He says consumerisation of IT, led by Apple's cutting edge products, have changed IT culture so that users rather than companies are the ones buying the latest technology, and increasingly they want to use these devices for their work.
"If you look at the younger generation who've been brought up using these gadgets, they don't expect no for an answer (when they seek to use their own devices for work). Some of them will even take it to an extreme and say that they'll leave the company if they're not able to use their own tablet or iPhone for their business communication," he noted.
Small businesses that adopt BYOD policies can benefit in several ways. Firstly, the cost of buying the devices gets shifted to the employees, enabling cash-strapped SMEs to save money on high-priced devices that they would normally be required to purchase for their employees.
Also, employees are typically given greater responsibility for maintaining the devices, further reducing the company's IT budget. "Because it is the user's own device, if something goes wrong, they are responsible. So they have to make sure they manage it," Ezzat said.
Giving employees the ability to decide on the technology they want to use for work rather than assigning them a company device can also boost morale and productivity. "Employees will feel more at ease using the devices and will be more likely to use them beyond the normal 9-5," says Eszzat.
While BYOD can provide a number of advantages, it also raises some potential security issues. Yannick Kunegel, Regional Manager, Systems Engineering for Citrix MEA, says any risk assessment begins with looking at how people will be able to access company data on their personal devices. "Simply installing apps and storing data directly on the device raises serious security, privacy and compliance risks, license management issues and support complications," he told AMEInfo.com.
Companies also express concern that they do not have the necessary skills to address problems with employees' personal devices and worry about the loss of productivity that might arise if these devices break down. For this reason, many firms spell out the type of incidents that they will support and the extent of the support they will offer, he noted.
To help minimise security risks, Kunegel says the best approach is to enable completely device-independent computing through desktop virtualization to protect the company's network, supplemented by a secure ﬁle sync and sharing service. "With this approach, the company can provide optimal freedom for people while maintaining security and control. People can access all of their apps on any device, over any network, with single sign-on and seamless session roaming across networks and devices," he explained.
Kunegel also recommends that confidential company information should reside on employees' own devices only in isolated, encrypted form, and only when absolutely necessary. "Multi-layered security should include granular policy-based user authentication with tracking and monitoring for compliance; control over print capabilities and client-side storage; and mandated antivirus/anti-malware software. The company should also consider remote wipe mechanisms if business information is allowed on the device," he added.