Most organisations would shudder at the thought of allowing employees to use their personal mobile devices for work.

That would mean reducing the total control they now exercise over the devices that staff can use for work purposes. Employers would also need to invest resources to support a wider pool of devices and, more importantly, in ensuring that the data they hold remains secure.

Yet, a recent study by IT virtualisation vendor VMware found that the Bring Your Own Device, or BYOD, trend is here to stay. Eighty-eightper cent of respondents said they take their own mobile devices to work and half of them use such devices for work-related purposes.

By 2015, 55 per cent of all devices used for business purposes will be owned by employees rather than by corporations, according to estimates by technology consultancy IDC.

BYOD proponents say that letting staff use personal devices for work could boost productivity and make workers more happy.

Mr Ian Song, a research manager with IDC Asia-Pacific, said: "If I need to be at a meeting on the other side of the island, I can use my own iPad to take part in the conference and look at the work slides using WebEx." WebEx is a conferencing tool.

VMware's study found that two-thirds of respondents said they work more efficiently using their own gadgets. More than half said they were less stressed doing so and over two-thirds claimed they were happier this way.

IDC's Mr Song cautioned that using personal devices to access corporate information may breach a company's existing IT policies. "But people are doing it anyway," he added.

So, organisations that don't deal with this will face severe security threats. "Existing IT policies will also become irrelevant because people are bypassing them," he said.

These BYOD employees, said industry experts, are most likely to be younger and tech-savvy.

Fortinet, a network security vendor, which surveyed more than 3,800 respondents, found that Gen Y workers (who are 21 to 31 years old) considered using their devices at work as a right, not a privilege.

At Temasek Polytechnic's School of Informatics and IT, students have been using their own devices since April to access programming tools and other software that they need to complete their assignments.

The software is delivered via applications known as virtual desktops that students can use on their personal laptops and tablet computers. So they need not go to the school's computer labs to work on their projects.

Mr Lim Boon Teck, who manages the school's infrastructure systems and technology, said: "More students are bringing their own laptops to school. Some even use their own iPads to review programming codes."

As the virtual desktops are run from the school's data centre, if a student loses his own equipment, all the data put at risk is his own, MrLim said.

To advocate the use of virtual desktops among lecturers and students, the school conducted information sessions and started a self-service portal run by students to help users resolve technical problems.

Now that it has proven to be a success, the school is thinking of rolling out the initiative to students elsewhere in the polytechnic, as well as to the staff there, which numbers about 1,200.

Still, BYOD is not for everyone because it can be difficult to manage, said Mr Song Chuang, a research director with technology consultancy Gartner.

He said: "The key consideration is really the fundamental value proposition. Why does the enterprise want to allow access from personal devices? Is that proposition superior to simply buying everyone a mobile device?"

Fundamentally, Mr Chuang said, people are most likely moving towards a world where they take the tools needed for their jobs to the workplace, instead of expecting to be provided with every single tool.

BYOD POLICY COVERAGE

The BYOD policy needs to include a list of personal devices that are allowed, so that employees know what they can use.

The policy is also an agreement with the employees that ensures they hand over some control of their personal devices while they gain authorised access to enterprise data.

Security guidelines may require that personal devices be managed with mobile device management software.

Other aspects include requiring staff to:

  • Report a lost device promptly;
  • Grant the employer the right to wipe the entire device including personal data; and
  • Surrender the device for e-discovery or other legal purposes.

The policy should also cover money matters, such as subsidies and the amount of roaming usage allowed, said Gartner's MrChuang.

Aaron Tan is an infocomm professional

Brought to you by HP and Intel®