In this week's Industry Buzz podcast, the UCStrategies team discusses the consumerization of IT—the affect on IT departments of consumer devices and applications being brought into the enterprise.
Transcript for UCStrategies Experts Discuss the Consumerization of IT
Blair Pleasant: Hi, this is Blair Pleasant. I am here with the UCStrategies Team and today we are going to talk about Consumerization of IT. A lot of people have really taken note of the consumerization of IT today. I think it is especially important because people now have iPhones and iPads and all these great new devices that they are bringing to their enterprise and their workplace and the IT departments now have to deal with how are they going to work with these devices that they didn’t purchase that they might not be supporting? So it's really placing a big burden on IT. But the real benefit of the consumerization of IT means that people are bringing the way they want to work to the workplace, so that they can be more efficient and effective, so we are just going to see it growing more and more. I think a lot of times when people think about the consumerization of IT, they do think in terms of these devices – the tablets and the smartphones — but I think just as important, if not more important, are the applications. Things like instant messaging really started in the consumer world and then when people starting using IM in the business place, companies realized that they don’t have the security in place for this, we don’t have the liability and controls that we need. So companies like IBM, Microsoft, Oracle, and others created enterprises into the messaging solutions and now we really see the prevalence of that.
And the same is true for with social media. A lot of people started using Facebook and Twitter in the office and at the workplace, so companies either just outright banned it or others said, you know what? There are ways that we can leverage the benefits that this provides, so companies again like IBM, Cisco, Jive, Telligent, Yammer, a whole bunch of companies came out with enterprise-grade social software solutions that companies can use safely and securely in the enterprise and in the organization. So I think we are seeing a lot of this going on with the devices, but also just as importantly with the applications. David, did you want to talk a little bit about some of the history and what’s going on?
David Yedwab: Sure Blair, thank you very much. This is, as I would like to characterize it, the consumerization of IT that we are talking about today, is really the second coming of the revolution of computers and information coming outside of corporate IT, which is a reversal of the way things used to happen. Everything used to start in a centralized large enterprise mode and then trickle down, if you will, to smaller organizations or to departments, etc. But in the mid-80s we had the PC revolution, where people began bringing computers and compute power into the workplace and doing things without IT being involved and the whole hub-bub and blow-up if you will, about how do we control capabilities, how do we control intelligence, how do we control information, how do we manage, how do we secure, and how do we make our businesses appropriate? And we certainly saw the change from mainframes to PC-based IT infrastructure revolutionize the way things happen. And that’s happening again for the second time.
There’s a big difference this time, in that as Blair said, devices and applications are proliferating in the network, in the internet, at the desktop, in the smartphone, in the mobile phone, at the desktop, in the tablet. And it's going to be interesting to see whether IT ever really does take control or is this revolution going to go so far as to maybe eliminate the need for IT going forward. I know, a real challenge, but something we really need to explore as the consumerization continues to grow and continues to change the way we work. And certainly, as the newer generations come into the workplace and are used to the consumer capabilities, the consumer devices, and the consumer apps, we’re going to really have to do that within our workplaces to make those folks happy. Turning it over to the next player, I believe it was Michael.
Michael Finneran: Thank you David. Of course, since a lot of this deals with mobile devices, I have been watching this for quite some time and frankly, we are in pretty good shape today, if the IT department chooses to invest. The phrase we’re starting to use now is BYOD, which could potentially mean, “bring on your own demise.” Certainly, the devices are showing up and Blair, you are right, we don’t focus on protecting the device, we focus on protecting the information or the tools that will allow access to sensitive information. But I have been working with a bunch of the companies now that are really at the leading edge of doing that. Companies like Sybase with their Afaria, MobileIron, Boxtone, Zenprise – the general term used is mobile device management systems, but security is a big part of that. So in essence regardless, whether you have a Blackberry or an iPhone – Android is still a little bit of the wild west...certainly, traditional windows mobile devices – we can enforce security policies, onboard encryption, do remote trouble shooting—everyone has a remote wipe today, end of lifing device, and also white listing and black listing applications. So to a very fine degree, regardless of platform today, we actually have some pretty darn good tools to actually allow this consumerization to go forward.
The difficulty the vendors seem to be facing here is, there is a market inversion, because BYOD is definitely having a bigger impact on small and medium business than larger businesses; certainly, larger regulated businesses. So the groups who are most likely to buy the tools, who are the larger businesses – they are still often dictating what the device is going to be; the small business that really needs this kind of capability, they are the ones less likely to be buying a tool of this sort, so – we are in a peculiar spot with it right now.
Jon Arnold: I am happy to jump in here—this is Jon Arnold. I would like to like to just add a bit to what David Yebwab was saying earlier about the democratization of IT and technology. I think a lot of this, too, is a generational thing of course, and so you do have the internet generation who is used to having this kind of control and not being dictated to by an IT department. I think the expectations are a lot higher now of how much control the end user has, as opposed to where it comes from out of the network. And I think this is actually pretty promising for UC, because where IT gets involved in the picture here as Michael was saying with security needs, there is more valuable communication going on today than there was in the past, because we have access to all these tools, so I think what we are starting to see, and this plays into UC, is that there is more of a balance now of content consumption and content creation and I think this drives the whole collaboration trend that a lot of us are seeing. That is really about creating content and getting people to work together more productively. It is a more active use of IT than the passive use of just consuming information. And with that, that content becomes more valuable. So there is a lot of emphasis here on IT to devote resources, as Michael was saying, to protect the network and the contents that are going over that network, because it is creating more valuable forms of information that are flowing over those pipes.
And the other element to that of course, is that this plays well for UC because it's the UC solutions that enable so much of that collaboration. So the intent here I think for us, is to show IT where UC has value in making this democratization and consumerization of IT a good thing. Because if those tools aren’t there, then it's just technology run amuck and that is the last thing that IT really wants to have to deal with.
Art Rosenberg: Hi Jon, I certainly agree with everything that everybody has said so far. But the real focus is to the individual end user, who is the point of communications in the first place, whether it's person-to-person or process-to-person it makes no difference. The individual end user doesn’t have really just one application he worries about. They don’t work or do business for just one company. They also, by definition, they are consumers as well, so you have to look at the individual end user and everything that they might want to do, especially with mobile devices that are multi-modal in the first place. They are not going to carry a bunch of them around, and they are not going to be dealing just with one company. They are going to be dealing with all the companies they have to deal with as part of their job or as a consumer, it makes no difference. How is that complexity going to be handled by the IT organization in one company? Never. So you’ve got to have the flexibility of control, which says, “tell you what – you carry whatever device you want, use it any way you want, but when it comes to access to information, that’s where we are going to control access.” You have to prove who you are and authenticate, etc. And maybe you want to encrypt and whatever it is, you have to protect the information. That’s IT’s responsibility, not what somebody does with their endpoint devices.
Russell Bennett: This is Russell Bennett. I agree with Art. I don’t think that consumerization of IT means that that the consumers are in control, I think completely the opposite. The IT department is always in control. They allow consumer devices to be used in the workplace and to connect to the network to the extent they see it to be advantageous to them, or at the very least not to be disadvantageous. As soon as they spot a security loophole, for example, Skype or public instant messaging, they will find ways to shut it down. They do have control of the passwords and the authentication and so on to stop you from syncing up your email. So essentially, the IT department is allowing the employees to use the device that they want to use, mainly so that they don’t have to pay for it. And there is a fairly strong trend that is forecasted to continue by the analysts of cell phone usage, for example, instead of being provided by the employer or at least provided by the individual, but the monthly bill paid for by the employer. That trend is reversing and now the employees are becoming liable for their own cell phones bills. There are a couple of fundamental reasons for this. One is that the current U.S. tax code and upcoming changes being bantered backwards and forwards in Congress at the moment, actually make it administratively onerous for employers to provide cell phones for employees. They’ve got to separate personal use from business use and provide substantiating documentation and are also supposed to add the value of personal usage to employee under a tax payment on their W2. This has a double benefit, cell phones obviously depreciate very, very rapidly in terms of their entry on the balance sheet and so the employer can avoid making a capital expenditure, which is going to disappear within 12 months. And then the employees, by their own volition, are subsidizing the use of their personal cell phones for business use.
So basically, this consumerization trend is playing into the hands of the CFO who desperately is trying to save money in this economic climate, and if they ever find a reason that they don’t want people to do certain things, then they will certainly stop them. Without a doubt, CEBP which is connecting devices to business processes and applications, is totally in the control of the IT department. I would think that it is probably a fraction of 1% of corporate employees that can write their own apps that connect to Active Directory or SAP or whatever. So those applications will be created and distributed by the IT department. That’s my two cents on that subject.
Art Rosenberg: I agree with that, especially about the CEBP.
David Yedwab: Just one follow-up comment. This is David again. I am wondering if we even know how much business communications is going on with these consumer devices being used by employees that IT doesn’t even know about. And how much of IT’s time is spent on auditing usage of devices as opposed to doing something productive, like protecting corporate assets?
Russell Bennett: Secret information is a corporate asset, so it's not wasted time or money. And I think all we have to do is use Google to find out who’s blogging or tweeting about what. I think it's been made abundantly clear by HR departments that if you reveal corporate information in a public domain that you will face termination and some of those sanctions are probably being enforced as we speak.
Blair Pleasant: I will add one more thing. I want to bring up the fact that sometimes the IT department doesn’t necessarily have to support the devices that the workers are bringing in. So I loved the example at Cisco that there’s a whole bunch of people using Macintosh’s which aren’t officially sanctioned by Cisco, but they created websites and wikis and their own community to help support them. So they are really eliminating part of the role of IT and doing it themselves and really supporting these devices on their own. And I think we are going to start seeing a lot more of that also. IT is still going to have obviously a huge role in this, but I think as people do bring in their own devices and their own endpoints and technologies, they are going to also be responsible for supporting them, as well. I think we’re going to see a lot of changes in that area.
Art Rosenberg: That’s a big question, if IT is not going to do it, who is going to support the end user and their devices?
Blair Pleasant: And I think in some cases we are going to see the individuals doing it on their own and using some of the social networking tools and capabilities to let them really support each other so that they can bring in the devices that they want.
Michael Finneran: Is that how we should have our employees spending their time, in IT? I mean I am paying a guy to sell, I want him selling.
Blair Pleasant: Well, I guess if you want to have these devices then you need to find a way to support them.
Art Rosenberg: Is it going to be carriers, is it going to be – the store that you bought it from? What?
Michael Finneran: I think there are a lot of angles to it. We do have the fundamental tools and certainly there is a movement is in place, but the IT department is going to have to take a step back and basically look at what the overall demand is going to be and develop a policy that supports it and then start shopping for the elements that are actually going to allow them to implement that plan.
Blair Pleasant: And you mentioned the key word, policies. I think so much of this is really going to be about policies and guidelines that the IT department and that the company has to come up with and really ensuring that these guidelines are met, whether it's – with what devices you can use or what information you can present. I’ve been doing some work looking at some of the policies and guidelines that companies are using for their social networks and social software. And most companies now do have formalized policies and guidelines that people have to follow. It can be things as basic as, don’t give away proprietary information. But people really do need to be taught or they need to think about what is proper and what can I and can’t I do on these social networks. So it all comes down to policies and guidelines.
Art Rosenberg: And trust –
Michael Finneran: No—trust is not a good thing, if you are dealing with corporate information. But I actually helped write those policies for mobile entities and maybe that will be a subject of another podcast—what are some issues that one really should put into one of the policies and basically I spend time talking to clients about that – if you do it this way, this is what you gain and this is what you lose. Because a lot of the decisions that have to be made when making a policy up and they are made by executive management and human resources, much more so than what we do in IT. So at the end of the day, it's the boss’ call and it's our job in IT to make sure that we are giving them a decent background of what the ramifications of their decisions are going to be.
David Yedwab: And are we really talking about the democratization of IT across the company, as opposed to within the IT department? A whole other subject. Where the decisions get made about what technologies are going to be deployed, and how will they be managed and what’s going to be available to be used as the revolution continues.
Dave Michels: I just want to throw in that this notion of consumerization is a little vague. I think there is really basically two kinds of consumerization that people generally talk about. One is where they can bring in their own devices or applications to do their work, and this is generally done with the consent of IT, and actually enabled by IT. And I don’t think that that’s necessarily consumerization, I think that’s really better described as “bring your own device,” which has financial benefits for the organization, and productivity benefits for the employees. And so everybody comes out ahead.
The second kind of consumerization, which is a little more significant, and even a little more probably mislabeled, is this notion of where you bypass IT, where people bring in their own tools or consumer services such as maybe Skype, or some sort of instant messaging service, or potentially Gmail for document collaboration, or even SalesForce.com for maybe a business unit that needs to use their own CRM versus the corporate solution. This is generally done without IT’s consent. And I think this is a more significant issue—and it’s not necessarily consumerization, it’s really better described as competition. IT hasn’t necessarily had competition like this before. And it’s even transparent competition. SalesForce.com is very clear about its pricing, and it’s very clear what a customer pays for SalesForce.com, where the IT cost for CRM may be a little more fuzzy or ambiguous, and may not even be competitive when compared side by side.
And so this form of transparent competition is actually causing a number of ramifications, but it’s generally for the best, and I don’t think consumerization is the right word. Now IT in the past, has not been necessarily involved with innovation, or chartered with innovation. IT in the past has primarily been chartered with cost management and surprise mitigation. Surprises include things like outages, financial surprises in the cost, data loss surprises, things like that. IT has been chartered to mitigate surprises and control costs. Now with competition, IT is having to get back into gear, like they did before, about being more business focused, and being a little more innovative. That’s probably all for the best. But you have to keep in mind that when we look and compare IT, to these alternative consumer services, that we tend not to compare them side by side. Most of the consumer services don’t offer the things that we expect or demand or require from IT, such as support, data integration options, back-ups, security to the corporate standards, turnover administration, so that when employees leave, the data is not only transferred to appropriate resources, but not taken with the employee. So there is a lot of things that consumer services don’t do that we more or less accept, but not really. When Gmail had an outage back in January, people didn’t have access to their documents, to their contacts, to their calendar, to their email, for about 24 hours, and it was a pretty big deal in the blogosphere. They couldn’t get support. We have higher standards for corporate IT. Some of what’s happening, which is for the good, is that IT is working to level the playing field, turn up the innovation, and make it clear what services that they actually bring. I think this is better described as competition, than consumerization. And that’s my two cents.
Blair Pleasant: Thank you all for joining us and we’ll see you all next time.