Like many other government IT leaders, CIO Jon Gjestvang recognized the writing on the wall. Despite being both manageable and secure, BlackBerry devices could no longer serve as the exclusive smartphone platform for Napa County, Calif. It was time to allow employees to access their work e-mail from their iPhones.
"It doesn't make sense for people to carry two devices: one for work and one for personal use," says Gjestvang. "And when it comes to a device for personal use, people demand choice."
That and other factors prompted Napa County to embark on what is popularly known as a "bring your own device" (BYOD) program, says Gjestvang. For instance, users and departments have sought to tap the useful applications available on the iOS and Droid mobile platforms. "People are discovering how useful these apps [are] in their personal lives, so it's only natural that they would want to apply them to their work lives as well," he observes.
Mobile-device security advancements also drove adoption of Napa County's BYOD initiative. In the past, CIOs were extremely concerned about the possibility of sensitive data being compromised as a result of a personal device being lost or stolen. Now, however, mobile-device management solutions can encrypt and quarantine sensitive data on personal devices without impeding the user experience.
The use of personal devices for work raises a number of issues besides security. One is the cost of the monthly wireless bill. When an agency owns the mobile devices its workers use, it also pays the bill for them. But when staffers use their own devices, they also get the bill — and have a reasonable expectation that their employer will cover a portion of the expense.
At Catawba County, N.C., CIO Terry Bledsoe has implemented a tiered stipend system in which employees receive $22 per month for fewer than 450 minutes of usage per month, $34 for 450 to 900 minutes or $39 for more than 900 minutes.
If appropriate, they're also given $17 to defray the cost of their data plan. Employees must show their bill to receive the stipend, and supervisors need to sign off on the usage.
Bledsoe has also developed a BYOD policy document that employees have to sign before they are granted access to county systems from their personal devices. The document commits workers to using a password to protect the device and to immediately inform the county if the device is lost or stolen. The policy also stipulates that in such an event, the device memory will be remotely wiped, including all personal content.
"It's important for everyone to have a clear understanding of the responsibilities and expectations associated with our BYOD initiative," says Bledsoe. "So if you have any family photos on your phone and you want to protect them for posterity, you better save them somewhere else."
Harold Tuck, CIO for San Diego County, Calif., points out that e-discovery should also be addressed in a BYOD policy. "If we receive a request under the Freedom of Information Act, and that request involves data that might reside on a user's personal device, that user will have to surrender their device temporarily so we can comply."
Tuck adds that labor agreements preclude government IT organizations from unilaterally mandating BYOD policies. "We have to hand off our proposed policy to HR, which will then negotiate the policy as they would anything else that has job impact," he explains.
42% Percentage of employees who have purchased and pay for their own smartphones
SOURCE: "Mobilemania Sweeps the Enterprise" (iPass, November 2011)
Pat Phelan, a research vice president at Gartner, advises IT leaders to carefully consider how they are going to support BYOD users. "IT executives often think that they can simply limit their technical support for BYOD users to work-related issues," she notes. "But if a problem with an app that isn't work-related interferes with your employee's productivity, it's still a problem for the agency."
IT organizations reduce their support exposure by limiting the number of mobile platforms they are supporting under their BYOD program. Some, for example, allow only specific version numbers of certain platforms. Others avoid certain platforms completely.
Despite these challenges, there are plenty of upsides that make BYOD a net win for government agencies. Mobile users are more productive and tap technology more aggressively to deliver better services to constituents. They're also more prepared to respond to crisis situations 24x7.
"Smartphones and tablets provide anywhere, anytime capabilities that are extremely compelling for all kinds of county employees — especially first responders," declares Catawba County's Bledsoe. "If we save even one life because of BYOD, it was well worth the investment."
BYOD isn't just a security, support and billing challenge. It is also a harbinger of major changes taking place in the nature of work.
"BYOD raises fundamental questions about the dissolving boundary between people's personal lives and work lives," declares
Pat Phelan, a research vice president at Gartner. "These questions about the balance between work and the rest of our lives are concerns for employers as well as employees."
Jon Gjestvang, CIO of Napa County, Calif., agrees. "Obviously, we can't pay overtime to every hourly employee every time they log on to a system after hours," he says. "So we had to make it clear in the memorandum of understanding we have with our labor union that supervisors will authorize that kind of overtime only when it is actually necessary for the agency."
Terry Bledsoe, CIO of Catawba County, N.C., adds that powerful cultural shifts are taking place as people bring their personal experiences of technology into the workplace. "As people experiment with their smartphones and tablets, they are discovering all kinds of tools that they then want to use to improve the way they and their colleagues do their jobs," he points out. "So if you can foster an environment where people can readily share and take advantage of their discoveries, you can achieve significant improvements in efficiency and performance."