In the past, we often said that the IT department drove technology adoption, but this has changed significantly in recent years. The consumerization of IT has transformed this culture, with users who are the first to access advanced technologies now expecting to bring them into the workplace. Thus, Bring Your Own Device (BYOD) emerged as a response to this trend.
What Is Bring Your Own Device (BYOD)?
BYOD refers to Bring Your Own Device, which encompasses Bring Your Own Computer (BYOC), Bring Your Own Laptop (BYOL), Bring Your Own Apps (BYOA), and Bring Your Own PC (BYOPC). The devices involved include smartphones, personal computers, tablets, and even applications.
BYOD allows employees to access the company’s internal network, log in to their accounts, access corporate email, and retrieve internal enterprise information using their personal devices.
Why Is BYOD So Important?
The driving force behind BYOD is a new breed of self-sufficient employees, all of whom own personal computers, tablets, and smartphones. In comparison, the mobile devices held by employees are typically newer and more advanced than the standardized office equipment provided by companies. Therefore, it is no surprise that people wish to use their own ultra-light laptops, tablets, and large-screen smartphones for work. Of course, utilizing company-standardized hardware and software programs facilitates corporate management and control.
In 2013, Ovum initiated a study surveying 4,371 full-time employees across 19 countries. The results revealed that 68.8% of employees used smartphones for work purposes, while 15.4% engaged in such practices without their employers’ knowledge. Richard Absalom, an analyst at Ovum, stated that the Bring Your Own Device (BYOD) trend is unstoppable, and attempts to hinder business mobilization are both detrimental and futile. The most critical factor is to clearly recognize the benefits and risks associated with BYOD.
Advantages of BYOD
◆ Enhance Work Efficiency
Employee mobile devices are typically updated rapidly and feature advanced capabilities, eliminating the need to carry multiple devices. Compared with uniformly issued corporate equipment, Bring Your Own Device (BYOD) enables employees to access required information more quickly and conveniently. Freed from reliance on company-provided hardware, employees can handle tasks anytime and anywhere. Moreover, their familiarity with their personal devices often allows them to complete work more effectively and efficiently.
◆ Reduce corporate expenses
BYOD completely shifts consumer expenses to users, i.e., company employees, including hardware costs, voice and data service fees, and other related expenses. Meanwhile, the company is not responsible for the costs of maintaining or updating employees’ devices, allowing the company to save a significant amount of money—approximately $80 per employee per month. You might expect that employees would be unwilling to pay for their personal devices used for work; however, in fact, the Good Technology State of BYOD report shows that 50% of enterprises operating under the BYOD model require employees to cover all such costs, and this approach has gained employee approval.
◆ Enhance Employee Satisfaction
Employees are clearly fond of their personally owned mobile devices, willingly investing time and effort in them. Allowing them to use these preferred devices for work, rather than relying on the company-provided, outdated and cumbersome computers, will significantly enhance employee satisfaction.
Risks of BYOD
Although BYOD enables employees to handle work matters anytime and anywhere, it also introduces significant risks.
◆ Corporate Information Security Issues
BYOD can lead to information leakage. For instance, employees may use smartphones to access the company’s internal network; however, if a device is lost, untrusted third parties could retrieve any residual data stored on it. When employees resign and leave the company, they are not required to surrender their personal devices, meaning corporate applications and other data remain accessible through those phones. Other common scenarios include family members sharing devices and children accidentally sending erroneous emails. The security of personal devices cannot be guaranteed, which may result in financial losses and data breaches. Furthermore, due to relatively weaker security protections, personal devices are more susceptible to attacks by hackers, viruses, and malware. Therefore, although adopting BYOD can save companies significant costs, maintaining a network compatible with various employee-owned devices will incur higher expenses.
◆ User Privacy Concerns
With information security incidents occurring frequently, the IT security department seeks to monitor employees’ personal devices to ensure they are engaged in work-related tasks, which raises a series of privacy concerns. Enterprises need to employ an efficient management system to track employee workflows, including device location, current usage status, and installed applications. The challenge for businesses lies in monitoring activities on employees’ personally owned devices—specifically those related to work, rather than all activities.
◆ Inaccessible Network Infrastructure
As employees begin to access the corporate network simultaneously from multiple devices, many enterprises lack the large-scale network infrastructure to support this shift. With personal mobile devices becoming primary work tools, employees naturally expect the same access speeds as before. Therefore, scalability and capacity of network infrastructure are critical for businesses.
BYOD and the Healthcare Industry
Approximately 70% of IT professionals and physicians have begun using mobile devices to access electronic health records (EHRs), with Gartner predicting that 500 million people would use wireless healthcare applications by 2015. Many IT professionals in the healthcare sector envision the future trend of Bring Your Own Device (BYOD) as enabling remote access to hospital office automation (OA) systems, sending and receiving emails, viewing schedules, conducting mobile ward rounds, accessing medical records in real time, issuing medical orders, holding ad-hoc case consultations, participating in multi-party audio and video conferences, and connecting to internal hospital learning platforms.
However, while BYOD offers numerous conveniences, it also introduces potential risks. Unlike in corporate settings—where only employees can access the corporate network, such access is granted through enterprise-managed devices, and most employees merely read emails without handling sensitive corporate data—BYOD in healthcare institutions involves accessing sensitive information such as patient medical records, clinical histories, and physician orders and prescriptions.
A study by Cisco reveals that 90% of U.S. healthcare employees use their personal smartphones for work, and 40% do not set a passcode on their devices. Among them, 51% connect to public Wi-Fi hotspots, which could potentially lead to data breaches. Therefore, data security remains the top priority for BYOD (Bring Your Own Device) applications in the healthcare sector.
BYOD is an unstoppable trend in mobile health. So, how should we respond? In fact, all it takes is to follow these steps:
Implement Mobile Device Management (MDM)
Ensure Data Security with Mobile File Management (MFM)
Regularly review cybersecurity issues
Conduct Employee Training to Effectively Address Security Threats
Develop Emergency Contingency Strategies
By Zhou Yanxun | Edited by Mo Renying