That the nature of our workforce is changing is not news: work-life boundaries are blurring and employees expect to be able to access their personal and work information anytime, anywhere, and with any device. And yet this trend is leaving many IT policies in the dust. IT device and use policies should be updated to account for these changes, and even if you�re not comfortable allowing unrestricted device and personal information access, offer your users rationale around IT policy decisions to improve compliance.
This can be done through awareness and open discussion. As discussed in a recent Cisco study, over a third of employees haven�t been provided with a rationale for IT policies, two thirds believe policies are in need of updating to reflect the changing nature of the work environment needs, specifically for personal device usage and social media. Updating or at least discussing policy decisions curbs this disillusionment and associated hostility and selective compliance.
Mobile Devices
Like it or not, consumer technology is invading the enterprise. Recent increases in the prevalence and variety of smart mobile devices make them an unavoidable issue to consider. A recent Info-Tech research study concludes that allowing personal devices in the workplace boosts productivity and end-user satisfaction. Moreover, the majority of organizations are allowing them, and doing so successfully; 83% of the organizations allow end-users to attach their personal mobile devices to the network, with Blackberry OS, Google Android, Apple iOS and Windows Mobile being heavily favored. (Figure 1)
But how did these organizations manage the risk of attaching multiple personal devices to the corporate network? The answer is end-user compliance with IT device policies. According to Info-Tech survey respondents, end-user compliance was the single largest contributor to the organization�s success with personal mobile devices. Foster end-user compliance by considering the following elements:
- Policy development: Develop a personal mobile acceptable use policy for end-users to sign when activating their devices on the corporate network. Stick to the major mobile platforms to avoid management headaches, and if you have security requirements take a personal device stance that aligns with them. At a minimum, have a password policy and enable remote wipe as an option.
- Policy enforcement: Conduct a town-hall style meeting with collateral � such as a training deck � to walk end-users through the policy and its reasoning was seen as a strong contributor to end-user compliance by the majority of organizations.
- Technological enforcement: Implement third party infrastructure to extend Blackberry Enterprise Service style device management to Apple iOS and Google Android devices.
Social Media
With the exception of corporate-run initiatives, social media access is usually largely unrelated to work. While Info-Tech recommends using social media for CRM, policy on personal use of social media is largely up to you. Two thirds of employees interviewed believed policies around social media should be more lax, citing that it improves work-life balance, enabling them to work longer hours. The policy decision is ultimately yours to make; just remember that if you�re telling employees what they don�t want to hear that you had better be willing to justify your decision.
More importantly, the crux of social media policies has to be setting boundaries between personal and professional use. Keeping the workplace out of personal social media use is more important than keeping personal social media use out of the workplace. With blurring work-life boundaries, the biggest threat to the enterprise from social media comes from employee activity that reflects poorly on the enterprise and its values. Once employees begin discussing the workplace in a public setting using their personal social media, that information is beyond the enterprise�s control and can be a potential PR nightmare.
The best way to prevent a disaster is through updated IT policy development and discussion. The reality is that if an employee wants to publicly slander your enterprise that you cannot prevent this; social media hasn�t caused this reality, just upped the stakes. The key is to keep employees content and informed, as well as having a policy in place outlining repercussions of inappropriate use of social media. Running an additional training session is highly recommended to communicate the increasing importance of the issue and severity of the consequences.
Bottom Line
New employee demands have brought IT policy creation and enforcement to a crossroads. Resisting these changes is swimming upstream. Instead, update your IT policies and invite end user discussion. Ultimately, this benefits both employees and the enterprise. In this age of information and collaboration, expect to solve more and more of your problems with information sharing and collaboration.
About Info-Tech Research Group
Info-Tech Research Group, Inc. is a global leader in providing IT research and advice. Info-Tech’s products and services combine actionable insight and relevant advice with ready-to-use tools and templates that cover the full spectrum of IT. Visit www.infotech.com.