Tuesday, 30 June 2015

Bring Your Own Device

Welcome to the Wild, Wild West

by Lance Tofsrud

Let’s face it… the average IT department is typically always in a ‘come from behind’ position when it comes to adopting new technologies. But let’s be clear in that it is not because they are trying to be stubborn. BYOD it’s typically because they are tasked with being the sheriff to what could arguably be classified as one of the organizations most valued possessions; its digital assets. These assets, represented by numerous file extensions, databases and content of immeasurable IP value, are placed in their custody and they hear about it when something goes amiss.

So what exactly is BYOD?

It’s much more than the organization allowing their employees to bring their own mobile devices to the workplace; it is a mobility trend that we are seeing primarily geared towards the Enterprise, regardless of size or vertical. There are a number of reasons from both the Enterprise and their employees point of view as to why we believe it is making inroads towards unsuspecting IT departments.

From the Enterprise Perspective

  1. Minimized physical asset costs. Whether or not an organization saves money by having their employees procure their own device is a cost saver is still one of great debate. While you typically save on the procurement costs, there are typically peripheral costs that emerge such as reimbursement of service/data fees back to the employee and there is still the cost to manage and support a device that may or may not adhere to IT standards in regards to preferred platform which the organization has the skills to support technically, operating system version and so on.
  2. Increased focus on work. While they may not state it outright, most organizations realize that there is value in an employee carrying a single device. By packing only one or two personal mobile devices (phone and tablet) there is an increased possibility that the employee will work on company-related tasks during down times such as reading corporate documents when they are taking public transit or catching up on emails on the weekend to reduce the amount they have to tackle on Monday morning.

From the Employees Perspective

  1. Single device to carry. This is very similar to the benefit shared from the Enterprises’ point of view in that they don’t have to pack around both a work and personal device at all times or choose between them. Some people are tied to their phone during non-traditional work hours and by having everything unified on a single device makes sense.
  2. Device of choice. The world no longer has the BlackBerry-centric focus that it once did. With the explosion of consumer devices, people are no longer satisfied being told what device they should be using. We spend a lot of time on these devices, so from a brand preference and ergonomics perspective, the organization should try and meet employees half-way when it is feasible to do so.

So now that we know what BYOD is and some of the perceived value from an Enterprise/Employee perspective lets discuss a couple of the challenges it generates and some of the options open to an organization trying to minimize risk in moving forward with a BYOD policy.

Challenge #1: Managing the device ecosystem

Managing devices that are based on a known standard is a challenge as it is, but as IT is under increasing pressure to recognize employee devices as pseudo-corporate assets that range from a multitude of manufacturers, models and operating systems, that challenge increases a hundred fold. IT now has to not just deliver the same level of security and access to corporate resources, but they now have to support devices they have probably never touched and may not have sufficient internal knowledge to understand the unique characteristics of them.

While you will always need good support analysts to address those issues that cannot always be taken care of by a software solution, there are software products out there that can augment the support process.

MDM: To tame the vast number of both personal and corporately owned mobile assets, IT can employ an MDM, or Mobile Device Management, solution. These server-based solutions are a direct response to issues raised by BYOD. They allow IT to:

  • Track each device registered with the solution and lock them down if lost/stolen or prevent employees from transferring data off the device if their employment is terminated.
  • Secure all corporate and employee devices by partitioning them so that they can remotely wipe corporate assets. In the case of employee devices, only the corporate data and applications are removed from the company partition while their personal data and applications are left untouched.
  • Depending on the product, some also encompass MAM (Mobile Application Management) functionality to allow for the deployment of mobile applications (an excellent feature in that it then allows you to track both device AND mobile application inventory that are deployed and retained in inventory).
  • Network and telephony usage which can be analyzed and reported on for distribution of costs either back to the employee, employee reimbursement or as a pass-through cost to the employees ‘home’ department for payment.
  • Remotely distribute updates to devices; both firmware and application updates.
  • Remote logging which is useful for troubleshooting issues on support tickets.

This is just a high level list but outlines the core features that you can expect from any of the major MDM vendors that currently play in the market.

MAM: Mobile Application Management is a subset of what we are starting to see now as a standard in the majority of the larger MDM solutions. As you might expect, it provides IT with the ability to securely deploy mobile applications and update them as required; typically as a corporate app store providing access to Enterprise-only mobile applications that can then be deployed OTA, or, in the case of BlackBerry, distributed using the BES. Speaking of RIM; they appear to be on the comeback trail with their new Mobile Fusion product which will allow a user to manage devices and deploy mobile applications to all of ‘The Big Three’ operating systems – BlackBerry, iOS and Android.

Challenge #2: Setting policies and standards

This is a challenge that is directed at both the user and the device and due to its intangibility by nature, it could also be considered the largest challenge as it affects the culture and processes of the entire organization, not just IT.

Unfortunately software can’t solve all of our issues and this is one of those exceptions. An organization needs to adopt a governance model that guides the ongoing challenges of mobility within the organization through the establishment of policies, standards and frameworks within which the business and IT can effectively deliver mobile solutions. Establishing a governance framework is no small task and a blog post can’t cover everything in such a small space, but I can recommend that every organization that is looking to make a long term commitment to making mobility work for the organization take governance seriously. It requires a solid commitment from the business, and IT, to work together in establishing the roles, processes and supporting policies to ensure that it is a success for the company as a whole.

Moving Forward

By carefully examining the organizations needs and ensuring there is parity with their employees, and through understanding the balance of how software/hardware solutions can assist you in supporting mobile initiatives in conjunction with a solid governance agenda, it’s just a matter of time before the Wild West is tamed and merges with technical frontier in harmony (that was the last corny euphemism, I promise).

No comments:

Post a Comment