back to article BYOD might be a hipster honeypot but it's rarely worth the extra hassle

I have a confession: I've fallen out of love with Bring Your Own Device. Over the years, I've worked with, and administered, a number of BYOD schemes. I've even written positive things about BYOD. After all, what was not to love? Users providing the mobile equipment and the company not needing to worry about maintaining the …

  1. Nick Ryan Silver badge

    Just four years ago, Gartner reckoned by 2017 half of employers would be leaning on staff to supply their own smartphones or tablets.

    ...and there's the crux of it. A gartner report paid for by pushers of software to "manage" third party devices in a corporate environment.

    <sarcasm>Not that any of us with any experience were in a position to predict that in general BYOD was a waste of time and money and only shifted the accounting focus from one area to another while savaging network and data security. Oh wait, we did. </sarcasm>

    For many organisations BYOD was/is acceptable for mobile devices - partly because they are more locked down and isolatable than a PC but also because many users do not want to carry two devices, and often two chargers, around with them. However on the PC front it was pretty much a non-starter from the off and while as is life, there will be a few examples of it working there will be a lot more where it won't or can't.

    1. big_D Silver badge

      My current employer doesn't do BYOD. Most project managers run around with 2 phones in their pockets.

      The standard phones are iPhone 5S, probably switching to a 6 shortly or a Samsung Galaxy S6 (I think this is switching to an S7) or a Huawei P8...

      No personal notebooks or PCs allowed on the network etc.

      It is too much of a headache and most people don't have the first clue about technology - most people I know have a 6 or 7 year old PC or a 5 or 6 year old iPad or Samsung Galaxy tablet at home. They don't care about keeping it up to date, security is an alien term...

      It might work in a high-tech company, but in "normal" companies, it just isn't worth thinking about.

    2. Blank Reg

      I don't know anyone with any relevant experience who thought BYOD was anything other than stupid. It was a dumb idea that was probably pushed by clueless bean counters trying to get millions of dollars of rapidly depreciating devices off their books.

      1. Ken Hagan Gold badge

        "I don't know anyone with any relevant experience who thought BYOD was anything other than stupid."

        Also, interestingly, nearly everyone *did* have relevant experience because, let's be honest, how many IT staff have not at some point been asked by "the boss" to hook their latest shiny to the company network.

        Apparently Gartner are the only people on the planet who didn't know this. Colour me surprised.

      2. Anonymous Coward
        Anonymous Coward

        and....

        ...clueless digital directors who talk bollocks but consistently get away with talking bollocks.

    3. Robert Moore
      Megaphone

      Just four years ago, Garner reckoned by 2017 half of employers would be leaning on staff to supply their own smartphones or tablets.

      Repeat after me:

      Gartner is ALWAYS wrong.

      Gartner is ALWAYS wrong.

      Gartner is ALWAYS wrong.

      GARTNER IS ALWAYS WRONG!!!!!.

      1. boatsman

        gartner is always wrong..... and a track record to proove it.....

        ---199x the mainframe will disappear in 5 yrs time : NOT

        --- 1999 : gartner says the datacenter is going to be windows only : NOT

        --- 2002 gartner says windows server will dominate the internet NOT

        --- 2003 private datacenters will disappear in the next 5 yrs NOT

        -- 201x the cloud will be 30% of spending in 5 years NOT ( it's at 1.5% at the moment )

        and so on, and so on......

      2. RatX

        I'd like to expand on this - you can pretty much substantiate any view you like with Gartner data. Yet corporate fatheads lap up the results of their "studies" as if they are guaranteed the truth, rather than sponsored shilling.

    4. Anonymous Coward
      Anonymous Coward

      " <sarcasm>Not that any of us with any experience were in a position to predict that in general BYOD was a waste of time and money and only shifted the accounting focus from one area to another while savaging network and data security. Oh wait, we did. </sarcasm> "

      Yup. I used to work for Logica, and I remember management touting the idea of BYOD several times. Fortunately, enough of the guys who had risen up the ranks in the support side of things could rattle off an estimate off the top of their heads as to how much it would cost client-facing teams in lost time, how many bids we'd be likely to stuff up in a given year due to technical failures etc etc.

  2. Anonymous Coward
    Meh

    And that's why ladies and gentlemen....

    ...us veterans of IT refuse to listen to bullshit bingo.

    Next year, why cloud is not better than on prem ...when you suddenly find the latest version of locked in Office no longer talks to the latest version of your payroll system; and your sales system has broken a key feature of your sales teams functionality, because "only a small number of people were using this feature, we discontinued it and replaced with super-duper confusing, over spec'd, Chrome only release (also to be ceased in 2 years time)"

    1. big_D Silver badge

      Re: And that's why ladies and gentlemen....

      Exactly, and you have 200 people sitting at the end of a 10mbps bit of string, but connected locally with gigabit Ethernet with a 70gbps central backbone and a 10gbps between buildings.

      Keeping as much of that traffic as possible on the 70gbps backbone keeps your workers a lot more efficient than makes them all share 10mbps.

  3. Khaptain Silver badge

    If you don't own it

    If you don't own it, you can't control it, if you can't control it, it will eventually control you....

  4. Anonymous Coward
    Anonymous Coward

    No hassle here.

    Company with over 1000 employees, and use MobileIron platform, and insist on Android (not iOS), and rollout has been painless and works really well. As our entire platform is Android (as most of the world is Android), we don't have any app compatibility headaches, and we can lock out really old Android devices that aren't patched to at least a reasonable level. No security issues, no app issues, no support issues, it just works, and saved us massive amounts of resources/money/frustration/training that we used to suffer. Users are happy, management are happy, IT are happy.

    1. Anonymous Coward
      Anonymous Coward

      Re: hassle here.

      use MobileIron platform...Users are happy, management are happy, IT are happy.

      Yeah, I been a lucky user, having that POS "Mobileiron" foisted on me. Not in a BYOD environment, but even so the blasted software regularly required user setup taking half an hour a time (and a complete start to finish repeat when half the time the setup didn't work), which across a large organisation is a vast waste of staff time, the regular updates are disruptive, and not infrequently bugger up user settings and then screw the network connectivity.

      Maybe your 1,000 employees are happy, but I can find you 8,000 who aren't. Of course, it doesn't help when IT departments compound this concept of making connectivity difficult for users, and adopt their own bean-counting mentality, and buy cheap, crap low end handsets (eg Sammy J3) that then struggle with the software, or they buy "on paper" competent phones that nobody in the real world would ever spend their own money on (a big shout out to Microsoft there).

      1. Randy Hudson

        S9E1: Foisted!

        1. ikec

          Shoulda been lampin'...

    2. Paul Crawford Silver badge

      Re: No hassle here.

      "As our entire platform is Android (as most of the world is Android), we don't have any app compatibility headaches, and we can lock out really old Android devices that aren't patched to at least a reasonable level"

      So its your kit then? Employees are free to buy whatever they want for themselves to use and keep it as long as they feel its worth using, and if its not compatible then you provide an alternative?

      So how is this BYOD?

      1. c1ue

        Re: No hassle here.

        The original poster is talking about adding a service which is used to manage BYOD. MobileIron sticks a couple of servers between users and the core network.

        Or in other words, an outsourced BYOD policy and security maintenance program.

        Agree on the original sentiment - it isn't really BYOD if you're forcing users out of "using whatever they want".

        The original poster also talked only about mobile - which is odd. Apparently an app only company somehow.

        Also agree that patch control, other security, IT support and so forth makes BYOD a nightmare.

    3. Amos1

      Re: No hassle here.

      Wow, I didn't know managers read El Reg.

      1. chivo243 Silver badge
        Facepalm

        Re: No hassle here.

        @Amos1

        "Wow, I didn't know managers read El Reg."

        They do what now? Even the comments?

    4. Anonymous Coward
      Anonymous Coward

      Re: No hassle here.

      Company with over 1000 employees, and use MobileIron platform, and insist on Android (not iOS), and rollout has been painless and works really well.

      This isn't a BYOD solution. It doesnt solve the issues discussed (laptops, desktops, macbooks etc).

      Did you read the article?

      1. PickledAardvark

        Re: No hassle here.

        "This isn't a BYOD solution. It doesnt solve the issues discussed (laptops, desktops, macbooks etc)."

        Universities have operated a policy of Connect Your Crap (CYC) for donkeys years. UK ISPs grew up around 1992/1993 when universities recognised that TCP/IP rather than Coloured Books was the future. If we ignore dial up connections, universities have operated CYC for 25 years using different filtering methods. It has been great for staff and students to control experiments or to check the state of a batch job or find out the day of the week.

        Universities don't intentionally allow any fool employee to plug into an ethernet socket but IT departments recognise their imperfections. There are idiot managed devices on university networks -- mostly on the public side away from anything that matters. University IT staff punch huge security holes to make it easy to work from home.

        Understanding that suspect devices will turn up inside a network is part of the defence. You can't assume to keep all out -- most, perhaps. The concept of Demilitarised Zones (DMZs) gets silly if the most valuable targets in your organisation walk around with laptops which they use with hotel wi-fi and then plug into your network.

        Mobile Device Management software may help -- unless it becomes a bigger target.

        Your choices are to act like a nuclear power station and to own 100% the relationship with computer devices. Or to understand that mobile devices are threats and opportunities, and there's naff all you can do about it other than to do a good job.

        1. Anonymous Coward
          Anonymous Coward

          Re: No hassle here.

          Ah University, where people learn what it is like to get your laptop screwed over by malware 30 seconds after being connected.

        2. Orv Silver badge

          Re: No hassle here.

          At the universities I've worked for, the distinction between the "public" and "private" side of the network is pretty blurry. Mostly corporate network admins would be absolutely horrified. By long custom the networks are nearly wide open, with only very minimal packet filtering. (When you have dozens of independently-managed departments all wanting to do their own thing, locking down the border with a strict firewall is not likely to go over well.) Generally they use pretty extensive network monitoring systems to detect misbehavior, and null-route infected PCs until they're fixed. Dorm networks get particularly careful attention here.

      2. Midnight

        Re: No hassle here.

        This isn't a BYOD solution. It doesnt solve the issues discussed (laptops, desktops, macbooks etc).

        Did you read the article?

        I thought you knew. The comments section switched to a Bring Your Own Article policy several months ago. It adds a little bit of administrative overhead and may have some minor impact on the coherency of comments, but we feel that it makes the users happier in the long run.

    5. Jonathan 27

      Yeah...

      There is no way I'd install MobileIron's crapware on my personal phone. If my employer told me that, I'd ask them when they'd be issuing me a company phone.

      1. Anonymous Coward
        Anonymous Coward

        Re: Yeah...

        We give employees an allowance to buy their own phone, in exchange for doing so, we install MobileIron. It's a 2 way deal, and the employees are generally very happy. They get free wifi at work, access to theri calendar, messaging, we push one app, that's all, and have a policy they they use a lockscreen. We can wipe the device if it's gets lost/stolen.

        MobileIron is not a fixed thing, we have taken a moderate approach to how it's used, and not used some of it's more draconian policies, and as such, don't really have any problems at all with it. Saying I had it once and it was crap, it like saying all cars are crap, as you had a Ford Fiesta when you were 17 and it rotted out after a couple of years.

        1. Anonymous Coward
          Anonymous Coward

          Re: Yeah...

          We have a policy that allows the whole device to be wiped when we leave the firm. That's why I use a burner for work.

    6. boatsman

      Re: No hassle here. .... over here it was..

      a nightmare to implement, and it takes an entire team to run and maintain and costs a ton.

      handing out a bunch of locked down company kit would've been a lot cheaper.

    7. CustardGannet
      Stop

      Re: No hassle here.

      No security issues, no app issues, no support issues... Users are happy, management are happy, IT are happy

      ...pigs are fuelled and ready for take-off.

  5. jake Silver badge

    Break Your Own Defenses

    At least it does what it advertises.

    1. Amos1

      Re: Break Your Own Defenses

      Bring Your Own Disaster. Of course, corporate-owned isn't much better:

      Scene 1: User reports they lost their phone with corporate data on it. You remotely wipe it.

      Scene 2: User finds it a week later right where they left it. User screams loud and long because they lost Baby's First Birthday Party pictures.

      Scene 3: No one reports a lost device in a timely manner ever again.

      1. Paul Crawford Silver badge

        Re: Break Your Own Defenses

        There is a simple fix for that, as its a corporate device you practice a monthly test of wipe-reinstall so only corporate synced data remains long-term. And you TELL the users this will happen and send a reminder a day or so before the appointed test cycle.

        As a useful side-effect, you know the remote wipe works, and the phone is unlikely to fall over due to it being stuffed with cat videos (insert your own entendre about "pussy or cougar?").

        1. Anonymous Coward
          Anonymous Coward

          Re: Break Your Own Defenses

          "There is a simple fix for that, as its a corporate device you practice a monthly test of wipe-reinstall so only corporate synced data remains long-term. "

          But it's not a corporate device. It's a private device. That's the whole point of BYOD.

          1. Paul Crawford Silver badge

            Re: Break Your Own Defenses

            "But it's not a corporate device. It's a private device. That's the whole point of BYOD."

            Apologies if not clear, but I was responding to the assertion from Amos1 that "Of course, corporate-owned isn't much better"

        2. imanidiot Silver badge
          Alert

          Re: Break Your Own Defenses

          ^What Paul Crawford said^. Corporate data should not be on a private phone. The reverse should also be true. If you haven't removed those pics from your corporate phone that's YOUR fault, not the companies.

  6. pavel.petrman

    Bring your own attack vector.

    I believe I've read this correct definition here on the register some time ago and have been using it as the correct term ever since - to much nodding of system and network admins everywhere.

  7. SVV

    Why stop there?

    Once you've got peole to accept that they must spend the money you pay them to buy a device to do their work on, the possibility to take this idea further opens up. First up you could try BYOS (Buy your own stationery), and progress towards BYODAC (Buy your own desk and chair). Hell, some of these beardie suckers you wrote about might even fall for RYOOS (Rent your own office space) if you can convince them that you're the hippest, newest thing in town.

    To summarise article : money you save getting the fools who work for you to buy the kit they need for work will be offset by money it costs to handle all the different brands, OS versions, customisations, etc. Who would have thought that providing standard kit for everyone with standard configurations might work out cheaper?

    1. Anonymous Coward
      Anonymous Coward

      Re: Why stop there?

      @RVV - "RYOOS (Rent your own office space)"

      El-Reg is a head of the curve here, I swear this is what the Aussie hacks do already!!

    2. DavCrav

      Re: Why stop there?

      We're just been told we have to BYOBL: bring your own bin liners. And then empty our own rubbish bins.

    3. jMcPhee

      Re: Why stop there?

      They called it 'telecommuting'. Looks like it's busting, too.

    4. Anonymous Coward
      Anonymous Coward

      Re: Why stop there?

      First up you could try BYOS (Buy your own stationery)

      This does formally happen, and I've seen it at several companies, but not with a formal declaration of BYOS. You just stop people ordering their own stationery from catalogues, and source it all for them, but make sure it's total crap. So paper pads made of paper discarded as too weak by tissue makers, shitty nasty cheap blot-making ball pens, sticky tape that disintegrates before you can get it off the reel, 1950's technology scissors that won't cut paper or string, staplers that can't put a staple through more than five sheets of paper.

      When you've got such cheap, poor quality stationery, nobody steals the sticky tape at Christmas, most people buy themselves decent pens for work, and buy their own Red & Black notebooks.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why stop there?

        A/C, can I have my pen back you nicked off me...I know it's you.

      2. Joe Gurman

        Re: Why stop there?

        What are these "paper," "pens," and "staplers" of which you speak?

        I remember vaguely using such things in the 20th century, but not so much recently.

    5. Laura Kerr

      Re: Why stop there?

      People who really are on the bleeding edge will then go all the way with PYOW (Pay Your Own Wages). That one's gonna be big, I tell ya, huge!

      1. jelabarre59

        Re: Why stop there?

        People who really are on the bleeding edge will then go all the way with PYOW (Pay Your Own Wages). That one's gonna be big, I tell ya, huge!

        I think that's commonly known as a "summer internship".

  8. Anonymous Coward
    Anonymous Coward

    Works for me....

    Here, we are VDI and it works good. We use little thin client linux boxes in the office, and when wfh or traveling can use what we want. When wfh, I have a multi screen pc based set up which I use to actually get work done, and an ancient linux laptop which gets used on warmer, quieter afternoons from the garden. As it's VDI, they both perform pretty much identically. I'm poor / despise apple stuff, but the bearded east london dwellers can do work on their MacBooks in independent coffee shops. When this was introduced, and they took away our lappys, I was most skeptical. But it just works.

    1. BebopWeBop
      Joke

      Re: Works for me....

      I'm poor / despise apple stuff

      correlation or cause?

  9. K
    Coffee/keyboard

    Just four years ago, Gartner reckoned by 2017....

    And if you look back, El Reg was peddling article after article about this - Yet if you read all the comments from the same period, nearly every (clued up) el-reg reader called this bollocks!

    So next time El Reg, rather than referencing Gartner, who we know are charlatans... Listen to the real experts - Your dear readers who are at the coalface, rather than academics and PFY's who can bearly produce stubble!

    1. Anonymous Coward
      Anonymous Coward

      Re: academics and PFY's who can bearly produce stubble!

      I'd have thought bears were quite good at producing stubble ... assuming you ever managed to successfully shave one, that is.

      1. Anonymous Coward
        Anonymous Coward

        Re: academics and PFY's who can bearly produce stubble!

        I'd have thought bears were quite good at producing stubble ... assuming you ever managed to successfully shave one, that is.

        Once it had grown back a bit, the short hair bear would probably look ever so cute? I'll have to drop this in the suggestions box next time I go to a zoo. But you're right, there would be some challenges to shaving the bear. I suppose we could work the other way round - trim and dye a dog to produce something that looks like a short haired bear. The outcome's near enough the same, and the dog would like that attention far more than the bear.

        For those who've not done it, try a Google image search on "dog dyeing". My favourite is the panda-dog. And don't have a mouthful of coffee when that search comes back.

        1. Tim99 Silver badge

          Re: academics and PFY's who can bearly produce stubble!

          A popular Victorian circus/show attraction was the Pig-Faced Lady, reputedly an interbred aristocratic woman. They really were shaved bears. Warning - To avoid possible embarrassment: Do not try an image search for "shaved bear".

          1. Anonymous Coward
            Anonymous Coward

            Re: academics and PFY's who can bearly produce stubble!

            To avoid possible embarrassment: Do not try an image search for "shaved bear".

            From the safety of a home machine, I've tried this, all in the public interest. And Google deliver, lots of picture of shaved bears. Proper, shit-in-the-woods bears that have been given a very close trimming. And I can tell those who choose not to look, that a shaved shit-in-the-woods bear looks just like a small elephant with a lion's head, all dyed black. Heraldic illustrators will be delighted to know that not all of their work is made up. HOWEVER, you're right that there were some images that were of shaved bears of the sort that (probably) don't shit in the woods, and you probably wouldn't want popping up on your work computer.

            As an act of public service, here's a safe link to a reduced hair bear, although the article says that the hair went on holiday of its own accord, without involving any trimming:

            http://latimesblogs.latimes.com/unleashed/2009/11/bizarre-baldness-strikes-female-spectacled-bears-in-leipzig-zoo.html

        2. Ogi

          Re: academics and PFY's who can bearly produce stubble!

          "For those who've not done it, try a Google image search on "dog dyeing". My favourite is the panda-dog. And don't have a mouthful of coffee when that search comes back."

          Yeah I did this. Google "helpfully" thought I misspelled "dyeing" and automatically replaced it with "dying". Never saw a more heart wrenching set of images in one go.

          Moral of the story, use a search engine that actually does what you tell it to, rather than thinking it is smarter than you (because, it almost always isn't). Alas duck duck go is just as "helpful", so need to find a simple, no nonsense search engine, but those no longer seem to exist.

          Saying that, a search for "panda dog" and "tiger dog" did the trick, if you want to see examples of this new fad (I remember a time when they used to dye chicks, and keep them as pets. I think that was the 90s, so these fads seem to come in a cycle).

    2. Anonymous Coward
      Anonymous Coward

      Re: Just four years ago, Gartner reckoned by 2017....

      BYOD is soooooooo last year! All cool kids are doing DevOPS and Machine Learning nowadays!

      1. Jonathan 27

        Re: Just four years ago, Gartner reckoned by 2017....

        Those are really for two different industries. BYOD is an IT thing, there the other two are software development ideas.

        Did I mention my employer is successfully using DevOPS? Machine learning is very much a limited-use, high cost thing. The Amazons and Googles of the world are using that, but not really anyone else.

    3. PickledAardvark

      Re: Just four years ago, Gartner reckoned by 2017....

      A former boss took out a corporate subscription to Gartner. I quickly learned that there are six reports advocating any particular policy and another six telling you why it is bad. If you search hard enough, there's probably a report suggesting that you write a CRM platform in COBOL.

      1. Arthur the cat Silver badge

        Re: Just four years ago, Gartner reckoned by 2017....

        If you search hard enough, there's probably a report suggesting that you write a CRM platform in COBOL.

        Back in the 80s I met a guy who implemented a recursive descent compiler in COBOL-74, which didn't have recursion. He managed the stack as an array of records.

        As for why he did it, his management wanted a DSL for some task, so he knocked up a prototype in lex and yacc. His management then deemed that as they were a COBOL shop and nobody else understood anything Unixy, all code should be in COBOL.

        1. Version 1.0 Silver badge

          Re: Just four years ago, Gartner reckoned by 2017....

          LOL, I wrote an assembler in COBOL on a Perkins Elmer machine for a lark in college.

    4. handleoclast

      Re: Just four years ago, Gartner reckoned by 2017....

      I view Gartner in the same way that I regard the Booker Prize. Both are very useful, but only if you know the correct way to interpret them.

      It is my unfailing experience that if a book wins the Booker then it is absolute drivel. Literary masturbation with no point or purpose except to spunk the author's ego everywhere. In fact, if a book has been nominated for the Booker, it is guaranteed to be shite. It is very likely (but not quite certain) that any author who has ever had a book nominated for the Booker is incapable of writing anything worth reading. The Booker is an indication that not only will you demand a refund of your money after reading the book, you'll demand a refund for the hours of your life that you'll never get back (Salman Rushdie, I'm looking at you).

      As such, the Booker is very useful in helping one to avoid buying a book that is complete and utter shite.

      In the same way, Gartner allows one to spot fucking stupid ideas in IT and avoid them.

  10. Lysenko

    I can't understand why anyone ever thought it was a good idea...

    Bring Your Own Attack Surface was obviously a horrible idea for employers from the start, but why on Earth would employees be in favour of it? Creating a situation where Livestock Control can potentially root around in your personal files without a Court Order? Not just, "no" but "Hell No!".

    1. Just Enough
      Big Brother

      Re: I can't understand why anyone ever thought it was a good idea...

      This is equally my problem with BYOD as an employee. Unless you're going to have separate devices for work and personal use (and who is going to bother with that?) all you are doing is layering your work's business all over the top of your personal business in such a way that where one ends and the other starts is difficult to see.

      Employers, and particularly the self-employed, might be ok with that. It doesn't harm them if their employees are, in effect, never away from their work. But why would an employee agree to that? Especially if the arrangement means that your employer has access, and the right, to all your personal files?

      1. Orv Silver badge

        Re: I can't understand why anyone ever thought it was a good idea...

        If you're in the public sector in the US, you REALLY do not want to be mixing work and personal stuff on any device. Anything you create as part of your job is subject to a Freedom Of Information Act request. This gets really "interesting" when you have to disentangle work email from personal email. And it's doubly painful if the request is of a punitive nature. (e.g., FOIA requests are sometimes used as weapons in divorces, in academia.)

      2. nijam Silver badge

        Re: I can't understand why anyone ever thought it was a good idea...

        > Especially if the arrangement means that your employer has access...

        Yep, took one look at the remote management crapware that "Information Security" mandated for BYOD devices, responded "source code, or it's malware" and waited for an informed response from them. None forthcoming, obviously.

        On the iPhone, their security app demanded access to every HW and OS feature known, despite the company's claim that it didn't use that information. When challenged, their response was basically, "Well, yes, but we promise we'll never look at that information."

        So everyone went back to putting in requisitions for company-funded devices.

        What a surprise.

    2. Anonymous Coward
      Anonymous Coward

      Re: I can't understand why anyone ever thought it was a good idea...

      BYOD, to work would have needed OS designed from ground up for it - basically, two well separated sandboxes, one for work, one for personal data, clear boundaries between them and warning/blocks if and when data or application try to cross them. Trying to bolt on some application to safeguard business data is not the solution.

      From a user perspective I also wan to avoid my personal data to be mixed with my employer ones. I do not want my employer to be able to wipe my devices remotely, or meddle with them anyhow. I'm perfectly happy the day I change my job I just need to give back the devices, and no need for them to look at and clean my personal ones.

      Yes, I need to travel with two phones for work, but that also means that while I'm on vacations I can leave the work phone at home and nobody will trouble me (only a few trusted ones have my personal number for real emergencies), I even refused the option to allow for using the work phone for personal calls, for a nominal fee. My private communications happens only on my private devices.

      Also I need a company laptop to work on site - but they are the right price to pay to keep my personal life fully separated from my actual job, the past ones, and the next ones...

  11. fnusnu

    We call it CAOS

    Connect Any Old Shi... System

  12. UberMunchkin

    Never saw the Attraction

    I never saw the attraction of BYOD. If I give you access to my personal mobile device then you are going to have an expectation that you can contact me whenever you want. That's not going to happen, you want me to have a work mobile then you can give me one and I will turn it off when I'm not at work.

    Same goes for a laptop, if you want to buy one and give it to me to use then cool, if you want me to buy one and then let you control what I do with it. Not a chance.

    1. Pascal Monett Silver badge

      Re: Never saw the Attraction

      Don't forget that BYOD was a Silicon Valley invention, and in typical Sillycon Valley mentality they only thought of what it could theoretically bring in cost reduction, not what it could actually cause in terms of trouble. The fact that Gartner was totally incapable of properly analyzing the situation and didn't even ask any question about the legality issues alone is just typical of an organization that whores itself out to whoever is paying at that time.

      I always hated the notion that, as an employee, I was supposed to provide the hardware I was supposed to work with. I have not seen very many employees embrace the idea either. Where I have seen BYOD implemented was with manager-level types who were initially overjoyed that they could get the latest iThing and bully IT into supporting it. On the other hand, let's not get confused : management will always get their way in the end. BYOD was just a new excuse for it.

      1. Anonymous Coward
        Anonymous Coward

        "BYOD was a Silicon Valley invention"

        Also think about the new data slurping opportunity when the same device is used - your whole life in a single device - a lot of more data correlated easily to the same person! It's much harder to profile people if they stubbornly use separated devices.

        Plus, your employees are chained to you wherever they go. Another SillyCon Valley idea is you have to work long hours for free... what's better than installing the work software on their personal device? No excuses such "I left the laptop at the office", or "I can't access the file"....

        I'm not someone who is not ready to work long hours when there is an effective need - just, like CEOs, I like to be paid for my hard work...

    2. c1ue

      Re: Never saw the Attraction

      Actually, it isn't that hard to understand.

      On the one hand, you have the executive (like our POTUS) who has a device which works for him but isn't standard on the company/government.

      On the other hand, you have the people who must have the latest and greatest iThing.

      And on the gripping hand: people who don't like carrying around 2 cell phones, 2 laptops, etc: one personal, one company.

    3. Kernel

      Re: Never saw the Attraction

      " you want me to have a work mobile then you can give me one and I will turn it off when I'm not at work."

      Exactly this!

      I have a mobile and laptop for work (both provided by my employer) and a laptop and phone for personal use (provided by me, obviously) .

      The weeks that I am not on call the work phone gets turned off as I leave the building and stays that way until I start work the next morning. My employer doesn't know my personal mobile number in general terms - my line manager can go into the HR systems and pull my personal phone numbers, but that has never been done yet and they'd need to have a very good reason for doing so, eg., I'm a support engineer with a major vendor of carrier level telecommunications infrastructure, so a significant failure of a product I support, which was having a national level impact on the country's communications, would qualify - in other words, extremely rare and unlikely.

    4. Mattknz1

      Re: Never saw the Attraction

      The closest my work supplied phone has made it to my house is the glove box of my car, and the only time my personal phone number has ever been given to an employer was on a job application.

      Giving staff a 'free' work phone is nothing more than a cheap bribe to make you available out of hours.

      One of my colleagues has never unplugged his phone from the charger as soon as he found out our employer could ping his location. They may as well given him a desk phone.

  13. Anonymous Coward
    Anonymous Coward

    Just a stupid idea.

    If you can fool an employee to do this, what have you employed? Then again, what does it say about those who set the policy?

    1. Headley_Grange Silver badge

      Re: Just a stupid idea.

      It depends, doesn't it?

      In the case of phones, BYOD makes sense to a lot of employees. I don't want to have to carry two phones, two chargers, two cables, two cases, and potentially have to maintain 2 calendars, 2 ToDo lists, ....etc. with me when I'm out and about or away on business. You might have the luxury of a 9-to-5 job where you can turn off at hometime, but many of us can't or don't want to.

      In the case of PCs, I agree with the sentiment that allowing outside access to my personal files would be a red line for me, but if a client insisted - and the rate was good - I'm sure I could manage it with separate accounts, permissions and partitions. I already have separate work and personal accounts on my PC just to avoid the risk of embarrassment when plugging into screens at client sites.

      1. Anonymous Coward
        Anonymous Coward

        "two phones, two chargers, two cables"

        Someone told you USB cables and chargers work across devices? Even the idiotic Apple can use adapters...

    2. jMcPhee

      Re: Just a stupid idea.

      In 1994, Pointy Hair Boss said "Once you got used to working in cubicles, like gerbils, we knew anything was possible."

      Prophetic.

  14. Piro Silver badge

    BYOD is mostly a load of old bollocks

    .. and has always been.

    That said, nothing wrong with connecting to your work email on a device of your choice. But in terms of managing actual machines to get work done on... BYOD is just going to be a headache.

    1. Anonymous Coward
      Anonymous Coward

      Re: BYOD is mostly a load of old bollocks

      It does seem to be polarised extreme arguments (in an ideal world, a zero users + client devices would be the perfect scenario to most of the systems guys I've known over the years)

      There is indeed some middle ground and I think most people would be happy with BYOD checking in on emails, maybe replying that you're out of the office, also picking up corporate newsletters/announcements, rather than full line of business, transactional and sensitive information which most people are happy to log in to VPN or Direct Access on a corporately owned and managed device.

      ANON because I like my access to the network and have an aversion to overclocked cattle prods

      1. Anonymous Coward
        Anonymous Coward

        Re: BYOD is mostly a load of old bollocks

        but if they have access to emails, unless you can remove all emails and access upon them leaving, you a have all sorts of issues.

  15. Paul Woodhouse

    aye, I'd come to this conclusion about 3 years ago IIRC... and with GDPR on the horizon my mind certainly ain't gonna change...

  16. BebopWeBop
    Headmaster

    and – ahem – reducing or avoiding costs.

    Quite! I am just amazed - continuously, at the inability of accountants to establish cost of ownership and relate that to other desirables (such as response time on failure/toner runout).

    .

    We run a mixed 'shop'. Production and modelling lives on some rather large and beastly (in the best sense of the word) Linux multiprocessor arrays. We run our front end and office on Macs (yah boo hiss I hear a number of commentards mutter) and financially it works well (as does staff happiness). They are not perfect, but cost of ownership has been great - with reasonable security (we tend to some paranoia anyway and most of the array is air gapped). BYOD - you have got to be kidding - our employees (actually mainly partners) and our customers would hang us - for different reasons, but then a hanging is a hanging.

  17. Anonymous Coward
    Anonymous Coward

    Millennials

    Speaking as one of them millennials that seem to be so popular these days, BYOD was never, ever a selling point for us. Not foisting underspecced, trash-tier kit is. Yes, 4GB, 1366x768 thinkpads I'm looking at you.

    I would (and did) take the job that's going to be spending £3-4k outfitting me with the gear I need to do my job effectively over someone who's trying to force that cost onto me.

    The good bits of BYOD should be taken to form a choose-your-own-device approach. Give your staff the flexibility and budget to pick the kit they need rather than force them into a one-size-fits-all bucket.

    1. PickledAardvark

      Re: Millennials

      "I would (and did) take the job that's going to be spending £3-4k outfitting me with the gear I need to do my job effectively..."

      If you weren't doing the job already, what made you qualified to pick the necessary kit? Surely somebody who knows what the job entails should make the first choice? How are you going to feel if your choice is sub-optimal for your work software? Why presume that employers dump junk kit on new starters?

      "The good bits of BYOD should be taken to form a choose-your-own-device approach."

      I'll give you the benefit of the doubt. New starters should be allowed to to pick a configuration from a list of supported devices. If they want to argue about the list, they should tell me about it whilst working unpaid in my test cave as a skivvy, regression testing applications and evaluating shoddy driver packages -- the source of problems which I sort out for special employees and ordinary employees without discrimination.

      1. Anonymous Coward
        Anonymous Coward

        Re: Millennials

        "Why presume that employers dump junk kit on new starters?"

        Because this isn't my first rodeo. 'What does your on-boarding process look like?' is one of my 'Have you got any questions for us..?' interview standards for *exactly* this reason. You can tell a lot about the type of organisation you're potentially joinin by how they handle new joiners.

      2. Anonymous Coward
        Anonymous Coward

        Re: Millennials

        Why is he being unreasonable.

        If it's an approved list and the department "paying" for it is happy for that then what is the issue?

        1. Banksy

          Re: Millennials - CYOD

          Yes, definitely. Always thought CYOD was a better alternative. I think a lot of employees either want some sort of Mac or other people on Windows PC want something above the bottom of the range offerings that companies usually get on bulk purchasing / framework agreements.

  18. jason 7
    Facepalm

    Going back 4 years on the comments...

    I think opinion on BYOD was 50/50.

    Basically anyone with more than 10 years of hard IT support experience on one side saying "fuck that for a game of soldiers...clusterfuck ahoy!"

    And on the other side were the 'kids' wanting to be 'set free and do what the fuck they like'.

    Turned out well in the end then! Ahem...

    I think my comment at the time was how long till companies put electric meters taking 50p pieces on the desks for PYOP!

  19. Charlie Clark Silver badge

    Shift to commodity hardware

    BYOD has more or less arrived: people are bringing their own hardware into the work environment and using it for some stuff. Networks have largely been updated to provide internet capability whilst insulating infrastructure.

    However, the major shift is from PCs to managed consumer devices. As the article points out: if you don't own it, you can't control it. Devices that provide strict separation between business and private environments are needed so that the PC can die and be buried in peace and if someone breaks or loses their device they can be up and running with a new one as quickly as possible. Whether someone has a company device which has some space for them to do their own thing is, of course, important. But the trend is definitely taking some kind of universal device with you and popping it on some kind of dock and doing stuff.

    But the problem is the age old: device versus network?

  20. Anonymous Coward
    Anonymous Coward

    Shame....

    ...our airhead of a digital director can't understand this. All said person thinks about is "cloud" and "BYOD" because said person is a clueless idiot and thinks it will save money. Unfortunately the powers that be don't listen to us in "IT", they listen to that idiot instead. We're just seen as "blockers".

    IT managers/directors are beginning to annoy me more and more and more.

    1. handleoclast
      Coat

      Re: Shame....

      Your director already loves BYOD and Cloud, so tell him about the wonderful benefits of "Bring Your Own Cloud." He'll find the combination irresistable.

      Then laugh when his report about BYOC hits the upper management desks.

      Then cry when upper management buy into it and you have to provide it.

  21. HmmmYes

    A stupid idea by stupid fucking idiots.

    Im OK with read-only data being accessible via employees devices = calendars, new sites, over HTML.

    Writable data ... well, you instantly run into HTML interop hell.

    But the insane idea of having devlopers/content producers write stuff on their onw hard ...?!??!! Ok, so our software people leave, with all the companies source on their harddisk ... How do you get it back?

  22. Anonymous Coward
    Anonymous Coward

    When will....

    ...the hipsters learn?

    You hire someone in "finance" who turns out, without you knowing, to be an "IT whiz". They do it in their spare time but don't want it as a job. They have Truecrypt installed with a hidden encrypted partition. They have all sorts of nasties in there. Once you've confirmed them access to the network, they unecrypt the partition, disable their AV and throw all the junk onto the network.

  23. Daedalus
    Big Brother

    Wot abaht the workers?

    Of course the average drone doesn't get it. By "it" I mean anything. Still they ought to know that by connecting to the company network at any level, they risk having their personal equipment subject to examination or even confiscation by the relevant authorities, be they lawyers, police or even (Thank God not here) the VAT men.

    Which is why I wouldn't even give the company the MAC address of my phone, let alone connect it to any of their multifarious networks, even the so-called "Guest" network.

  24. ecofeco Silver badge

    Some of us have said it for years

    BYOD is a security nightmare. Never mind the expected (no we don't, sorry, fuck right off) support.

  25. Salestard

    You shoulda tried selling it

    Appreciate you chaps in the engine room may have feared the coming of BYOD, but it wasn't exactly a laugh on my side of the fence.

    Was at a mobe operator when RIM shot itself in the foot and the world panicked about what to replace BES with. BYOD suddenly became a thing, and thus working with MobileIron and the laughably named Good became a thing for me.

    It basically boiled down to which platform had the least incapability relative to the customer requirements - propose Good is the customer wanted to completely cripple employee devices and make using the device so painful nobody bothered doing anything remotely, otherwise propose MobileIron on the basis of it being slightly less terrible.

    It was a bizarre exercise - selling something I openly regarded as rubbish, to a guy who agreed with me, to satisfy a policy everyone thought was madness, to save a few quid on heavily subsidised mobe handsets...

    1. Mark 110

      Re: You shoulda tried selling it

      I quite liked Good. I was given a choice of another phone to carry around or set up Good on my own phone and obviously chose the latter. Worked fine. Never had an issue with it.

  26. Joe Gurman

    Well....

    I work for a large-ish US government agency whose name I'm not meant to use on social media (though considering the average El Reg commentard such as myself, perhaps "antisocial" is more appropriate). Our agency CIO recently circulated a draft policy to disallow use of corporate Exchange server e-maill on non-Agency-owned or at least Agency-blessed devices (that is, ones that have been vetted and included in the part of our lengthy security plans that designate every outside IP with which we have "data flows"). I see it as a considerate corporate policy to discourage employees from wasting their non-work hours with reading agency bumf (which describes accurately upward of 90% of all e-mail on the corporate server), but some may view it differently.

    And yes, many people here with Vibrating, Light-up Internet Fondletoys issued by the lowest bidder outsourcing outfit have been carrying those around along with their real phones for a few years. I don't see the point of BYOD for laptops or desktops, but people tend to have a personal relationship with their phones/phablets/fondlelslabs. (Or why else are there such flamewars here about this or that obscure feature of this or that aged device?) There are MDM solutions out there that firewall corporate data from personal, so that only the former can be wiped, but corporate prefers Microsoft's version that's baked into Exchange Server, which for some inexplicable reason simply wipes everything each time some eager toddler exceeds the allowed number of password attempts. Seems silly to me, but I'm only an employee.... and taxpayer.

  27. Eclectic Man Silver badge

    Other issues

    Suppose that the user has some unsavoury aspects to their life, such as pornography, or that their computer gets confiscated by the Police or HMRC in the course of their investigations. They would access the entire storage on the machine, not just the user / owner's personal data. This could compromise client sensitive data.

    Not a fan of BYOD, although I have to say that I wouldn't mind bringing in my own 4K display to run from the company PC, if they came down a bit in price (my eyesight is to what it use to be). Would that count at BYOD?

  28. jason 7

    With the new BDRP...

    ...wont all mobile machines used for that business have to be encrypted?

  29. PNGuinn
    FAIL

    Gartner reckoned.

    Yeah, right.

    Next up:

    "We'll do it all in "the cloud""

  30. Peter Cochrane

    Old Thinking Never Fits a New World

    BYOD works really well in organisations that get rid of all their old security and operational practices such as 'in-house provision' and clock watching management. Almost every hi-tech company I work for is way ahead of the thinking and opinions expressed in this article. BYOD = freedom and greater productivity!

    1. Anonymous Coward
      Anonymous Coward

      Re: Old Thinking Never Fits a New World

      The real high-tech companies don't make apps...

  31. John 104

    So we mandate that the users must have some form of encryption on their devices. For Macs this is pretty easy (just turn it on); it's harder on Windows but still doable.

    Harder on Windows? Only if you are a biased, clueless MAC user. Enable bitlocker. Done. The decryption keys are stored in AD. End of problem.

    As for keeping data on the phone secure, that's easy too. Require encryption on your mail app. Require RBA on documents. Use Office365. Done.

  32. Anonymous Coward
    Anonymous Coward

    Whether formalized or not, end-users will use their environment in interesting ways whether they own the hardware or not.

  33. Flakk
    Coat

    If you didn't have a BYOD programme and the competition did, well, guess where that potential new, hire wearing the chin thatch and lumberjack shirt would choose to work.

    In other news, someone at El Reg has alleged that hipster millennials actually do work.

    Mine is the one with the dog-eared copy of "Yelling at Clouds for Dummies".

  34. Nifty Silver badge

    And the dealbreaker is...

    My companys BYOD phone/tablet rule: An 8 character alphanumeric password enforcement, and it needs to be changed every 3 months. Fingerprint ID not acceptable. VPN profile installed, that's the least issue.

    Been near-universally rejected by the grunts.

    They must be like me:

    1. Password must be easy to enter with 1 thumb. Can the need to change a personal device screen-lock PIN every 3 months be explained, please?

    2. In a domestic eventuality, OH at home or on the road must be able to access the phone, for more reasons than I can list right now. For me the need hasn't actually occurred, but the option must be there.

    All a bit of a pity as certain apps, plus and internal company email and instant messaging, could have been a productivity booster.

  35. Anonymous Coward
    Anonymous Coward

    For a phone, what do you need besides email and calendar?

    I can't imagine being useful to connect to corporate shares or stuff like that, so getting email is all that matters. If your company has Outlook Express, an app like Mail+ on the iPhone (and probably Android) can access your email & calendar without any help from IT (or any ability on their end to wipe your phone, which is a deal breaker as far as I'm concerned!)

    It worked well for me when I've had cause to use it. Being able to access corporate IM would have been handy as well, but not a show stopper.

    Is it really useful to be able to VPN in and access internal web pages? I've never had cause to want to do so, but YMMV.

  36. JamesJFoley

    Like anything, it's all about balance

    Whilst I couldn't agree more with your overall theme (that a policy of BYOD can be more of a cost and hassle than maintaining corporate devices), I don't think anyone advocates an 'all or nothing' approach.

    Just as it would be crazy to expect people to supply their own high-powered graphical workstations (in the architecture or design industry), so too is it crazy to give people a corporate mobile phone when they have a perfectly good one of their own.

    It's horses for courses. If I'm an architect or designer, I'd expect the company to supply me with the best tools to do my job as an architect or designer. In this case, it will be the latest high-power Apple machine or equivalent.

    However, if I'm joining a company and I already own a perfectly good iPhone or Android, then why would I want a second device? Not only is this costly to the company (a 3 year TCO for a smartphone is £1,200 if you include the device, airtime, upgrade, replacement), but it's inconvenient for staff and costly for the environment (these precious metals in todays smartphone aren't without environmental cost). It's even worse if I'm an iPhone user and yet I'm given an Android phone for work (and vice versa), and stupider still if I'm an iPhone user and am given a second iPhone to make and receive work calls.

    What's needed is a damn good solution which enables two numbers on one phone (one personal, one business), so I can make and receive calls for each number on the same device, but for work calls to be automatically charged to the company. In that way, I carry only one phone and yet came make or receive both work and personal calls with ease. One such service is BT smartnumbers, and I'm sure there are other like this.

    So, while a blanket BYOD policy for tablets, laptops, workstations, phones etc doesn't make a lot of sense, it does make sense to target sections of these (such as smartphones) and crafting a BYOD policy just for these.

  37. Lord_Beavis

    I for one like BYOD...

    When the problem is not with the software / resources we supply it is on the user to fix it.

    More time for Pr0n.

  38. JR
    Joke

    BOFH: Mmm, gotta love me some fresh BYOD dog roll

    BYOD Redefined...

    https://www.theregister.co.uk/2015/03/20/bofh_2015_episode_3/

  39. Potemkine! Silver badge

    Love is blindness....

    ... and BYOD is Hell.

    As always, it is all about money: making short term gains by stopping to buy hardware for underlings.

    All the other arguments are marketing shite to sell that nonsense.

  40. BarryL

    Easy ways to connect BYOD

    The author says the alternative of leaving BYOD devices outside the network via a virtual desktop solution is "non-trivial and not cheap."

    There are alternatives to Citrix (both enterprise-class and aimed at SMBs) that are a lot simpler and more affordable to install and configure. For example, Ericom Connect offers an HTML5-based client that runs on any device with a standard modern browser, with no client-side installation or configuration whatsoever - not even plug-ins such as Flash or Java. The arrangement allows employees to be productive without downloading any corporate data onto their personal device ensuring that confidential corporate data files remain secure within the corporate data centre, even if an employee's device is lost or stolen.

    For more information and a 30-day full trial download, visit www.ericom.com/ericom-connect/?URL_ID=a0B2400000GO7YZ

    Please note that I work for Ericom.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like