Can your businesses increase productivity and save money by implementing a Bring your own Computer (BYOC) program? Are there benefits in giving staff a free choice of PC technology (be that a Windows, Mac, Linux, or other devices – perhaps even an iPad) if you give them a cash allowance to purchase and use their own PC for company and personal use? Are there pitfalls?
When Citrix introduced a BYOC program their vision was to “embrace consumerism in the workplace by delivering employees a simple, ubiquitous access experience, whether at the office, at home, or on the road regardless of their computing device.”. They had two goals – which essentially form the business case for their BYOC model
1) Reduce the cost of supplying IT equipment – Citrix wanted the cost of managing its employee-purchased devices to be at least 20% less than the cost of managing Citrix-owned devices. With Citrix IT no longer to be responsible for the procurement, management, and support of these devices, Citrix state they succeeded in this objective.
2) To increase productivity – because the so-called ‘millennials’, ‘echo boomers’, ‘generation next’, or ‘generation Y’ (all loose terms generally used to describe people aged between 18 and 35 years old) have different expectations around the use of devices, a BYOC program helps your organisation provide a service to attract and retain employees.
What would be involved in enabling BYOC?
A BYOC program is more than simply asking users to bring their own device to work, connecting it to the network, and installing their applications. It would need to include
- Desktop virtualization: You need to deliver applications and desktops environments to unmanaged devices. Using a centralised desktop virtualization solution such as Presentation Virtualisation or Hosted Virtual desktops will deliver cost effective results but this will require a network connection. For users that can’t be guaranteed a network connection, client hyper-visors will need to be considered.
- Virtual Private Network: User’s personal devices are un-trusted, even if you stipulate that they enable anti-virus and personal firewalls. VPNs are not new as a technology to give remote workers, contractors, etc. access to corporate resources. To ensure the integrity of you corporate network, BYOC devices should never connect directly to the LAN and should be considered ‘external’ even if physically in the building. BYOC require that the technology more broadly in order to keep corporate networks secure.
- License Provision the device may belong to the employee and may have its own operating system license. Nevertheless, if you are hosting virtual machines and applications that will run on that device, you will need still need to manage access to applications and the use of those licenses. For example, many Microsoft applications, including Microsoft Office™, Project™ and Visio™, are licensed on a per-device basis. This means a desktop application license is required for each device that is able to access the application. This requires more consideration when applications are installed centrally (such as with Desktop Virtualisation) and accessed in a variety of ways or delivered to a range of devices.
- Two Factor Authentication if the device is the user’s own device it is likely they are not the only user of the device, or that the device will be used (or left unattended) in a variety of insecure environments. Two factor authentication to services that the user connects to are essential to validate that only the authorised user is using this device to access your services remotely.
- Data Loss Prevention devices are relatively inexpensive – the greatest asset to your organisation is your data. When providing remote access services tools should be used to protect unauthorised access to data. Ensure that confidential company information can never be saved without being encrypted or audited when stored on remote devices be that by saving to a USB drive connected to a user’s device or as data stored in a virtual machine hosted on the user’s device’s. If data is stored on remote the device – how is it backed up?
- Provision of a Device.
Will BYOC Reduce the Cost of Supplying IT Equipment?
We all know a Finance Director who would welcome the cost savings of a skipped hardware refresh. Citrix claim they saved 20% on the cost of managing devices.
Obviously, your users would be up in arms at having to pay that themselves, so there’ll have to be some scheme whereby they’re given responsibility for their own device budget. Citrix gave each participant $2100. However bear in mind you will have to manage this scheme – which is administration cost; you now can’t negotiate any bulk discounts, so each individual device is likely more expensive; and indeed who is responsible for maintenance?
If a work laptop fails, the company is responsible for replacing it and maintaining it. If it a user’s own device? Citrix relied on the user having a maintenance contract. But if the user’s maintenance contract requires the device be sent away – that user is unproductive while the laptop is broken. Regardless of the tax implications of being given money to have a device that may not be primarily used for work, regardless of the compliance of the device to meet local Health and safety rules – have you addressed the issue of what happens when their laptop fails and that user is no longer able to work. Do you supply a replacement device? If your sales directors’ kid installs trashes the laptop – is it up to the organisation to get that Director back up and running. The Sales Director? The kid?
If you have services in place to support desktop virtualisation and automated delivery the management costs to maintain end devices are reduced. The cost of an individual device in this is relatively small – smaller if you can standardise the device model. Potentially you have reduced the IT departments input on laptop purchasing – but there is still an administrative cost to manage the scheme. Moreover, if the user is responsible for their own device – have you now hidden the cost of managing that individual device, which is now the user’s responsibility, which in turn equates to lost productivity?
Will BYOC Increase Productivity?
A BYOC program can helping make “mobile workers” and “hot deskateers” “happy”. Millenials will be drawn to your organisation. To be fair, this statement is not going to impress many finance directors. It is very difficult to measure against a success that is translated into a cost saving, or a ROI.
Indeed, it has been argued that there is no business advantage in the assumption that millennials have such a strong choice in their employment options. Issues like “what type of operating system they use”, or “what device they work on” are not a significant decision factors in whether or not to accept a job offer or, that having such a facility will make users more productive. In the article Is BYOPC Really Key to Attracting Millennials evidence is given to support the argument that no organization should be looking to BYOC simply to attract and retain staff from the echo boom generation.
Is BYOC it Really a New Model?
BYOC is fundamentally using a non-corporate device to access your corporate network. This is not a new facility. Citrix’s XenApp product was promoted providing access ‘anytime, anywhere’ (as long as you had a network connection). Citrix is not unique in offering this service – desktop virtualization products from the likes of 2x, Ericom, ProPalms, Systancia, Quest all enable non-corporate devices to securely access your business network. If you need off-line access – products such as MokaFive’s LivePC, VirtualComputer’s NxTop or VMware‘s ACE all provide functionality to host and manage virtual instances of your corporate workspace on a non-corporate device.
Will BYOC Reinvent the Corporate PC?
BYOC is a model for device acquisition. Possibly it is an over complex service, arguably difficult to justify in terms of increasing productivity and as a lure for your next generation of staff.
However, look under the cover and BYOC is fundamentally about rethinking how users gain access to their workspace. Possibly you’ve allowed access to services using a VPN and a managing and maintaining PCs in users homes or providing dedicated laptops: home working may be expensive to administer and maintain and so only available to a few users.
Yet, the concept of ‘use an untrusted device’ relies on well-managed virtualised desktop service and secured access and data management. If these services are available, do you need to supply and maintain devices as many remote devices?
In his Appsense 2010 Predictions, Martin Ingram Appsense‘s VP of Strategy stated that while concept of BYOC is attractive, in reality, what is more likely is the use of desktop virtualization in HAPC (Home Access PC). Desktop virtualisation is can be readily extended out of the corporate network. This means employees are able to use their own home PC for work use out of hours, or should they need to work from home and keep their work PC at the office. If users are able to work at home – why supply them a personal device at all?
If users are able to access their workspaces securely from home, from more simple roaming devices, or from other organisations you increase their productivity. If users don’t need to come into the office as often, can you reduce the floor space needed for desks. If you have the capability for home-working, that can be factored into business continuity, allowing users to be productive if, for whatever reason, they cannot make it into the office.
Can your businesses increase productivity and save money by implementing a Bring your own Computer (BYOC) program? No – without a desktop, or application, virtualization. Are there benefits in giving staff a free choice of PC technology? It is unlikely to have a direct impact on its own.
Yet, with desktop virtualization, there is a benefit in extending access to workspaces outside of your network, utilising the fact that users can have secure access to be productive from non-corporate devices when they need it, where they need it.