BYOD presents benefits, challenges for mobile strategies
Mobile systems and communications will transform the way government does business, but with budgets under increasing pressure it’s unlikely agencies will be able to fund everything themselves. BYOD promises a way to do that, but it’s not the answer for everyone or for every application.
Communications are rapidly going mobile and away from the fixed desktop, and government is heading the same way. One of the most heated debates currently is over bring your own device (BYOD), which promises a dramatic reduction in the costs agencies face to provide the equipment and infrastructure needed to enable their workforces to take advantage of the mobile communications boom. Other advantages, such as significant boosts in employee productivity, are also potential benefits.
The influence of mobile on government operations was recognized in the Obama administration’s Digital Government Strategy, published in May 2012. One of its three primary objectives is to “enable the American people and an increasingly mobile workforce to access high-quality digital government information and services anywhere, anytime, on any device.” The understanding that BYOD will play a part in that is evident throughout the strategy document.
In fact, one of the specific deliverables of the strategy is a set of guidelines derived from agency pilots that government overall can use to implement BYOD. A BYOD Toolkit was published in August as a first stab at providing those guidelines. A pilot program at the Agriculture Department was highlighted in the toolkit document, but other government agencies — such as the Defense Department, NASA and the Department of Veterans Affairs — are also looking at their future use of BYOD.
USDA has now gone beyond the pilot program and become one of the first agencies to include BYOD in a procurement. Also in August, it published a request for proposals for a five-year, $20 million “next generation mobility initiative” that could expand the number of mobile users at the agency from 15,000 to 100,000, using a combination of government-furnished equipment and BYOD policies.
This expectation of the use of BYOD in government is buttressed by the estimates for it globally. Although admitting it presents a “security nightmare,” Juniper Research recently projected that the number of enterprise users of their own devices will more than double in the next two years — to 350 million from around 150 million.
A 2011 survey by MeriTalk found that as many as 40 percent of defense and civilian agencies allowed employees limited use of their own devices at work, under various strict policies. On the other hand, a more recent survey by GovLoop, the social network for “government innovators,” found that only 20 percent of agencies have policies specifically for BYOD.
For most agencies, BYOD is a tough call because the implications of introducing it broadly are not well understood, and at the moment, the perceived problems far outweigh the advantages. DOD, for example, has launched some 20 pilot projects to see how mobile devices can be used throughout its enterprise but seems far from taking the same kind of BYOD leap that USDA has.
“BYOD currently presents many more challenges than benefits and will not be a viable IT mobility model for the DOD in the near future,” said Lt. Col. Damien Pickart, a DOD spokesman. Although BYOD does provide the same mobile services as government-furnished equipment, he said, there are “significant legal, privacy and security challenges that must first be resolved, such as multivendor support, supply chain management, cost sharing, reimbursement models, data ownership, device forensic processes and security controls.”
As vendors develop secure solutions, DOD will take advantage of the personal productivity gains offered by BYOD, but only when strict information security controls are present at all layers of the mobile device and enterprise infrastructure, he said.
The National Oceanic and Atmospheric Administration has a highly mobile and dispersed workforce that could definitely benefit from BYOD. However, it, too, is taking a cautious approach to BYOD for the same reasons that DOD is and also because of the potential disruptions it can cause to the agency’s operations.
You do need to look at considerations such as mission, cost, acceptable risk and the functionality that can brought to bear through a BYOD program and how that would support the mission, said Daniel McCrae, director of the Service Delivery Division at NOAA’s Office of the CIO.
“The other piece is that, as much as we need to be smart about how we deploy and manage the tools, we need to be smart about how we manage the expectations,” he said. “BYOD means different things to different people, and having a common expectation of what that means in the organizational and mission context is important.”
You’d have to balance the potential of a BYOD program with the reality of the applications or virtual work space that workers would need to access for their jobs, he said, which means making sure that their devices and systems would support the kind of work space they need to be productive.
There are some parts of the government, such as the intelligence agencies, that might never adopt BYOD because of security concerns that will probably never go away. However, it’s becoming evident to many both inside and outside government that the current pressure on agencies to increasingly perform better while dealing with tight budgets will force at least parts of the government to go with BYOD.
“In government, you have customers, partners and employees, and in any one of those audiences, you have a range of different users, such as teleworkers, field agents, inspectors and others,” said Owen Unangst, director of enterprise mobile computing at Unisys Federal Systems and a former associate CIO at USDA. “Agencies will not be able to provide all of those people with a government device, so they will be forced to bring in BYOD and then have to come up with a way to manage the devices adequately.”
If the government doesn’t mind staying a little behind the curve on efficiencies, it will be fine to declare just a small set of devices that users will be authorized to have and that can be relatively easily managed, he said.
“But that’s the dilemma right there because government employees, particularly the mobile elites and leaders in agencies, are starting to say they don’t want a device that makes them do things in a less efficient way,” he said. “With agencies providing every piece of technology, so constrained as they are by budgets and technical resources, if they keep things in IT where they continue approving everything, they will get further and further behind in delivering up-to-date services to the American public.”
VA is certainly one agency that’s been focused on customer needs and has already been using BYOD to some degree to enable its staff to do their job of providing services to veterans. Although they are not yet allowed to connect to VA’s internal network using their own devices, said Donald Kachman, VA’s director of mobile and security assurance, they can access some resources on their personal devices through external connections using VA’s remote access tools.
As the technology matures, he said, there should be options to further reduce government devices and increase the number of remote employees who have secure access to VA applications and software resources.
However, Kachman, along with most other government and industry sources, does not see BYOD as a leading force for the transformation in IT and communications that mobile technology is introducing. Ironically, as BYOD management processes improve, they believe the term will eventually disappear.
“I think mobile is transformative,” Kachman said. “I think BYOD is a component that not only takes advantage of that transformation but also brings a reduction in costs to the government.”