According to four Booz & Co. authors, in an article ("Friendly Takeover: The Consumerization of Corporate IT") in the Booz publication Information Technology Foresight, "The dikes built by corporate IT departments to protect their companies from the outside world...and to restrict employees from the distractions of the Internet are springing ever-larger leaks." Employees, especially younger, Web savvy ones, are demanding the right to use new devices to do their jobs. Refusing to do so, the authors say, "is not a winning strategy," since it can lead to a loss of employee morale, loyalty and innovation.
The authors go even further, "The efforts of corporate IT departments to maintain perimeter security by exerting tight control over their networks is ultimately doomed to failure. Instead, CIOs must get ahead of the consumerization curve by coming to terms with what is valuable and productive about the influence of consumer IT on corporations and then devising strategies to make it work."
But IT needs a plan before embarking on a new approach to corporate IT. The authors see two approaches to the integration of consumer IT:
- "Bring in" strategy - involves opening corporate IT to private use. Employees are given a wide degree of individual choice about the devices they can use and corporate policies regarding use of the Web and corporate applications are loosened. Employees can configure their own working environment and install private applications on their devices.
- "Reach out" strategy - involves allowing employees to use their personal devices to do their work. Virtual machines or virtual clients are installed on employee-owned PCs to provide the corporate computing environment that is needed. Control is maintained by installing low-level hypervisors on all hardware. (The authors note that vendors are starting to address this with solutions based on virtualization technology, such as MokaFivePlayer.)
Of course, there are risks involved in making a shift to a more open consumer model, most notably security, productivity, legal and compliance issues, and potentially higher costs and complexity. Employees too must be made aware of the risks they could face, such as legal liability for violation of licenses or copyrights.
The authors provide a helpful tool to help IT assess their company's readiness to start down the road of consumer IT and a model to help choose the right approach for your organization. They also recommend testing any approach out with a pilot program.
Citrix Australia did just that to test the value of employee-owned computers. The pilot involved 300 employees, each was given a stipend of $2,100 to buy a computer and pay for a mandatory 3-year service agreement (half choose PCs, half picked Macs). A virtual private network provided access to the corporate environment. The results were strong: costs to maintain computers were minimal, attrition rate of computers declined, and employees were more productive than their peers.
Whatever course your organization takes it is worth remembering that over time, more and more computer savvy employees will join your organization and they will expect an open environment that gives them choice and allows them to integrate their work and personal lives in more ways. According to Gartner, by the middle of 2010, 15 percent of workers will use employee-owned notebooks as their primary device at work.
As the Booz authors note, "Companies that don't make the move face a future in which employees will do it stealthily, using their own consumer devices to get their work done, with no input from management at all." Now that's not a pretty picture at all.