In the last 10 years or more BYOD (bring your own device) has become common in all but the most highly regulated of industries e.g. HIPAA compliant hospitals. While BYOD policies govern the use of an employee’s device requiring security measures are put in place to protect the company if the device is lost or stolen, these policies do not cover how the data on the device is used, managed or shared.
What is most worrying are the issues surrounding high risk exposure to malware and viruses, data security implications, and the potential for employee misuse. Forty percent of IT departments believe that company data is leaking because of file sharing apps like Dropbox, Evernote, Skype and Google Drive being used without company knowledge. A worrying 46% of IT departments are not confident in their own mobile security systems effectiveness to protect company data.
What is BYOA and why are employees doing it?
Bring Your Own App (BYOA) is an emerging trend, BYOA means that employees using their own mobile or laptop devices use third party applications to carry out their work. These applications can be from an app store such as the Android Marketplace, Google Play Store or iTunes or could be a cloud-based service. These third party apps are not chosen by the organization for completion of the work but rather identified and download by the employee.
As building apps has become easier and information such as Android and Google SDK is freely available, for some organizations BYOA can also mean employees who building their own apps.
Why are employees adopting rogue apps?
The rise of the ‘app culture’ brought about by the popularity and prevalence of Apple and Android devices has seen an increasing number of employees using their own apps for work purposes and want to bring new innovative ideas and technology trends into the organization.
Some employees (41%) do not believe that the tools their company provides actually meets their needs and 75% of IT teams within an organization acknowledge that they are delivering outdated enterprise tools.
How can internal communicators enable the organization to overcome the issue of rogue apps?
Facilitate a cross-functional approach
As connectors, communicators and facilitators, internal communicators are best placed in the organization to open dialogue between employees and departments to ascertain the specific needs from an employee ease of use perspective and communicate the organization’s need for data security and governance. Through greater understanding of employees usage and technology preferences, it is possible to examine how to manage them in order to protect company data.
Once this understanding of employee needs and the organization’s security needs are in place, it is possible to set out an organization-wide governance program that is fit for purpose. Clearly outline to employees what information is approved and not approved to be stored outside of the organization’s internal systems.
Many consumer facing apps such as Evernote offer an admin console for enterprise users. By formalizing relationships with app providers it is possible for sign in procedures and security protocols and integrations to be put in place.
Creating a directory of approved apps
Some organizations have already created a directory of approved apps, making the directory freely available to all employees using the company intranet. The objective here is to make it easy for employees to find applications and reduce the likelihood of employees using unapproved apps.
Gartner estimates that by 2017, 25% of organizations will have their own enterprise app store. Organizations that want to retain more control of mobile device adoption choose to implement enterprise apps, enterprise apps can boost work productivity by over 34%. The majority of employees (⅗) use apps for work related activities currently and on an even more niche level, a quarter of employees are using department specific enterprise apps.
Embrace BYOA – it is here to stay
Applications from the app stores to cloud-based apps are a great opportunity for the organization to keep up with emerging technology trends and keep their security and IT architecture from becoming outdated and stale. The recognition of what BYOA can do for the organization in terms of cost savings and productivity improvement should be clearly communicated throughout the organization. It is through internal communication campaigns, it is possible to ensure that the BYOA culture in the organization is something that is seen to be embraced rather than something to hide and can work to prevent employees from going rogue in the future.