How to Resolve the BYOD Stand-Off between Employees and IT

young couple using a digital tablet

by VPNHaus | 04/27/2015 |Endpoint Management, Mobile


"Try to please everyone, and you'll end up pleasing no one."

This is one of those classic, ubiquitous statements that can apply to any number of situations.

Take the Bring-Your-Own-Device (BYOD) trend. To the employees whose jobs are made easier and more convenient by BYOD, the appeal of these initiatives is obvious. That’s why demand for BYOD is expected to increase by 25 percent between 2014 and 2019, driven by the consumerization of IT and increased mobile data speeds that meet enterprise-acceptable levels.

Yet, on the other side of the spectrum, are the IT departments tasked with enforcing BYOD security frameworks. The same things that employees see as beneficial about BYOD – convenience and freedom of choice – are exactly what make IT departments so fearful.

The two groups are fundamentally at odds.

Users want, and demand, access to a broad range of personal mobile devices in the workplace. They want to be able to safely access work files on their phones while on-the-go and work from their homes on their personal laptops.

Meanwhile, IT departments are tasked with protecting network security at all costs, and that means they are the ones who have to say "no," and who have to restrict the technology employees are permitted to use in the workplace.

That's how BYOD "pleases no one" – users are frustrated by what they perceive to be restrictions on free use, while IT feels like it’s constantly engaged in an uphill fight against employees who frequently, both purposely and unwittingly, violate best practices around secure remote access VPN and BYOD.

It’s the classic case of unstoppable force (in this case, the consumerization of IT) meets immovable object (IT administrators and their policies). Both groups are at a stand-off, and neither is willing to yield or be flexible.

That is, until one or both groups take drastic measures and force the other one’s hand.

The Workarounds

The way users get around BYOD policies, and defy orders from IT departments, is through rebellion and workarounds. One of the most alarming recent examples of this involves recently-resigned U.S. Ambassador Scott Gration, who, while serving in Kenya, took some extreme, unconventional steps.

According to a report, "[Gration] ordered a commercial Internet connection installed in his embassy office bathroom so he could work there on a laptop not connected to the State Department’s email system." Simultaneously, he essentially staged a coup, wresting control of all information management practices from the assigned staff.

In working off the grid and requiring his staff to do the same, Gration – an "end user from hell," as Ars Technica put it – didn't just violate every remote access best practice. He also blatantly ran afoul of federal regulations. For employees, he's the perfect example of "what not to do".

The lesson here is obvious. Gration had little interest in following State Department policy and expressed – loudly – his disdain for the existing information management staff. In this case, all the fault lies with the employee, who was also the leader.

But it isn't always this way. Often, employees could have perfectly legitimate suggestions for ways to improve BYOD policies without creating undue risk across the network, yet the IT department decides to flex its muscle and balk at the idea. This can happen. As AT&T wrote on its Networking Exchange blog, "IT departments are often guilty of overstating the associated security concerns – whether to satisfy a need for control or out of a disproportionate fear of risk."

And that gets to the real core of the problem. The conflict has less to do with the technology itself, and more to do with human behavior.

A Human Problem or a Technology Problem?

As Dark Reading wrote, most of the intra-organizational conflict over BYOD can be traced back to the issue of "enterprise control vs. user autonomy," to the struggle between unyielding IT departments and users eager to make their 9-to-5 lives easier.

To be successful, a BYOD initiative requires flexibility from both people and technology. IT departments need to build secure IT and remote access infrastructure that is flexible enough to accommodate any new devices and operating systems users may introduce into the workplace, and users have to remain flexible to the shifting requirements handed down by the IT department.

To learn more about how NCP engineering helps organizations achieve fast, secure remote access, and always-on reliability, join us in Las Vegas for Interop Las Vegas, April 27 to May 1. Stop by our booth, #1254, to hear more about our recent agreement with wholesale technology distributor Tech Data, which will bring remote access VPN to SMB solution providers.

Remote Access VPNs For Dummies


Remote Access VPN For Dummies</em>, we cover:

- The full VPN landscape, including hybrid IPsec/SSL VPN solutions
- The evolution of remote access VPN
- How to provide users with secure remote access
- How to simplify remote access VPN and reduce costs

Download Now

Remote Access VPN For Dummies</em>, we cover:

- The full VPN landscape, including hybrid IPsec/SSL VPN solutions
- The evolution of remote access VPN
- How to provide users with secure remote access
- How to simplify remote access VPN and reduce costs

Download Now

This website uses cookies

We use cookies to personalize content and analyze access to our website. You can find further information in our data protection policy.