Is it time to bring your own device (BYOD)? Embrace mobile technology safely in the enterprise

Is it time for BYOD?

Should you allow employees to bring their own device (BYOD) to the company? It is a question that raises many others. Will business data be at risk? Can the business save thousands of dollars a year by not purchasing devices? Will employees finally get the latest device they want?

The idea of ​​employees using their own equipment at work is not new. The use of private vehicles for sales representatives, couriers and truck drivers has a long history in the industry. Likewise, business mobility is not new. Companies like Intermec and Motorola have developed suitable mobile devices since the 1970s. What has changed and continues to advance rapidly is the sophistication of consumer mobile devices. These are now more powerful and feature-rich than ever. With the explosion of mobile device technology, early adopters immediately brought the latest devices to the workplace. Before the iPad was launched in Australia, it was used in Australian workplaces to display videos, take notes, and access email. So the big question for businesses is not “should we allow BYOD”, but rather “how do we allow BYOD?”

BYOD strategy success factors

If we explore the analogy of vehicles in the workplace further, you will see some guiding factors that ensure their successful use. First of all, there are situations (dare I say apps) where it may not be appropriate to use a private vehicle. For specialized fields such as mining, police and healthcare, or when a brand is needed, a company vehicle may be more suitable. Second, there are mature policies outlining how a private vehicle can be used. For example, bicycle couriers may receive a delivery fee, while taxi drivers must prepare and repair their vehicle following strict guidelines. Another challenge to consider is that employees expect to be able to use their private vehicle on their own time for their own purposes. So what should the company do to prepare for the BYOD that is already happening? One useful technique is to develop a BYOD strategy that encompasses requirements, risks, policies, and technology.

Current use of mobile technology

The first factor to consider is how your business is currently using mobile technology. The most common responses are phone calls, emails and associated attachments, calendar, Internet, and map services. These features may be low-risk for most, however, consider the specific risk to your business and your data. If a competitor finds a phone, what data could they access? Could a malicious user divulge commercially sensitive information or compromise a government regulation?

Increasingly, companies are already using or planning to use mobile technology to access corporate network and back-end systems. These characteristics of mobility deserve a more detailed review of the requirements and risks. These applications generally fall into the category of web-based applications or rich / native applications. Carefully consider what data and features mobile apps enable. Could a malicious user download all the customer data? Some rich mobile apps are similar to the police car in vehicle analogy and require specific equipment to function properly (eg barcode scan, specific operating system, or use a printer). It can be helpful to document each type of user and the functions and applications they require.

Management of other risks and factors

While the loss of corporate IP and data is of the utmost importance, there are a variety of other factors your business should consider for BYOD, including:

• Cost of support – How will you handle problems on BYOD devices?

• Personal data: what happens if employee data is deleted or accessed?

• Who pays: device, data, calls, and support?

• Short shelf life – With models changing every 6 months, what will your upgrade plan be?

• Employees leaving: cleaning company data?

The right policies for your business

This is a real “horses for courses” question. I’ve worked with small businesses that love technology and use all features, including geofences and remote device control, for support, but they don’t require strict regulations on their data. At the other end of the spectrum, government-regulated industries that only use technology when they have to and all functions must be encrypted and locked. In my opinion, sensible sources should protect the company without hampering productivity and innovation.

When you have a good idea of ​​your requirements, data, and risks, think about the policies your company would like to include regarding mobile devices. In fact, these policies can be appropriate for both BYOD and corporate devices. Most companies have an acceptable use policy for their desktop and / or Internet computers and these can be a good starting point. Don’t just consider technical policies (e.g. security, authentication, password security, and data segregation), think about business as well (i.e. who pays for data, calls, and support).

Manage the mobile fleet

I have seen several organizations where the mobile fleet is out of control and monthly fees are being paid for idle SIM cards on a shelf. Consider all the device models, brands, and operating systems you have in the field. Have a mix of old and new devices, iPhones for executives, and rugged devices in the field?

Just because your business supports BYOD doesn’t mean you need to support all types of consumer devices. Take a look at the most popular consumer device models and consider your business requirements and policies. You can create a whitelist of devices that are suitable.

Support tools and solutions

Once you have a handle on BYOD policies and requirements, you may need to consider a suite of tools like Mobile Device Management (MDM) to help you implement your strategy. Typical MDM features include:

• Application management

• Asset management and life cycle

• Authentication, policy and security management.

An MDM can help segregate personal and corporate data, establish a standard operating environment (SOE), and support device fleets more easily. However, MDMs depend on the features provided by the operating system or the hardware manufacturer. For example, you may be able to view the screen remotely on a Windows mobile device, but an Apple device may not support this feature. Also, some MDM products are offered as a hosted service and others must be installed on your own hardware. Research the toolkits; A good starting point is the Gartner Magic Quadrant for MDM. If you’re thinking about IOS, a great public resource is the Department of Defense’s IOS Boost Guide.

Employees always want to use the best tools and mobile technology is an area that continues to evolve. Be ready for your business to profitably reap the benefits of mobility. Develop a BYOD strategy that considers requirements, risks, policies, and technology. Keep in mind that BYOD is happening, but it may not be suitable for all mobile business needs.

BYOD can follow:

• Phone calls

• Email

• Web-based applications

• Simple workflow style applications

• Reports and business intelligence

BYOD may not follow:

• Applications that depend on rich device integration such as RFID, scanning, keyboard or pen

• When a specific operating system or API is required.

• Scenarios where a rugged or IP-rated device is required

• Where the business process is fully connected on the device