About six years ago I started to look at the options to introduce “Bring your own device” thinking into my then employer, the global marketing agency Imagination. It shows how quickly the world moves, because this was just before the BYOD moniker came into fashion and certainly before any of the big technology vendors had turned it into a marketing campaign. We explored the idea in terms of giving staff a stipend with which they would be free to choose what technology they would acquire, but it never really went much beyond a thought experiment. The big flaw for us was that, as a design-focused organisation, we had a large proportion of MacOS/Adobe Creative Suite users, and we couldn’t see a way to make the latter’s expensive, client-installed, licensing model work in a BYOD context.
There was, however, a broader pattern that we developed which was that at core, no business application should rely on anything other than access through an Internet-connected browser. We didn’t get there quite, but with the introduction at the time of Google Apps, we started to make strong steps in that direction.
Recently I’ve been having conversations with one of my clients that have made me think that, six years on, BYOD is still something that is seen as something to be “enabled” around the edges of corporate technology. But what if the principal became “Bring Any Device”? That you designed the way that you delivered services within your organisation on the principle that they should be being accessed from any device by any authorised user. That security should be placed exclusively not on the devices that people use but the services that they consume. Like, say the Internet.
For the most part (and with notable exceptions every so often) the consumer Internet that we mostly all rely on these days shows that this model can work, and can work at scale. If corporate technology infrastructure was designed with the idea that everything should be accessible via the open Internet, other costs would slip away. Every lock down and customization of a device in a corporate environment adds long-term cost. Every security measure in place to reduce risk might just be making new invisible risks (you know – I can’t use the corporate system so I’ll do it on Dropbox instead to, like, get my job done).
This kind of approach still puts the willies up so many involved in delivering corporate technology. “Look at Moonpig!” they might say. Well, for every Moonpig, there’s a Sony Pictures…
Just before Christmas my wife’s corporate-build laptop went pop. An encrypted hard drive meant that the device was unrecoverable. As an emergency back-up she set up for webmail and limited Intranet access on my relatively vanilla Windows 8.1 laptop at home. Three pieces of proprietary software were needed to be installed onto my pristine, unfettered by corporate bloatware device to get web access to some files. Three pieces of proprietary software that I have no idea about their provenance, and are now polluting my personal device.
That’s not BYOD, that’s “Take control of other people’s devices and make them little outposts of our corporate domain”. And that’s a kludgy model that’s not at all unusual, and ultimately is costing those corporates dearly in terms of both systems support and lost opportunity for more flexible working.