What is the 'personalisation of IT'?
With millions of people using personal devices for professional purposes while working from home, consumerisation has entered a new phase
As the pandemic deepened and businesses rapidly shifted their workforces to remote working, bring your own device (BYOD) suddenly took on a whole new meaning. Out of the sight of IT overseers, employees used their own digital devices and hosted services to those provided by their employers – blending these together to form a new form of consumer IT.
Research from DSA Connect, an IT asset disposal company that specialises in the permanent deletion and destruction of electronic data, found that 19% of workers have more electronic devices through work than they did before the COVID crisis started. While some have been provided with this additional equipment by their employer, the majority are using their own computers, smartphones and other devices.
The overriding concern when the consumerisation of IT is allowed to proliferate unchecked is security. Indeed, in its report ‘Securing the Future of Hybrid Working’, email security firm Tessian revealed 85% of IT leaders feel under more pressure to secure permanent remote working structures, as remote mass working becomes the norm. Just considering phishing attacks, 78% of remote workers who worked on their personal devices during the lockdown period between March and July 2020 said they received phishing emails, either in their work or personal inboxes.
Speaking to IT Pro, Yasar Butt, director in Deloitte's consulting practice and leader of Deloitte Digital's Workplace offering, explains: “The gap between consumer and business technology is rapidly shrinking. Employees expect the business technologies they use to be as simple as the devices they use in their day-to-day lives. We are seeing that for a number of employees devices are becoming just the access method and the processing, data, and applications are held largely in cloud or 'Edge' based systems. One thing is clear – we're beyond the one-size-fits-all era.”
The personalisation and consumerisation of IT have been in developed for decades. Businesses have fought to remain in control as a tsunami of digital devices invaded their carefully crafted safe networks. The push from workforces forced to use different – and often inferior – systems and services to the ones they use in their personal lives, has simply come to a head thanks to the pandemic.
Geraint Williams, Group CISO of GRC International Group, recently commented: “There are huge consequences for not training staff on how to implement information security at home, and this should have been a priority for all organisations when a mass move to home working became evident. Click rates for phishing attacks sit at roughly 3%, and even the most digitally adept employees can fall prey to emails impersonating clients, suppliers or industry subscription services.”
When gadgets become business tools
For many business leaders and their IT service providers, the consumerisation of IT itself isn’t the primary concern, but that it’s happening too fast. The levels of security that many workers adhere to can be shockingly low, with the same passwords being used for work and personal services, for example. While this would be a problem even under ideal conditions, it’s harder to teach and enforce better security practices when working from home.
Tools are already beginning to appear that offer a solution to what can often be seen by business owners as runaway consumerisation of their IT, however. Hysolate has developed Isolated Workspace, which deploys locally on corporate-managed and personal endpoints. The practical application is that the product provides strong, VM-based OS isolation and is fully managed from the cloud, making it a clear manifestation of the need to secure remote workers devices, as their homes are now the IT perimeter of the businesses they work for.
Sectigo CEO, Bill Holtz recently said: “As C-Level executives continue to embrace the increased productivity of a distributed workforce, they need to consider new approaches to security that rely upon automation and secure digital identities.
“The reality is that the enterprise currently uses a mix of authentication tools that frequently includes outdated or weak methods. This research indicates that with many employees remaining at home for the foreseeable future or even permanently, refining how we grant and manage digital access is more important than ever.”
Alan Warr, chair of the consultancy specialist group at BCS, the chartered institute for IT, points to help desks and the strain they could be put under as the personalisation of IT continues: “It isn’t practical for the service desk to manage any type or brand of personal devices to the same extent that they can manage standard-issue corporate devices, though they will usually do what they can. Key is the management of user expectations. In the end it requires a close alignment of the business and IT on what is appropriate for the firm to support in BYOD. The aim should be to meet expectations that people can use their own devices but not have the benefits overwhelmed by security and support costs.”
Salesforce’s acquisition of Slack speaks volumes about how services that were once clearly segregated between business and personal, are now becoming close bedfellows or morphing into new platforms that offer the best of both worlds – something workers are adamant will be a critical component of their remote working lives.
Even before the pandemic, the adoption of Slack into businesses often started as a classic consumerisation story, with small groups of workers turning to the free tier of the service. As adoption spread among different teams, employers would ultimately find themselves paying for more full-featured versions for the entire organisation, preventing software silos and returning an amount of control to the central IT team.
How Salesforce intends to use Slack remains to be seen, but are we on the cusp of another shift towards more prosumer tech? Salesforce is the hub of an ecosystem and also forges multiple partnerships to expand and extend its core services. Bringing in services that can be highly personalised, like Slack, is a clear reaction to how businesses and their workforces want to work and the tools they favour.
Warr observes: “It seems to me there is a two-way street here. Consumer digital tools, for example Facebook and WhatsApp, have found uses in business from their consumer origins. And technologies such as mixed reality and gaming are finding sophisticated uses in business, again from largely consumer origins.
“I see the continuation of this rich infusion of consumer tech into business and government and the reverse infusion of technologies developed for big government and big business being repurposed for SMBs, communities and individual consumers, as an ongoing and mostly positive dynamic.”
Butt adds: “Security, privacy and compliance are on the agenda of pretty much any CXO these days. Consumer technologies can bring a number of challenges including data security controls, and the protection of business IP. How best to manage and support these devices, if indeed at all, is a question that many businesses are grappling with.
“One day the distinction between consumer and business technology will disappear, but it’s unlikely to be any time soon. Currently, what is changing rapidly is the pace at which new consumer technologies, from digital assistants to XR devices, are making their way into business. In turn, this is raising employee expectations for the digital tools they use in their roles.”
The line between digital devices and services used for work or personal interests has been eroding for several years and COVID has accelerated this trend. The consumerisation of IT and the drive to use personal devices in a work environment is now complete. Your business is currently operating in a post-BOYD landscape that will continue to change rapidly, as your business evolves to meet the new normal of work – and the IT systems that support this – will become.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Security best practices for PostgreSQL
Securing data with PostgreSQLDownload now
Transform your MSP business into a money-making machine
Benefits and challenges of a recurring revenue modelDownload now
The care and feeding of cloud
How to support cloud infrastructure post-migrationWatch now