The consumer is king – even at work. While CTIA de-converges its fall show by shedding the consumer orientation of previous years to focus on enterprise mobile communications including internal productivity, B2B and M2M applications, end users from Joe the Plumber to C-suite executives are increasingly using their same smartphones and tablets for personal and business use.  CTOs are increasingly implementing bring-your-own-device (BYOD) policies which enable employees to select the devices and apps they desire for personal use while preserving corporate control over security and financial liabilities.

BYOD is boosting the ascendancy of iOS and Android devices. Previous preferences for or insistence on RIM’s BlackBerry, with its associated BES infrastructure, has been substantially eroded or eliminated by sheer force of popular demand for iPhones, iPads and Android smartphones enterprise-wide. Microsoft continues to struggle in its attempts to expand significantly beyond the productivity niches it has led for many years with devices for applications such as inventory and field force management.

Floodgates open

IT managers’ initial resistance to allowing employees’ use of the iPhone following launch of the first model in July 2007 was relatively short lived in comparison to the typically long lifecycles prevailing with adoption of new IT infrastructure. Within a couple of years, iPhones became very commonly used in many enterprises as they were brought in through the back door by individual employees. Similarly, the introduction of the iPad in April 2010 was an immediate hit for both personal and business use with many devices soon showing up around meeting tables. This was a remarkable feat, particularly given Apple’s limited presence in the enterprise beyond education and publishing. Former CEO Steve Jobs was renowned for not travelling around to listen to or to woo large enterprise customers, preferring instead to remain in Cupertino perfecting products according to his own views about what would delight consumers.

IT management has succumbed to unstoppable pressure from end users with permission and support for iOS and Android devices. Around half of mobile devices used for work in the US are purchased and expensed–including airtime charges–by individuals rather being paid for directly by employers. Reasons for this include desire to minimize corporate costs, financial risks and liabilities. Enterprise adoption and use has accelerated along with the general rise in popularity for smartphones and the iPad tablet. Momentum has built significantly in the last couple of years. According to Yankee Group research, “IT’s attitude toward consumerization has shifted dramatically in the past year. In mid-2011, 57 percent of IT decision-makers either actively prohibited or discouraged the use of non-sanctioned applications and devices. Just a year later, 60 percent of firms allow employees to use consumer applications and devices in the workplace. In Q3 2011, 26 percent of businesses offered limited or full support for Android; that has jumped to 39 percent today. Corporate-sanctioned support for iPhones jumped from 36 percent in Q3 2011 to 46 percent in Q2 2012.”

The desire to limit IT resource commitments to only one or two mobile platforms has already switched from being an advantage to a disadvantage for RIM. Some corporate and government IT users will remain loyal to RIM’s secure infrastructure with extensive global reach, but the bulk of enterprise IT managers have already switched their priorities, if not their preferences. The Yankee Group research also determined that “fully sanctioned corporate support for BlackBerry” has dropped from 50 percent of companies to 36 percent in above timeframe.

Security alert

Nevertheless, the arrival of all these powerful new devices from outside has caused significant concerns about security and device management. Some of the threats exist with enterprise-provided as well as with BYOD devices. However, the open nature of consumer use, for example, with apps stores and OTT applications make BYOD devices particularly vulnerable.

Important security provisions include: identity and access management that is distinct from that for consumer applications; encryption for data protection over the air and on the device–in case it is stolen or gets left behind on a bus; data loss prevention to stop enterprise applications from sharing data with consumer applications or being synchronized with public cloud services. Capabilities such as remote locking and wiping of corporate data can also reduce security risks. The more heterogeneous nature of BYOD–versus sticking with one or two company-issued devices–also makes general device management including software updates for the OS, public and private applications inherently more complex and tricky.

The relatively closed and well-controlled nature of the Apple ecosystem plays in its favor with IT management. The Android ecosystem is more fragmented and therefore more challenging. This provides an opportunity for the Android devices that are most popular with consumers and most widely available across all major carriers. OEMs can reinforce the positions of leading consumer devices by providing supporting capabilities to enterprises and widespread carrier availability is a boon to IT managers who must accommodate users on a selection of different carrier networks nationwide or worldwide.  For example, the Samsung Approved for Enterprise™ (SAFE™) program provides numerous capabilities including policy control, encryption, synchronization, virtual private network and mobile device management to users of the Galaxy SIII, which is most popular with consumers and available globally on competing national networks in the US and elsewhere.