica says. Marble Security Labs analyzed 1.2 million iOS and Android apps and found that business information is inadequately protected by consumer apps on BYODs. Attackers have found ways to publish malicious apps or to attack mobile users over SMS or through compromised Wi-Fi hotspots on both platforms, Marble Security says. Moreover, iOS threats such as hostile configuration profiles, unencrypted email attachments and backup hijacking present new opportunities for hackers. [Related: 12 Big BYOD Predictions for 2014] With company-owned devices instead of employee-owned devices, Lamonica says he can better manage and secure them. He wraps mobile device management software from MobileIron around tablets and smartphones and remotely wipes lost or stolen devices without having to worry about an employee’s expectation of privacy, because, well, there isn’t any. Rosendin Electric also gets volume discounts from wireless carriers, while avoiding the BYOD baggage of expense-reimbursement hidden costs, taxable paycheck stipends, or credits on wireless bills. Personal Touch Without Buying Into BYOD Despite his tough stance on BYOD, Lamonica does allow employees to use certain lifestyle apps and store personal photos on company-owned tablets (although the company reserves the right to wipe them). With MobileIron, Lamonica can separate and contain business apps and data from personal apps and data. The company also helps employees set up an iTunes account, including buying them a $50 iTunes card. By being able to personalize company-owned iPads, employees out in the field tend to treat them as prized possessions. The breakage rate for iPads at construction sites is surprisingly low, Lamonica says. [Related: How BYOD Puts Everyone at Legal Risk] However, company-owned devices that allow personal apps open the door to security risks, such as sensitive company data ending up in a personal Dropbox account and not the corporate-standard Box account. MobileIron’s capability to encrypt data before it gets into a Dropbox account helps blunt the risk. Rosendin Electric also helped build Dropbox’s data center and thus leverages its relationship to minimize exposure. Employees Can Choose, but CIO Controls “Do we have some shadow IT Dropbox accounts out there? Yeah, we do,” Lamonica says, adding, “We cozy up to Dropbox and ask them, ‘How many accounts of ours do you have out there?'” Lamonica can ask these kinds of questions. After all, Rosendin Electric has a right to know what’s running on its devices. By keeping BYOD at bay, Lamonica enjoys these and other advantages. It’s something even early BYOD adopters are beginning to miss. “Many of my colleagues and fellow CIOs started out with a BYOD policy and are now converting back to CYOD, or ‘Choose Your Own Device,'” Lamonica says. “That’s where you pick it out, and we buy it.” And, more importantly, the company controls it. Tom Kaneshige covers Apple, BYOD and Consumerization of IT for CIO.com. Follow Tom on Twitter @kaneshige. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn. Email Tom at tkaneshige@cio.com Related content feature 5G ready or 5G really? Industry CIOs face hard truths about private 5G Some enterprises are building private 5G networks for their industrial environments, only to find they have to initially settle for 4G service. So what is private 5G ready for, and what can it really do? By Peter Sayer Jun 06, 2023 8 mins CIO Network Appliances Network Switches opinion 5 tips for startup partnership success Corporate venture investments provide IT leaders with new engines for IT innovation, broader networks for emerging opportunities, fuel for in-house transformation, and improved career prospects — if done right. By Isaac Sacolick Jun 06, 2023 8 mins Startups Digital Transformation IT Strategy feature 14 organizations that support LGBTQ+ tech workers Offering networking, mentorship, and career development opportunities, these 14 professional orgs foster community for LGBTQ+ workers in an industry that isn’t always welcoming. By Sarah K. White Jun 06, 2023 9 mins Diversity and Inclusion brandpost ChatGPT and Your Organisation: How to Monitor Usage and Be More Aware of Security Risks By Hayley Salyer Jun 05, 2023 7 mins Chatbots Artificial Intelligence Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe