My former neighbor in St Paul, Bob Beblijk, works as a mechanic for the city. I was surprised to learn from him how normal it was for mechanics to bring their own tools to the jobs. This included wrenches, socket sets, etc. It seemed strange to me, but in Bob’s line of work employers expect it. I thought about what an analogous world would look like in my line of work, and then it occurred to me: Maybe bringing one’s own tools to work was not such a strange notion after all.

Recently, I have been working with a client who wishes to take this approach with their mobile employees. They want employee’s smartphones to work not only as a means of communication with the home office, but also as a host for corporate apps that enable customer-facing employees to guide and make recommendations to clients. They also want to provide peripherals, such as credit card readers, that can enable these employees to complete transactions with customers in the field.

My forward-thinking client is catching an early wave in adopting the reality of our app-driven world. It has not been without its hurdles, though. Not surprisingly, the work force is welcoming the change. Previously, they had to manage a personal device and corporate devices to do all things they can now do with one smartphone. However, there are challenges making it safe, secure, and viable. Here are some of the questions they have asked along the way and how they are addressing each:

1. How do you separate corporate information and personal information on one device? After all, this device could be left in an airport, hotel room, or restaurant. Our client is considering Toggle technology from AT&T. Toggle allows a single device to have two faces, one personal and one corporate. Access to applications is managed from a centralized portal. Loading of upgrades and new applications is also centrally controlled.

2. How do you make credit card transactions PCI-compliant across this mobile environment?  Having a corporate strategy and policy around PCI is mandatory. The customer is using AT&T to develop and audit their environment. My colleague Steve Levinson has blogged extensively about PCI on Networking Exchange. It is a crucial part of the conversation.

3. What happens when the device breaks? Accidents happen. Devices are dropped, exposed to water, or lost at the most inconvenient times. Customers are learning that having a good device management and replacement strategy is paramount. It is also important to have spare parts and devices close at hand so that transactions are not hindered at peak times.

4. What happens when the network is not there? Despite the proliferation of cellular service and WiFi in congested and hard-to-reach locations, there will still be times that transactions will need to be completed offline in the field. The ability to start batch uploads when connectivity is restored is important, along with a way of protecting the customer information while the information needs to be stored.

Like my mechanic neighbor Bob, I am envisioning that bringing your own tools to a knowledge-worker job will someday be the norm. I applaud the early adopters as they forge the rules and procedures needed to make this a happy marriage.

Companies know that by blurring the lines between work and personal there is a twofold effect. First, workers are happier because they can remain in touch with their loved ones while they work. Secondly, employees are more efficient and immensely more productive. This can be a huge win for everybody as long as companies ensure that workers keep corporate and customer information safe too.

Is your business working on BYOD policies? How are you safeguarding company and corporate information while allowing employees to use their smartphones on the job?