The consumerization of IT, meaning the use of consumer services and devices in the workplace, has in recent years accelerated worldwide.  Employees are using services, such as social media, as well as consumer devices like laptops, mobile phones, and tablets in the workplace – a phenomenon known as Bring Your Own Device (BYOD).  With BYOD employees are allowed – and sometimes encouraged – to bring their personally-owned devices to work and use those devices to access company resources, such as files and applications. For many organizations, embracing BYOD can help businesses improve productivity, as well as reduce costs associated with deploying and supporting company-issued assets. At same time, BYOD also comes with management and security concerns.

Our Trust in Computing survey, conducted in nine countries for Microsoft by comScore found that BYOD has gained wide acceptance in several countries, with 78% of organizations allowing employees to bring their own computers to the office for work purposes, and 31% subsidizing purchases of employee-owned computers for work use.   There were some interesting variations among the nine countries surveyed.  For example, Chinese companies were the most likely (86%) to allow BYOD, and Japanese companies the least likely (30%).

 

Other interesting findings in the research were:

  • The increase in BYOD adoption is resulting in more organizations allowing employees (50% worldwide) to ‘customize’ their devices.
  • Worldwide, 50% of companies provide employees with a mobile device; 25% allow employees to bring their own mobile devices and access corporate resources; and 26% bar non-issued mobile devices from accessing company resources.

More information on the results from part one of the Trust in Computing study can be found here

While BYOD may increase employee satisfaction and productivity, it also comes with security implications, as IT departments can lose some of the control they have traditionally exercised over managed resources.  There are frequent reports of sensitive customer or employee data being compromised as a result of a laptop being taken from an unlocked car, or company data being compromised by an employee misplacing a smartphone. IT administrators need to have BYOD policies in place to protect data no matter where it resides—even on devices that aren’t owned or managed by the company. 

Recognizing the benefits of BYOD, Microsoft has designed our products and services with BYOD-friendly policies in mind.  We offer detailed guidance for enterprises, and specific guidance for administrators of  Windows networks below:

  • Join BYOD devices to the domain. If your organization allows users to connect their BYOD devices running Windows 8 to your network, you can use the offline domain join process (Djoin.exe) in Windows 8 to join computers to the domain without requiring users to connect to the intranet. You can learn more about this process in the article Offline Domain Join (Djoin.exe) Step-by-Step Guide.
  • Manage computer and user settings by using Group Policy. With end users’ BYOD devices running Windows 8 joined to the domain, you can enforce computer and user settings on them by using Group Policy. Learn about the functional improvements to Group Policy in the article What's New in Group Policy. Additionally, Windows 8 offers many new policy settings that you can use to manage BYOD devices, and we have updated the Group Policy Settings Reference to include them.
  • Control which Windows Store apps users can install by using AppLocker. On BYOD devices running Windows 8 Enterprise, AppLocker enables you to allow or block an app based on its file path, hash, or properties that persist across application updates (e.g., publisher name, product name, file name, and file version). For more information about AppLocker, see the AppLocker Overview.
  • Manage non-Windows devices using VDI.  Microsoft offers technologies which enable management and security across disparate kinds of consumer devices. For devices that cannot provide the full Windows 8 experience and security, you can use a virtual desktop infrastructure (VDI)-based strategy to enable secure access to a server-hosted, Windows-based desktop. This approach is the most effective one for non-Windows portable computers and slates.

The Trust in Computing survey was designed to help measure current levels of trust in technology products and services in terms of security and privacy; and to identify where concerns may be slowing down technology adoption.  comScore surveyed 4,500 consumers, IT professionals, and developers in  including Brazil, Canada, China, Germany, India, Japan, Russia, the United Kingdom, and the United States.  For more on the results from part one of this study, I encourage you to download the information here

Tim Rains
Director
Trustworthy Computing