(Originally posted June 24, 2012 on my defunct Tulane blog “Texan at Tulane”)

So I have been talking with colleagues about BYOD (Bring Your Own Device) – the buzzword trend of customers who have their own mobile device or such coming to campus.  Some of them want to control the customer through policy or dictate.  It is sort of in our DNA as IT folks that we want to build systems that can do things automatically and we certainly can’t update a DAT file without controlling the network, what devices are allowed on it and what permissions and security the customer must give over to us before they can be on our networks.

This is remnant thinking from times bygone.

Our industry changes in weeks and months now.  We’re in (pick your alternate bad analogy) an era where the tectonic plates are shifting so fast that we can’t really wrap our brain around the new technology before the next technology comes up.  Recently I read an article that argued that the era of strategic planning was over because there isn’t time.

I say this as someone who remembers green bar paper and the state of our industry 30 years ago when I started in IT.  And I know there are a lot of people with better and older technology stories than mine still out there.

Today I was debating something about cell phones with one of colleagues.  He was clinging to the notion that his cell phone number was somehow more private, more personal, more HIS, than his home number.  He has no problem providing his home number to his employer but he is adamant that he does not have to give me his cell number.  And I responded that, in 1992, when I was paying 34 cents a minute, I felt strongly that I got to decide who had the number.  But today, it’s silliness.  Everyone has a cell phone.  The paradigm has shifted (and probably a decade ago).  Landline phones are phasing out, you may pay less for the cell phone and many people just have a cell phone.  It isn’t the same anymore. I did concede that isn’t about the device – it is about access.  I need to know I can reach him when I need to.  I could care less which phone it is.

The network is the foundational element to our IT worlds.  It is also the source of most of our need to control our customers.  But the time is rapidly coming where Bring Your Own Network (BYON) will be the rule, not the exception.  Our customers won’t just bring their own device – they will bring their own network and not care about ours.  Some already do with 3G and 4G wireless devices.  Cellular vendors, at least in urban areas, will be able to overlay our campuses without needing our permission (although we can reach friendly agreements to make sure enough antennas exist to ensure service in difficult or high demand locations).

I rarely bother to connect my iPhone to the WiFi network unless I need something only accessible via the WiFi network (such as larger downloads). Gartner predicts wireless networking will be fast enough and ubiquitous enough in a few years that no one will even think in terms of landlines or network speeds.  So the customer won’t care about our network. The control point for security purposes will be the server edge, not the network edge.

Another thing that goes away is our sense of our right to access someone’s device. We expect to be able to run clients that tell us about their computers. We expect to be able to require access that allows us to push updates onto their computers.  We expect to get their consent to agree to our policies before they are allowed on our networks.

The key though, is that the idea of control is already gone as it applies to our customers.  We may cling to the illusion that we can control them.  We may think there is a reason we need to.  But that horse is out the barn door.  We just haven’t checked the barn lately.  This means we’re going to need to make value propositions and ask people for permission, not demand consent.

We need to recognize the cloud, the BYO device, the BYO network are here now.  We have to find value we can provide in this environment or it will go from a transformative wave to a destructive wave.  We have to understand that the customer is at the center of the equation, not the user on the perimeter of the technical world we run.  We serve them and we have to find ways to empower them, to allow them to access our services when they provide value, not look for ways to ensure our needs – encryption, management, control, load balancing, whatever – are achieved through outmoded control models.