Agencies considering allowing employees to use their own smartphones and other mobile devices on the job — known as bring-your-own-device (BYOD) — have a new toolkit at their disposal to ease the transition.
In May, the Office of Management and Budget unveiled an ambitious digital services strategy, which promised to develop governmentwide BYOD guidelines. Since then, a digital advisory group worked with the Federal Chief Information Officers Council to comb through lessons learned from “forward-leaning agencies” that have already jumped on the BYOD bandwagon.
The newly released guidance is the culmination of those efforts.
The toolkit contains key considerations for agency IT managers, success stories from agencies that have already implemented such programs as well as existing policies at those agencies to serve as samples for others.
However, the guidance also noted that implementing BYOD is not mandatory and that the federal government still has work to do to hammer out some of the thornier issues, including the ethical legal implications of government data stored on employees’ personal devices.
The release of the toolkit “is just the beginning of the conversation,” said Brook Colangelo, the CIO of the Executive Office of the President.
“The key takeaway of our efforts is that while BYOD may not be right for every agency, it can, given the right environment, succeed in a secure and records- managed way,” he said in a blog post announcing the launch of the toolkit.
The promise of BYOD is that it can make employees more productive and satisfied on the job and allows the government to scale back the number of employees provided with costly government-owned mobile devices.
The toolkit notes that the rise of BYOD points to a change in thinking in how IT managers adopt new technology.
“Gone are the days of long projects that address every demand,” the guidance states. “We must now integrate new technologies in a rapid, iterative, agile, interoperable and secure method to meet changing market and customer needs.”
The guidance noted, however that the business case for implementing BYOD programs is different for each agency: “BYOD is not necessarily a good fit for all government agencies — it has to fit the agency’s environment, support mission requirements and meet the specific needs of staff.”
There are differing approaches agencies can take to implementing BYOD. Virtualization allows employees to access resources remotely from their smartphones but no data is stored there. The “walled garden” approach allows agency data to be stored on personal devices but only within a secure application.
But technology is far from the only element IT managers have to consider. They should also determine whether employees will be required to participate in their BYOD programs, how to educate employees about the new program and how they can ensure BYOD complies with labor laws governing working after hours.
The toolkit also identified a host of other issues relating to security, privacy and ethics.
Along with those key considerations, the guidance also highlighted lessons learned and case studies from agencies that have already embarked down a BYOD path.
Robert Hughes, the CIO of the Treasury Department’s Alcohol and Tobacco Tax and Trade Bureau (TTB), said his agency saw success in implementing a virtual desktop solution which was easily integrated with a BYOD component.
The U.S. Equal Employment Opportunity Commission was all but forced to consider a BYOD pilot program when its IT budget was slashed by 15 percent, EEOC CIO Kimberly Hancher said.
Hancher was forced to cut the $800,000 in funding slotted for agency-issued BlackBerry devices in half. EEOC implemented a BYOD pilot program that allowed employees to opt-out of having a work BlackBerry and instead install third-party software on their own smartphones.