Controlling PDAs and cell phones is a challenge  It’s an IT manager’s nightmare: hordes of persistent employees waving new PDAs and smartphones, loudly demanding access to corporate desktops and networks – and, worse, demanding technical support to help them connect. The trouble is, it’s not just a bad dream anymore – especially at this time of year as employees start coming to work with the new Palms, BlackBerries and Windows Mobile devices they received at Christmas or bought during the Boxing Day sales. Research in Motion Ltd. (RIM) announced in March that it had added 630,000 new subscribers in the fourth quarter of 2005. That’s worldwide, but the Canadian number will still be in the thousands. Many of those BlackBerries were sold to corporate customers, but many went to individual business-consumers. According to market watcher NPD Canada, retailers sold 36,151 PDAs in November and December of 2005. A recent IDC report says a banner 2005 holiday buying season boosted worldwide sales of new mobile phones – of which a growing percentage are network connectable smartphones – over the 800 million-units mark for the year. "We’re definitely seeing a lot more interest from employees wanting to obtain these devices and attach them to the network as part of their work life," says Mike Cuddy, VP of information technology at Toronto-based Toromont Industries Ltd., a distributor of industrial equipment. "And interest is growing all the time." What’s a beleaguered IT manager to do in the face of this onslaught? The simple answer: control it. But that may be easier said than done. In some companies, absolute control by the IT department is not possible. And in some it’s not necessarily the ideal solution anyway. The big concern for most technology managers, perhaps surprisingly, is not the security threats but the drain on scarce technical support resources, says Chris Coffin, a senior consultant at Toronto-based Compass Management Consulting Ltd. Employees will inevitably need help getting these devices working properly with their office computers. "It’s the calls to the help desk that have nothing to do with the company that mainly concerns them," Coffin says. "Direct connection to the network of non-standard devices is, of course, an issue, but the far bigger problem is connecting devices to the USB port on a laptop or desktop." The technology managers we talked to confirm this. "The biggest issue is the additional support that comes along with these devices," says Glen Renton, manager of network services at Grand & Toy. "We have a limited support resource pool, and they’re busy providing day-to-day network support. Adding on a whole bunch of personal devices that don’t follow any kind of company standard – that’s really the primary area of concern for us." It’s the same story at Toromont. " means X number of hours away from what could and should be doing," Cuddy says. "It’s the opportunity cost of responding to the problems of people installing software or hardware that isn’t part of our standard." There may be another IT management issue in the future, Coffin says. Network-connected PDAs and smartphones – even if they’re not directly connected to your network – generate increased email traffic. Employees who have these devices may be more apt to email than use the phone to communicate with colleagues back at the office. And because handheld devices don’t make it easy to input text, users tend to initiate long back-and-forth exchanges of short messages rather than sending one or two longer messages. "All those messages have to be replicated and stored," Coffin notes. "There are new rules around email now. You have to house them – you’re never allowed to lose email. The repercussions of doing that way mean that storage requirements can expand quite a bit. It’s more theoretical at the moment, but it could grow." Productivity ConcernsBut wait a minute. Isn’t using email rather than the phone supposed to save time and money? And aren’t these devices generally supposed to improve productivity?  Maybe, but Coffin for one isn’t convinced. "I don’t think the productivity benefit side of the equation has really been proven yet," he says. "There has certainly been a lot of marketing from vendors about increasing productivity and the average user says his productivity has increased, but I don’t think this is well understood." Cuddy doesn’t doubt the productivity benefits will ultimately be there, but he’s not convinced the right devices and products are available yet to guarantee those benefits. In particular, he doesn’t believe the BlackBerry – which has been generating the most interest among Toromont employees lately – will be the most cost-effective platform. He’s more inclined to put his money on Windows Mobile, but figures it will be another several months before a complete, can’t-miss solution based on Microsoft’s un-tethered operating system will be available. "We’re continually looking at these devices," Cuddy says. "We’re very interested in them. There’s a huge potential there when all the pieces fall into place." For Renton, the issue is not whether PDAs and smartphones offer real productivity benefits, it’s whether a particular employee needs one given the work he or she does. "If there’s a business case for needing a PDA, if the person’s manager approves the requirement, then a device would be provided by the company," he says. It would be a company standard device – Grand & Toy uses both Palms and BlackBerries – and it would be supported by trained help-desk staff. "It’s the personal use requests that we turn down," Renton says. Closing the Flood GatesSo how do you keep a lid on rampant PDA-mania among employees?   It’s a combination of two things, Coffin says – establishing policies and implementing the means to enforce them. Toromont and Grand & Toy have similar policies in place: employees may not connect a device to company computers or networks unless the device is sanctioned by the IT department. Grand & Toy makes the policy available at its employee intranet – to which it refers employees when they make enquiries. Toromont sends out periodic reminders of its policy, including one recently in response to rising demand from employees wanting to use BlackBerries. The message reiterated the policy and laid out reasons why the company was holding off on choosing a standard handheld device. "There’s a reasonably strong awareness among employees that nothing is to be attached that isn’t sanctioned," Cuddy says. "But we still have had a number of situations where people would go out and buy anyway." How the two companies enforce their policies is where they differ. Grand & Toy takes a "straightforward" approach, as Renton puts it. Some might call it hard line. The company "locks down" desktop and laptop computers, using features built into the operating system that prevent employees from installing any software on their own. Since virtually all PDAs and smartphones require that a piece of software be installed on the host computer with which the device is to be synchronized, it means G&T employees cannot attach their own gadgets. "If we didn’t have locked-down computers, we’d have the installs even though employees know it’s against our policy," Renton says. "The whole key is the lock-down." Coffin agrees. "A policy in and of itself," he says, "is just not enough." A lot of his firm’s clients still don’t lock their computers down, Coffin admits, which surprises him. "But the clients who do are far ahead in terms of controlling support costs." Locking down computers is certainly a widely used and widely recommended solution, but IT departments in some companies simply don’t have the political clout to get such a policy accepted, Coffin says. Many business managers insist on having control of the technology their employees use. "IT has often done a poor job of describing the benefits of locking down the system, and the risks of not locking it down," he adds. Enlisting the support of senior executives, especially in organizations where IT is still considered a cost centre, is not enough. "When it comes down to brass tacks," Coffin says, "the chief executives are going to side with the businesses – unless the IT department can show bean counters a business case for the cost and risk involved." The Balancing ActBut is locking down computers always the best solution?  Toromont does not lock down its computers. It has a second policy that deters employees contravening the ban on attaching their own devices, or at least discourages repeat offenders. Help-desk personnel are instructed not to help troubleshoot problems caused by employees trying to install unsanctioned software or connect unsanctioned devices. "End users learn by doing something themselves and causing grief," Cuddy says. "If they try it once and afterwards something doesn’t work – they can’t get into their email for a day – they’re much less likely to do more experimenting on their own." The official explanation for not locking down computers at Toromont is that one of the company’s divisions uses a piece of application software that only works effectively when it has "pretty complete access" to the PC. But there’s more to it. "If you try to lock down everything," Cuddy says, "the real consequence is often lower productivity." He has learned from experience that when you put employees in a computer straightjacket – multiply the security hoops they have to jump through to get access to a device or program, for example – they’ll ultimately refuse to use the technology, or won’t use it as much as they might. "It’s a balancing act," he says. In fact, Cuddy tacitly admits his department will sometimes turn a blind eye to employees using unsanctioned devices. "If it’s not a drain on our resources, we’re not going to spend the time on putting an end to it," he says. "Also, I think we’re getting closer now to a point where we have a corporately supported product line." Watch Your ThumbsAll of this raises another question. Is there a risk in discouraging employees from experimenting with technology that could ultimately improve their productivity?  As we’ve talked about recently in these pages, technological innovation is increasingly entering the enterprise from the consumer side – through exactly this phenomenon of employees bringing technology to work that they initially discovered or acquired on their own as consumers. Most IT departments simply don’t have the resources to investigate all the new technologies flooding in, which is why their first, entirely justifiable, impulse is to throw up barriers. But how often do those barriers prevent employees using technologies that would make them more productive? It’s not a risk with Grand & Toy’s ban on employees attaching their own PDAs and smartphones to computers at work, Renton insists. If an employee could benefit from using a PDA – or, more to the point, if the company would benefit from the employee using such a device – the company will supply it. For Cuddy, it’s a question of striking a balance between being firm about maintaining policies while not unduly frustrating innovative employees. Explaining why the current anti-PDA policies are in place helps do that, he believes. "You have to know how to say no in a positive manner. At the same time, the guys who are frustrated by this, they’re people we like because they’re out there asking, ‘How can I use technology to make me more effective in my job?’" Coffin’s concern is more that business managers already inclined to kick against the kinds of restrictions IT departments see as necessary may be asking exactly these questions. It comes down to which you think is more important, he says – incremental advances in worker productivity or protecting vital corporate desktop and email systems. He doesn’t have any doubt about which is the correct answer. "I think the desktop and email side of the equation wins every time." One thing is certain – employees will continue to want to use PDAs and smartphones. More and more of them are flooding on to the market. As Coffin points out, cell phones – ubiquitous now among business-consumers – are increasingly also PDAs. If your company doesn’t supply them, employees will want to use their own. "Don’t ignore it," is Coffin’s advice. "Put the infrastructure in place so you can be proactive. PDAs being around is a reality, and turning a blind eye is a bad idea."