The official hub of The Enterprise Mobility Foundation
Want more than just blog posts? Login or Sign up for a free acount and get research, videos, slide decks and more! Join the online social network for Enterprise Mobility.

Could There Be a Better Way to COPE With BYOD In The Enterprise?

“You can have any color you want…as long as it’s black.”  That’s a quote that is attributed to Henry Ford.  It makes me think about the “old days” of enterprise mobility…you know, the ones before we had the consumerization of IT and the tsunami better known as Bring Your Own Device (BYOD).  You could have any smartphone you wanted, as long as it was a BlackBerry.  That’s because the IT department could control the devices with an iron fist.  Well, we have certainly had a “Mobile Spring” over the last couple of years where employees (most notably senior level executives) pushed back and forced the IT department to allow employees to use their mobile devices of choice, most notably iOS and Android devices.

The rest, as we say, is history.

The consumerization of IT and the BYOD tsunami has made the IT departments incredibly uncomfortable.  They have “lost control” and are now “at the mercy” of the employees.  This, of course, has fueled many a debate regarding the most appropriate mobility strategy that organizations should develop and what sorts of policies they should implement regarding “acceptable use” of those devices.  Unfortunately, we have still seen high profile legal instances that have gone all the way to the Supreme Court of The United States.

What if there were another scenario?  What if there were a way for IT departments to C.O.P.E. with user needs, all the while stay in some sort of a comfort zone by having control of the devices?  Sure, many organizations have deployed enterprise mobility management solutions to reign in the BYOD tsunami, but most have done so because they had to (vs. seeing an opportunity to empower their workforce).

So what if we flipped the BYOD conversation to a model that is the antithesis of Henry Ford’s vision?  What if we moved to a Corporate Owned, Personally Enabled environment (see, aren’t I cute there, adding yet ANOTHER acronym in this alphabet soup space?).

The vision of what COPE would be as follows.

The IT department would provide you ANY mobile device you want…that’s because they have embraced the Consumerization of IT (more on the distinction between consumerization and BYOD here).  However, as opposed to trying to find a way to secure the corporate data that will reside on the employees’ personal devices, why not instead provide the employees a means to put some personal content on their work devices?  The device (and the corporate data that resides on it) is fully managed and controlled, but also allows for employees to install the apps they like for their personal use.  We already see this in many organizations where employees are installing their favorite media players and their music or personal photos on their laptops…so why not extend that to the other mobile devices?  Aren’t they already COPE-ing with those laptops?

There are other benefits that come from the COPE model that you won’t find from BYOD.  The original premise of BYOD was (in one respect) to help reduce corporate expenses.  Made sense when you’re looking to cut costs.  However, the only way in my opinion where BYOD can truly be cost effective, is if the employee pays for their devices and the totality of their service plans. Too often I see companies fully reimburse the price of the device, or the service plans or make employees fill out a reimbursement form to get their monthly stipend.  There are zero economies of scale in these scenarios that truly provide long term cost savings to the organization.  On the flip side, through savvy Wireless Expense Management, organizations leveraging the COPE model could negotiate great contracts with the wireless carriers to get steep discounts on devices, upgrades, as well as voice, data and messaging plans.

How is this not a win/win?

Now mind you, we’ll still need to see organizations deploy enterprise mobility management solutions, but wouldn’t the COPE model bring more IT departments into a comfort zone that would actually still allow employees to use the mobile devices that work best for them and not have the good people in the IT department suffer from premature baldness?

So, in closing, before you say that this is a six of one, half-dozen of the other scenario, I will respectfully challenge that.  Yes, in one respect it is….but it’s also about perspective.  This is a “help me help you” moment.  This is about how the organization can actually embrace the consumerization of IT and principles of IT Service Management where the IT department becomes a true business enabler.

Would love to hear (see?) your thoughts on this.

13 Comments

  1. Posted February 13, 2012 at 09:22 | Permalink

    COPE is an interesting option and may help many IT departments. But regardless of whether you COPE or BYOD or whatever enablement and legal approach an org/IT department chooses, you still need a solution that (a) captures and houses the policies, (b) applies the policies, (c) reports on policy-related events for compliance. That way if you change the enablement/legal model for any reason, and there are many business and external scenarios that might cause such a change, you still have the solution in place to handle it. And note that if it might prove very difficult to COPE 100% on an international basis due to country-specific legal complexities.

    Thumb up 3 Thumb down 0

    • Posted February 13, 2012 at 10:53 | Permalink

      Totally agreed Evan. I’m by no means suggesting that this is a one size fits all solution, but instead, could be a very functional means for compromise as we continue to see the consumerization of the workplace.

      Thumb up 0 Thumb down 0

  2. Posted February 13, 2012 at 10:40 | Permalink

    Our corporate laptops are locked down so users are not putting anything personal onto them, the same is true for our corporate Blackberry, iPhones and iPads. I think the liablity and privacy issues cloud COPE.

    How do you handle cross contamination of corporate and personal data? COPE works when you leverage something that isolates corporate data like Citrix, VDI, Good technologies secure container for corporate data.

    What further clouds this is the corporate liable device is procured for the purpose of work. I understand the whole “It’s with me all the time so I expect to use it for X, Y and Z off hours. No .. we have a BYOD program if you want to pursue the benefit of one less technology device. That is a perk not a requirement. See I fully see this as a give and take kind of thing. You wish to use X device, here is the way we allow that based on the regulations and security we need to adhere to.

    Many employees decide it’s not worth it and like to keep their personal tech and work tech seperate. Nothing fixes that. BYOD, COPE whatever the flavor next month is doesn’t change that. The root of all these issues is compliance and liablity.

    Thus this will be argued for years to come until the there are laws around employee privacy, compensation for the new 24/7 wired world we live / work in.

    Thumb up 2 Thumb down 3

    • Posted February 13, 2012 at 10:57 | Permalink

      “See I fully see this as a give and take kind of thing. You wish to use X device, here is the way we allow that based on the regulations and security we need to adhere to.”

      I see this as a perfect use case for COPE.

      “Many employees decide it’s not worth it and like to keep their personal tech and work tech separate. Nothing fixes that.”

      I would argue that there is an equal number of people who would find having to carry two sets of devices to be a nuisance.

      Like I mentioned to Evan, I see COPE as yet another possible means to find the right balance between Personal Enablement, yet satisfy the company’s needs for mobile risk management.

      Thumb up 2 Thumb down 0

    • Posted February 15, 2012 at 18:01 | Permalink

      Whether BYOD or COPE, the challenge is how to allow for mixed-use models – including a slew of governance, security, liability and privacy issues.

      Why allow mixed use? My wife’s employer is a rather vast organization, and my wife exemplifies the problem that is getting worse and worse = “dead battery, at the bottom of the bag”.

      How to solve the problem of mixed use? Virtualization solutions like Citrix have their place. For mobile, Dual Persona offers a compelling new option (and I readily admit to being purveyor of such!). Create 2 devices on 1 to accomodate the methods of use (business/personal). Attach different policies and security controls on each as appropriate to the method of use.

      Outside the USA, we’re seeing tons of COPE. To Philippe’s point, COPE and BYOD are almost opposites of each other… but they net to being “dual use” or dual persona.

      Thumb up 1 Thumb down 0

      • Posted February 15, 2012 at 18:28 | Permalink

        But Nick – because of the Consumerization of IT, isn’t mixed use now a given? BYOD or COPE are just means of handling mixed use from opposite ends of the spectrum. The major difference is that I’ll make the argument that COPE will allow the IT department to be more in their comfort zone.

        Thumb up 0 Thumb down 0

  3. Posted February 14, 2012 at 13:36 | Permalink

    Sure, COPE looks good on the surface. Kind of like health benefits, as long as the choices are high quality, employees won’t complain even if the choices are somewhat limited.

    As commented above, I agree that fundamentally the way the device is deployed shouldn’t change, whether it’s under COPE or BYOD – the security focus is still on the apps and the corporate data, and no matter who owns it, you run the same risks of the user downloading malicious apps or inadvertently allowing data to be compromised. So I think the Enterprise App Store is still necessary, as well as MAM and the other suite of security features we recommend for BYOD as well.

    On the other side of the equation, I agree that corporate-owned devices will streamline the billing process, leverage the economies of scale when making large corporate purchases and negotiating contracts… but my concern is that users will still drag their heels. Virtually everyone in this demographic (educated, tech savvy employees) have their own smart phone and are locked into a wireless contract. Will all of these users jump on board to carry a second phone again?

    @Nukona_Walt

    Thumb up 0 Thumb down 0

    • Posted February 14, 2012 at 13:49 | Permalink

      “Kind of like health benefits, as long as the choices are high quality, employees won’t complain even if the choices are somewhat limited.”

      Love this line…and I think that a key component of a COPE strategy is to either allow employees to pick whatever they want, or make sure you’re offering great options.

      You’ll also have no disagreements from me that you need EMM regardless of the acquisition/provisioning model.
      With regards to your last comment, I think that there is nothing wrong with BYOD (if managed). I’m thinking more about the companies that have yet to embrace any kind of consumerization (and there are still many out there). If companies are not happy with how BYOD has worked out for them (from an economics perspective), then I will argue that they can/should create a migration plan that would go towards a COPE model.

      Thumb up 1 Thumb down 0

      • Posted February 14, 2012 at 14:16 | Permalink

        Excellent point. For a company that has not yet embraced life beyond Blackberry, COPE would be a relatively comfortable transition. At the end of the day, COPE or BYOD must be deployed as part of a bigger plan for mobility, so corporate apps and tools leveraging the platform will create a new culture of efficiency and productivity from the workforce. That will likely overshadow any complaints about still carrying a second device.

        Thumb up 1 Thumb down 0

        • Posted February 14, 2012 at 14:29 | Permalink

          Absolutely agreed. BYOD/COPE/IL/CL…whatever, is all about the devices. That’s not what mobilizing the workforce and the workplace is actually about!

          So much emphasis is put on the device, yet I feel as if organizations should be spending much more time thinking about the why/how they are going to change their business processes.

          To your second device comment. That may be true in North America, but there are still many, many places around the world where people are still using “dumb” phones.

          Thumb up 0 Thumb down 0

          • Posted February 15, 2012 at 08:08 | Permalink

            I love the idea of COPE. To me, from the start, BYOD has always been a sort of point solution… Something you’d use waiting for a better solution. Even with a well developped BYOD program, there are some inherent problems that COPE solves:
            1/ If the smartphone breaks while being used in a professionnal context, who should pay? Who manages the relationship with the repairshop/vendor/insurance company? With COPE, things are clear: it’s the company’s phone, the company pays.
            2/ If it’s strategic to mobilize your workforce, how do you manage your workforce that doesn’t own a smartphone? You can’t ask them to buy one… but are you pressuring them (harrassing them?) to buy one? I know some attorneys who’ll be interested in hearing about that… Problem solved with COPE.
            3/ If a user is making calls and accessing data networks while travelling (abroad?) (s)he is likely to expense the incurred costs… These costs are publicly listed prices and have nothing to do with corporately negotiated prices. Believe me, I used to work for a telecom company… Heck, you have an ROI for COPE vs BYOD just on this point.
            4/ I absolutely entirely completely disagree with MobileAdmin’s point. The party that has the most to gain if an employee is accessing the company network with a smartphone… is the company. Not the user. If a user has, for what ever reason, 2 smartphones in his pocket then on his personal time when he only has one with him, it’ll be the one on which he can do what he wants, ie his own smartphone. Most of the benefits of being always available will be lost. It’s strategic for companies to do whatever they can to make sure their employees are carrying the company phone with them at all times.
            5/ If your user is constantly on the go, his business card most certainly carries his cell number. In a BYOD case, the number belongs to him. When he leaves the company, he brings the company’s clients with him… In a COPE situation, the number stays with the company and so do the clients.

            I’ve been pushing for this kind of approach for a long time… Never formalized it in this manner, never found a smart acronym for it ^^ Great job Philippe, completely in line with you on this one :)

            Thumb up 3 Thumb down 0

          • Posted February 15, 2012 at 11:03 | Permalink

            You raise a host of solid points and I’m unsure what is so invalid with my logic. The current BYOD agenda is employee driven and they wish to have their cake and eat it to. (my device, little security, use as I like) Which is how it should be – it’s their device. My issue is now expecting corporate to foot the bill and mold a support strucuture around that.

            The issue is further complicated as it’s not a cookie cut solution that works in every company. One company may provide stipend / reimbursement then next doesn’t. So the concept of an employee that “brings their tech tools with them” can’t be sustained.

            I don’t understand this:

            “If a user has, for what ever reason, 2 smartphones in his pocket then on his personal time when he only has one with him, it’ll be the one on which he can do what he wants, ie his own smartphone. Most of the benefits of being always available will be lost. It’s strategic for companies to do whatever they can to make sure their employees are carrying the company phone with them at all times.”

            9 times out of 10 the personal device of choice is due to the corprate device isn’t to their liking or they want a degree of privacy. You have that issue even if both devices are say an iPhone. The personal iPhone would be used as it allows them to do whatever they wish. The corporate iPhone could have restrictions etc. So Joe (Jane) User goes on a personal vacation to say Rome. They will bring their personal iPhone and answer work emails. Nothing is forcing them to do that, is the corporation now *required* to compensate the user for this unrequired access to email? This is the point I made that is very unclear from a compensation perspective with the work day bleeding into personal time. It’s easy with hourly employees but for salary it’s one of the reasons many employees carry two devices.

            Point 5 you make is a huge one for industries with sales staff.

            Thumb up 0 Thumb down 0

  4. Posted February 15, 2012 at 09:45 | Permalink

    Thanks Mathieu! Much appreciated!

    Thumb up 0 Thumb down 0

Post a Comment

You must be logged in to post a comment.