BYOD: What can we learn from China?

In China, companies don't have the luxury of limiting choice

Most of us won't buy the latest iPhone until our two-year wireless contract is up. The smartphone costs too much without the wireless carrier subsidizing it. But that's not true in major Chinese cities such as Hong Kong, Beijing and Shanghai, says Stanley Li, CEO of San Francisco-based Netswitch.

Li has worked overseas for years and watched mobile hysteria consume young professionals. Smartphones from the likes of Samsung, Apple, HTC, Sony Ericsson and others are gobbled up as soon as they hit the market. Consumers are prepared to pay full price, he says, and will buy a new phone every year.

"They change phones like a fashion statement," Li says.

Smartphone owners in China also don't want to carry around an additional corporate phone. That would be like wearing two outfits, with the corporate one being totally outdated. Instead, they're accessing work data from new-fangled phones under emerging corporate policies known as BYOD, or bring-your-own-device. According to Li, BYOD in China is far ahead of BYOD in the United States.

In fact, the United States and Australia can learn some BYOD lessons from China.

Many companies take a narrow view of BYOD and don't support Android devices. The common refrain is that Android is too fragmented and too leaky a vessel to carry sensitive corporate data. The many flavors of Android also can lead to a managerial and native app development headache.

In China, though, companies don't have the luxury of limiting choice, at least not with smartphones-consumers buy new phones on a whim. Last year, Li saw iPhones everywhere. On a business trip there a couple of weeks ago, Li noticed Samsung phones had become super-hot.

Slideshow: 10 Coolest Tech Devices to Bring to Work

Analysts expect the iPhone to rebound in the coming months. "We've been seeing a lot of [Chinese] consumers holding off, waiting for the iPhone 5 as opposed to the iPhone 4S," Ben Cavender, associate principal at China Market Research, told the Wall Street Journal last month.

So how do Chinese companies handle Android's BYOD shortcomings? Chinese companies take a more heterogeneous, browser-based approach to bring a sense of order to a sea of BYOD smartphones. This might mean no VPN or multi-form factor authentication, says Li. "Corporate infrastructure in the U.S. is more secure than in China."

This might lend credence to the possibility that U.S. companies make too much out of the BYOD mobile security risk. "Yes, it's being blown way out of proportion," John Mensel, director of security services at Concept Technology, a 10-year-old IT consulting firm, told

Either way, Chinese companies do a better job of educating workers about using BYOD smartphones. Even U.S. companies say employee education is key to security. Li says many Chinese companies use short two-minute videos and animation to get their point across, whereas U.S companies expect employees to thumb through pages of policy documents.

Netswitch CEO Stanley Li

And who reads those boring policies anyway? Many employees will sign the newly crafted BYOD policy without giving it much thought, which is a shame because they could be signing away their privacy rights. (For more on this topic, check out BYOD: Time to Adjust Your Privacy Expectations.)

Along these lines, Chinese employees have become familiar-maybe even resigned-to the negative consequences of BYOD smartphones, Li says. They already know that carriers, device manufactures and employers may be tracking their location. The company might even know what they're doing on the personal side of the BYOD smartphone. After all, what is that corporate app really doing?

That's not to say that U.S. companies should follow this lead of accepting what could be privacy invasions. Rather, U.S. employees should take their cue from Chinese employees and understand the potential tradeoff between BYOD convenience and privacy.

It's one of a few things BYOD companies and employees in the United States can learn from their Chinese counterparts. In China, BYOD smartphones are simply how things are done. In the United States, it's just beginning.

Tom Kaneshige covers Apple and Consumerization of IT for Follow Tom on Twitter @kaneshige. Follow everything from on Twitter @CIOonline and on Facebook. Email Tom at

Read more about consumer it in CIO's Consumer IT Drilldown.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tom Kaneshige

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts