BYOD Policies Poised to Grow Rapidly

September, 2013

More than one-third of IT organizations in the U.S. and Canada now have bring-your-own device policies, which could be just the beginning for the fast-rising IT management practice that enables employees to use their own smartphones, tablets, or PCs to access corporate networks and applications.

The practice is one of 24 profiled in the Computer Economics IT Management Best Practices 2013/2014 study. Figure 62 from the study shows that 12% of IT organizations are fully implementing BYOD policies currently and another 25% are partially engaged with the practice. (BYOD is fully practiced when the policy covers all employees. It is partially practiced when the policy only covers some employees or is allowed on a case-by-case basis.) As IT management practices go, the 37% adoption rate is relatively low and the study classifies the practice as immature.

BestPrac Fig 621 - BYOD Policies Poised to Grow Rapidly

However, as more and more companies deploy mobile applications, IT organizations are considering BYOD policies to avoid requiring employees to carry two smartphones, one for business and another for personal use. Another factor that will drive the practice in the future is virtual desktop deployment, which is already prompting some adopters to enable employees to use their own laptops to access desktops in the cloud.

IT organizations are still wrestling with security, support, and other issues surrounding the growing use of consumer devices to conduct business. The study found that 18% of IT organizations were in the process of implementing BYOD policies, having made the decision to move forward with adoption, while another 32% of the organizations were considering adoption. With half of all organizations at the implementation or consideration stages, the practice is poised to grow rapidly over the next few years.

There were 142 IT organizations with operations in the U.S. and Canada that participated in the IT Management Best Practices study during the first half of 2013. The study, now in its ninth year, analyzes the relative maturity of each IT management best practice along with the adoption rate and practice level for each practice by organization size and industry sector. The practices in the study are as follows:

  • IT governance practices: IT strategic planning, use of an IT executive committee, IT project portfolio management, and use of IT change control board.
  • IT financial management practices: IT personnel cost accounting, IT service cost accounting, IT chargeback, showing back of IT expenses, and benchmarking IT spending.
  •  IT operational management practices:  Enterprise architecture, IT Infrastructure Library (ITIL), use of a project management office (PMO), use of an IT asset management system, BYOD policy, post-implementation audits, user satisfaction surveying, and publishing IT performance metrics.
  • IT security and risk management practices: Having formal security policies, auditing compliance with IT security policies, data classification, automated password policy enforcement, security incident management, disaster recovery planning, and periodic testing of disaster recovery plan.

This study is designed to increase the awareness of IT leaders concerning what are best practices in IT management, provide benchmarks against which an IT organization can compare its own adoption and practice level, and justify investments to improve an organization’s IT management practices.

This Research Byte is a brief overview of our report on this subject, IT Management Best Practices 2013-2014.  The full report is available at no charge for Computer Economics clients, or it may be purchased by non-clients directly from our website (click for pricing).