I’m not sure how “a few days” has suddenly become “a few months”, but time obviously flies when you start a new job!
In April I talked at the Service Desk and IT Support show (SITS13) about our work on self-service and bring your own device. (I was a bit quicker off the mark posting my slides from the show, which are here: https://bytherye.com/2013/04/25/some-slides/)
I really enjoyed the discussion which followed the presentation, both in the room and also on twitter. It’s encouraging to see that the issues we’re grappling with aren’t just a problem for public sector IT people. It’s always nice to know that you’re not alone and to share ideas and experience!
I find the discussion about byod fascinating. It’s clearly vexing a lot of people and IT finds itself caught between the ever growing anxiety about securing valuable and sensitive information and ballooning user demand for greater flexibility and a more personal IT experience. I don’t think that whether we allow byod is really the issue anymore. I think that the days of IT setting out a defined and limited set of tools for our users to use are rapidly on their way out, so we now need to focus on how we give our users more flexibility without creating unmanaged risks.
This question from @Zeiniz echoes those in the room: how can IT allow more flexible access without compromising information security?
A key point for me is that byod does not mean allowing personal devices into our secure network. In fact I think that the opposite is true, I think the answer lies in delivering appropriate information beyond our network and making it available through apps and information services which we can secure as necessary (in much the same way, for example, that Spotify can deliver content to your device and take it away again if you cancel your subscription). The good news is that consumer providers have been doing this for years and there’s lots we can learn from them. In fact, in my view the business IT organisation will increasingly look and feel like a consumer provider delivering business information to our users with a high level of flexibility about which devices can access it. Some of the tools we use may be ones we develop ourselves, but we already have ways of connecting available to us (e.g. ActiveSync for email) which give us capabilities to manage how information is made available and secured across a wide range of devices.
This has big implications for the way that IT manages the relationship with our users and how we share the responsibility to protect information, as well as for how we design our system and information architectures. The old approach where the IT team ‘take care of security’ and users don’t need to worry has reached the end of its shelf life (arguably it didn’t actually work in the first place as I suggested in this post). We can give our users much more flexibility provided they treat information with care and use appropriate tools for more sensitive data — email has never been the right tool for highly confidential or sensitive information. A programme to enable byod will be as much about user training and compliance as it will about technology.
And this shift in the relationship will apply to how we deliver support too. A proliferation of devices and working styles will mean that if we continue our traditional model for providing ICT support, helpdesks will increasingly become overwhelmed and probably less helpful — they just won’t be able to be expert in all the various issues users will want help with.
So this is where self-service comes in. A good start is to build a culture where users are used to getting support through self-service. As online self-service is increasingly the norm in people’s personal lives I’ve seen users showing that they are quite comfortable using an online helpdesk rather than needing to phone or email for support (in fact often they expect to be able to get support this way).
Again, I think that we should be looking to the consumer arena for the way we do this. One of the questions asked at SITS13 was how user-friendly is our self-service helpdesk? And the answer to that is that it’s fairly good, but we need to make sure that we keep making it better. We need to work with our users and challenge ourselves to make more processes available online and simplify processes wherever possible.
As I’ve blogged before (https://bytherye.com/2013/01/05/self-service-making-it-work/), I think the ultimate goal of self-service has to be about more than just providing electronic forms for people to request support from the IT helpdesk. To fully meet the challenge of byod we need to use it to harness the knowledge which our users have and help to share this with other users. Along with prescribing the types of devices people use, I think the days of IT trying to have all the knowledge about how people work with technology are also behind us. I’ll let Denise (@DHL66) have the final word on that!