SlideShare a Scribd company logo

BYOD 6 Essentials for Success

D
DMIMarketing

With more than 500,000 devices under management, DMI is tackling BYOD challenges for some of the world's largest and most successful companies. And our services deliver real ROI--saving many of our clients 20% compared to internal management and support costs. Now we've distilled 9 years of BYOD best practices into a white paper you can download. The paper lays out the critical policy, technology, security and governance issues you need to consider if you’re going to securely manage employee-owned devices. We offer a full line of Managed Mobility Services: BYOD, MDM, Mobile Helpdesk, Mobile App Development, Mobile Strategy, Security and much more. Please let us know if you'd like to learn more about them on the download form.

Technology
1 of 9
Download to read offline
BYOD: SIX ESSENTIALS FOR SUCCESS The BYOD (Bring Your Own Device) consumerization of IT is here to stay. The allure of incredibly powerful, easy-to-use handheld devices, constant global connectivity, and an app for everything have given rise to a stunning consumer-driven transformation of the IT landscape. According to IDC, 56% of the business smartphones shipped in 2013 will be employee-owned.1 By 2016, up to 85% of enterprise employees worldwide will be using smartphones or tablets—as high as 95% at many large corporations.2 But as thousands of unmanaged devices connect to networks, CIOs are losing sleep, and IT organizations are struggling to catch up. In the “old world” of laptop PCs, it was already difficult for IT to safeguard networks, keep track of corporate data and protect it from loss or theft—even with near total control of procurement, provisioning and security for PCs. With the BYOD phenomenon, employees are making their own purchasing and provisioning decisions without concern for security or support. Without enhanced protection, these devices are less secure than PCs, and their small form factor makes them particularly susceptible to loss and theft. This paper outlines 6 essential factors that must be considered to create a successful enterprise- wide BYOD strategy and policy. It outlines several key issues that must be addressed to arrive at secure, usable, manageable mobile solutions. This is much more than a technology challenge. Business policy, legal policy, management and governance are all involved, along with technology selection and deployment. BYOD solutions will vary widely from organization to organization, but the issues that all enterprises must address are outlined here. 1 IDC Research, November 2011 2 ABI Research, “Enterprise Mobility Management Services for Smartphones and Media Tablets,” October 2011 DMI WHITE PAPER 1
BYOD: Six Essentials for Success Essential 1: Understand Your Current Environment and Business Requirements Successful execution of a BYOD strategy requires the development of a comprehensive framework of policies to cover the business, legal, technical and governance issues that arise when integrating employee-owned devices into the enterprise. But these policies cannot be developed without a clear assessment of the current environment and a roadmap for future requirements. Gathering information from management and directly surveying users will help build a meaningful picture of the current environment and guide the development of BYOD and broader mobile device policies. A few key questions include: What is a company’s goal for implementing a BYOD policy? It is employee satisfaction, flexibility, cost savings, or some other objective? What distinct segments of mobile users can be identified in the organization? What information and applications need to be accessed by each of those segments? What levels of security will need to be applied to this information? What are the data usage requirements of each user segment? What travel requirements and other environmental factors need to be considered? These questions only scratch the surface of the information needed to develop a useful understanding of the current environment, but they offer a glance at the sort of picture that needs to be painted in order to develop policies that map to real business requirements. Once an understanding of the current environment and future requirements is developed, it’s time to draft the policies that will govern the introduction and use of employee-owned devices within the organization. DMI WHITE PAPER 2
BYOD: Six Essentials for Success Essential 2: Build a Business Policy Framework Armed with an understanding of user and security requirements, a policy framework can be drafted to address the following business policy questions: SOURCING: Can employees purchase devices anywhere or just from preferred vendors? This policy may well vary based on user segment and location, with varying data usage needs, travel, environmental, security and other requirements factored in. Executives might be encouraged or required to purchase from one set of devices, sales from different set, and mobile service personnel from yet another. SUPPORTING DEVICES: This is one of the most important but often overlooked aspects of a BYOD policy. It’s unrealistic to expect your IT team to support every device that could be purchased by employees. IT will need to determine which devices it is willing to support. It may be that a tiered structure is called for—no support for “not-allowed” devices, limited support for “allowed devices,” and a higher level of support for “recommended” devices. GEO-FENCING: It may be that security or data use requirements necessitate policies to govern device use within predefined geographical areas. Everything might be allowable in your native region, but in other areas restrictions might apply that govern data usage levels, data access levels, or both. BANDWIDTH THROTTLING: For corporate-sponsored data plans, will bandwidth be limited to a predetermined level for various user segments? What happens when limits are met? Is data cut off? Is the employee required to secure special approval or to pay for data use beyond a certain limit? Which policies apply to which user segments? There could be exceptions to policies, for example policies for employees who are travelling internationally might be different from domestic policies. BUSINESS SUPPORT VS. PERSONAL SUPPORT: For an employee-owned device that accesses personal data and applications as well as business data and applications, how far will IT support extend? Will the organization support all calls from the employee about the device? What constitutes a personal support issue vs. a corporate support issue? Does the policy vary by user segment? DEVICE LOSS: If an employee-owned device is lost, stolen or broken while being used for business, what’s the policy? Can data be wiped from the device? How much control does IT have? Can they try to locate the device? How do you tread the fine line between privacy and security? And for employee-owned devices, what’s the policy for replacement or repair? Many companies view BYOD as a cost-saving initiative but based on how these questions are answered it may actually increase costs. REIMBURSEMENT: How will employees be reimbursed for devices and/or data plans? A broad range of options exist, from total coverage of devices and unlimited data, to reimbursing employees for data expenses up to a certain preset level. Do employees submit a reimbursement for their expenses or do they get a fixed amount/allowance? What happens when employees exceed the data plan? Once again, different policies are likely to apply to different user segments. DMI WHITE PAPER 3
BYOD: Six Essentials for Success Essential 3: Build a Legal Policy Framework The introduction of employee-owned devices into the enterprise environment, and the presence of enterprise data on personal devices, will immediately give rise to legal issues. Policies must be outlined in advance to avoid costly mistakes. RESPONSIBILITIES: Does an employee using a device with corporate apps and data have a certain responsibility to protect the device? What if reasonable or required precautions are not taken to protect the device? What if they are but information is still compromised? RIGHTS: What rights does the employee have to protect his/her private data? What rights does the organization have to protect its data? What if a disgruntled employee leaves the company with a device that contains—or may contain—sensitive corporate information? What actions can the company take to protect itself? Can an organization delete information and applications housed within a secure corporate container at any time without notice? The legal rights of employees and organizations differ from country to country and have to be customized to meet applicable regulatory and privacy requirements. LIABILITY: Is the company liable if some action on its part results in exposure or loss of private data? Is the employee liable if corporate information is lost? What if the employee is following the required security policy, like password protecting the device? Does that remove liability? In a different vein, is the company liable if the employee uses his/her device for illegal/unethical practices in personal time? DMI WHITE PAPER 4
BYOD: Six Essentials for Success Essential 4: Build a Security and Technical Policy Framework Technical issues abound for BYOD implementations. As is the case for business and legal policies, no single approach is best for all organizations, environments and users. Regardless of your specific business characteristics, the following issues should be considered in light of user segmentation and business and security requirements. DEVICE ACQUISITION: When employees purchase new devices, technical considerations may influence policy for device acquisition. Specific hardware or operating system requirements may favor the purchase of particular devices, may influence the selection of a particular vendor, or may require a particular vendor to supply devices that have already been provisioned to your organization’s specifications. SECURITY: One of the most challenging technical issues in BYOD is balancing security and risk. A successful IT strategy for BYOD security might involve applying different security policies and technologies to different user segments. IT security requirements for a typical employee accessing e-mail could reasonably be lower than those for an executive accessing sensitive enterprise data. Applying the same security policy to both user segments could be unwieldy and expensive. At the same time, however, applying multiple policies and technologies can be complicated and must be carefully coordinated by IT. A broad range of security technologies can be applied as needed: physical device security; secure containers and sandboxes to isolate sensitive data and applications; solutions to protect data at rest and data in transit; solutions to safeguard network connectivity. An in-depth discussion of these technologies is beyond the scope of this white paper. The point is that these technologies and solutions will need to be mapped to specific user segment security requirements. SPECTRUM OF MOBILE DEVICE SECURITY OPTIONS SECURITY REQUIREMENTS BY SEGMENT This concept is represented in the accompanying spider chart. Each user segment is likely to have a distinct security requirements map. One segment may have a high requirement for secure email and productivity tools while another may need secure access to a set of custom apps. All might need a certain level of security applied to the mobile device itself. Technologies deployed—and associated costs—will apply accordingly. DMI WHITE PAPER 5
BYOD: Six Essentials for Success DEVICE PARTITIONS: This user segment-based approach maps well to the use of device partitions and personas to support flexible application of security privileges. A growing number of devices are designed to support multiple user personas. Secure containers can also be used to isolate the data and applications associated with each persona, simplifying the assignment and ongoing maintenance of user access controls. APPLICATION MANAGEMENT AND DEVELOPMENT STANDARDS: Management policies need to be established to ensure the right level of control on each app based on its sensitivity and use. Access to certain apps and data could be blocked if they are not relevant to a certain role. Perhaps an individual app should be geo-fenced rather that the device? What about time-fencing apps so they are not used outside business hours? To support the user segmentation-based security and provisioning model, application development standards will need to be developed. Securing email is relatively easy. But to secure mobile apps and data at rest and in transit, apps should be developed to fit into a more scalable and secure app model. One approach is to create a container on the user’s device which functions as a shield around the data and apps which reside within it. A composite app resides in that container, and a set of granular apps sit inside the composite app. When a user is provisioned, they are granted access to the appropriate container(s) and composite app(s) based on the user’s persona. If the container is secure, the apps and data are secure. The standards and architecture implemented will impact app distribution, employee-owned device management and security management. This container/composite app model can greatly simplify app provisioning and maintenance. But the standards for app development need to be established up front to ensure that the full range of enterprise apps is consistent with the model. DATA ACCESS: Data access policies will also need to be established. This is true for both company- owned and employee-owned devices, but employee ownership introduces an added layer of complexity and need for governance. Key questions that will need to be addressed are: Will the company offer corporate WiFi access to supplement the broadband access being purchased from a telco? While this may be practical for many organizations, physical layouts, geographical distribution and building structural issues may drive different decisions. What level of broadband access is the company willing to pay for, and what are the bandwidth requirements of the different user segments? Is 3G adequate? Is 4G necessary? For which users? DMI WHITE PAPER 6
BYOD: Six Essentials for Success Essential 5: Build a Plan for Successful Policy Implementation Employee ownership of devices introduces a unique set of challenges and requirements when it comes to policy implementation: SELF-PROVISIONING: The most obvious challenge with employee-owned devices is that the company doesn’t typically have access to the device. So, mechanisms must be set up to enable employee-owned phones, tablets and other devices to be provisioned by the users themselves. USER PROFILES: A solution must be in place to link individual employees with their user profiles— probably based on an AD/LDAP access control system and set of policies around individual membership in groups and group access to various data and apps. AUTO-CERTIFICATION: With employees connecting to the network and provisioning their own devices, the technology and process for automatically certifying that the device has a container needs to be established. Further, the company needs to be able to ascertain that the device is connected through the container. EMPLOYEE SELF SERVICE: Since organizations cannot typically take possession of employee- owned devices, it is essential that employees can provision and service devices through a “single self-service window.” Device and data plan management, usage tracking, and access to corporate applications that are authorized for individual personas all should be included. Without simple, integrated, single-window service, employees may wind up frustrated and unhappy, while IT is bogged down in an overwhelming stream of support calls. TELEWORKING: An organization’s virtual desktop and unified communication strategy should extend to mobile devices. In fact, mobile devices, particularly those with larger form factors, provide a logical setting for enabling teleworking. A comprehensive BYOD strategy and policy should encompass teleworking as well. Essential 6: Provide for Ongoing Governance to Maintain and Evolve Your BYOD Policy As with any new initiative of this magnitude, a BYOD policy must evolve as new factors and considerations emerge. To do so, a governance model is necessary – one that measures and monitors key factors such as cost, security breaches, lost phones, jailbreaks, etc. The definition of a BYOD governance model is beyond the scope of this paper, but suffice it to say that a BYOD strategy and policy is only as effective as the measures that are implemented through a governance model. DMI WHITE PAPER 7
BYOD: Six Essentials for Success Conclusion Harnessing the power of employee-owned devices can deliver tremendous advantages to the organizations that do it successfully. Keys to success include establishing a solid foundational understanding of the current environment; developing a clear set of business, legal, and technical policies; executing a well-defined implementation plan; and providing for ongoing governance and evolution of policies. Experienced enterprise mobility management service providers who have successfully guided organizations through the creation of BYOD programs can offer vital assistance in the process, anticipating challenges and opportunities, and avoiding costly missteps. The BYOD opportunity is here. The right partner and planning can help you seize it. DMI and Successful BYOD Management DMI is the world’s leading provider of enterprise mobility services and solutions. We have been providing Managed Mobility Services for the past 9 years to a growing set of commercial and government customers. Our comprehensive Managed Mobility Services portfolio includes: Mobile Strategy Consulting 24 x 7 Mobile Help Desk 24 x 7 Mobile Device and Solution Management Service Mobile Device Logistics MDM Solution Implementation, Upgrades, Health checks and Assessments Mobility Solution Training We partner with the leading software and hardware vendors in the industry. Our partnerships include MDM vendors such as MobileIron, AirWatch, Fixmo, Good Platform, BlackBerry UDS/BDS/ BES, as well as platform and hardware vendors such as Apple, Samsung, Google and Microsoft. We also build enterprise class mobile solutions that generate results for the world’s top brands and businesses. Our mobile solutions combine the award-winning user experience design that has made us one of the top creators of consumer apps, with the deep middleware and engineering expertise that we’ve used to build and manage enterprise applications for the most demanding IT departments in the world. DMI mobility solutions improve business processes, tap new revenue streams, build customer loyalty, and increase employee productivity. DMI WHITE PAPER 8
BYOD: Six Essentials for Success The Proof: We have 500,000 devices under management for more than 100 clients, including many Fortune 500 companies—like BP, Johnson & Johnson, Sears, The Associated Press, Allergan, and more. At BP, we’re deploying 1,000 managed mobile devices each day. We provide 24 x 7 x 365 mobile service support for more than 500,000 users. DMI is the one call our customers need to make to resolve any issue—devices, apps, infrastructure, and even carrier problems. We offer a full range of security options that include Federal-grade hardware-based security, two-factor authentication, secure container, and sophisticated encryption solutions. With our expertise and economies of scale, we can provide mobility management at a higher service level and on average 20% lower cost than most companies can do on their own. Pervasive excellence is our commitment to quality service. We’ve built more than 400 mobile apps—in the past 12 months alone—for more than 150 leading organizations—like Disney, Coca-Cola, Toyota, Vodafone, P&G, The National Guard, and Universal Studios. We offer brilliant creative and user experience: Our mobile app development group was named the Best Branded App Developer at the 2012 Mobile Entertainment Awards. We are a Google Platform partner and Apple Consultant. DMI is one of only a handful of companies that is CMMI L3 appraised for both application development and services, as well as ISO 9001:2008, ISO 27001:2005, and ISO 20000-1:2011 certified. Our average D&B Open Ratings performance score from our clients is 94/100. Contact DMI today to learn how our Managed Mobility Services can deliver worry-free security, easy management, and reduced costs for your enterprise. DMI DMI Sales Team One Rock Spring Plaza U.S. Sales: 855.963.2099 6550 Rock Spring Dr Intn’l Sales: 240.200.5848 Bethesda, MD 20817 sales@DMInc.com DMInc.com ©2013 Digital Management, Inc. All right reserved. DMI WHITE PAPER 9

Recommended

Bitacora 6
Bitacora 6Bitacora 6
Bitacora 6Denny Villalobos Martinez
 
Darab pecahan
Darab pecahanDarab pecahan
Darab pecahansedihero
 
Bitacora 5
Bitacora 5Bitacora 5
Bitacora 5Denny Villalobos Martinez
 
Bitacora 7
Bitacora 7Bitacora 7
Bitacora 7Denny Villalobos Martinez
 
Notas sin-palabras-36
Notas sin-palabras-36Notas sin-palabras-36
Notas sin-palabras-36Ministerio Infantil Arcoiris
 
A very special date
A very special dateA very special date
A very special dateDenny Villalobos Martinez
 
Flor de fango
Flor de fangoFlor de fango
Flor de fangoDenny Villalobos Martinez
 
Flor de fango
Flor de fangoFlor de fango
Flor de fangoDenny Villalobos Martinez
 

Recommended

Bitacora 6
Bitacora 6Bitacora 6
Bitacora 6Denny Villalobos Martinez
 
Darab pecahan
Darab pecahanDarab pecahan
Darab pecahansedihero
 
Bitacora 5
Bitacora 5Bitacora 5
Bitacora 5Denny Villalobos Martinez
 
Bitacora 7
Bitacora 7Bitacora 7
Bitacora 7Denny Villalobos Martinez
 
Notas sin-palabras-36
Notas sin-palabras-36Notas sin-palabras-36
Notas sin-palabras-36Ministerio Infantil Arcoiris
 
A very special date
A very special dateA very special date
A very special dateDenny Villalobos Martinez
 
Flor de fango
Flor de fangoFlor de fango
Flor de fangoDenny Villalobos Martinez
 
Flor de fango
Flor de fangoFlor de fango
Flor de fangoDenny Villalobos Martinez
 
Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)DMIMarketing
 
SAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.xSAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.xDMIMarketing
 
Data Driven Mobile Strategy
Data Driven Mobile StrategyData Driven Mobile Strategy
Data Driven Mobile StrategyDMIMarketing
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
BYOD: Six Essentials for Success
BYOD: Six Essentials for SuccessBYOD: Six Essentials for Success
BYOD: Six Essentials for SuccessDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...DMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...DMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...DMIMarketing
 
6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your App6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your AppDMIMarketing
 
Driving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & SitesDriving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & SitesDMIMarketing
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Mobile World Congress - Report
Mobile World Congress - ReportMobile World Congress - Report
Mobile World Congress - ReportDMIMarketing
 
Enterprise Mobile Strategy
Enterprise Mobile StrategyEnterprise Mobile Strategy
Enterprise Mobile StrategyDMIMarketing
 
Secure Trustworthy Enterprise
Secure Trustworthy EnterpriseSecure Trustworthy Enterprise
Secure Trustworthy EnterpriseDMIMarketing
 
Game Changing IT Solutions
Game Changing IT SolutionsGame Changing IT Solutions
Game Changing IT SolutionsDMIMarketing
 
Buckle Up
Buckle UpBuckle Up
Buckle UpDMIMarketing
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

More Related Content

More from DMIMarketing

Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)DMIMarketing
 
SAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.xSAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.xDMIMarketing
 
Data Driven Mobile Strategy
Data Driven Mobile StrategyData Driven Mobile Strategy
Data Driven Mobile StrategyDMIMarketing
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
BYOD: Six Essentials for Success
BYOD: Six Essentials for SuccessBYOD: Six Essentials for Success
BYOD: Six Essentials for SuccessDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise AppsDMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...DMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...DMIMarketing
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...DMIMarketing
 
6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your App6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your AppDMIMarketing
 
Driving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & SitesDriving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & SitesDMIMarketing
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Mobile World Congress - Report
Mobile World Congress - ReportMobile World Congress - Report
Mobile World Congress - ReportDMIMarketing
 
Enterprise Mobile Strategy
Enterprise Mobile StrategyEnterprise Mobile Strategy
Enterprise Mobile StrategyDMIMarketing
 
Secure Trustworthy Enterprise
Secure Trustworthy EnterpriseSecure Trustworthy Enterprise
Secure Trustworthy EnterpriseDMIMarketing
 
Game Changing IT Solutions
Game Changing IT SolutionsGame Changing IT Solutions
Game Changing IT SolutionsDMIMarketing
 

More from DMIMarketing (19)

Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)Portal Integration with SAP BusinessObjects (SDK)
Portal Integration with SAP BusinessObjects (SDK)
 
SAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.xSAP BusinessObjects 4.x Upgrade / Migration to 4.x
SAP BusinessObjects 4.x Upgrade / Migration to 4.x
 
Data Driven Mobile Strategy
Data Driven Mobile StrategyData Driven Mobile Strategy
Data Driven Mobile Strategy
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
BYOD: Six Essentials for Success
BYOD: Six Essentials for SuccessBYOD: Six Essentials for Success
BYOD: Six Essentials for Success
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part III - Enterprise Apps
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part II - Enterprise Apps
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise AppsEssential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
Essential Guide to Becoming A Mobile App Rock Star - part I - Enterprise Apps
 
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
Essential Guide to Becoming A Mobile App Rock Star - part III - Consumer-faci...
 
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
Essential Guide to Becoming A Mobile App Rock Star - part II - Consumer-facin...
 
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
Essential Guide to Becoming A Mobile App Rock Star - part I - Consumer-facing...
 
6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your App6 Ways to Shake Up Social in Your App
6 Ways to Shake Up Social in Your App
 
Driving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & SitesDriving Traffic to Your Mobile Apps & Sites
Driving Traffic to Your Mobile Apps & Sites
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Mobile World Congress - Report
Mobile World Congress - ReportMobile World Congress - Report
Mobile World Congress - Report
 
Enterprise Mobile Strategy
Enterprise Mobile StrategyEnterprise Mobile Strategy
Enterprise Mobile Strategy
 
Secure Trustworthy Enterprise
Secure Trustworthy EnterpriseSecure Trustworthy Enterprise
Secure Trustworthy Enterprise
 
Game Changing IT Solutions
Game Changing IT SolutionsGame Changing IT Solutions
Game Changing IT Solutions
 
Buckle Up
Buckle UpBuckle Up
Buckle Up
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

BYOD 6 Essentials for Success

  • 1. BYOD: SIX ESSENTIALS FOR SUCCESS The BYOD (Bring Your Own Device) consumerization of IT is here to stay. The allure of incredibly powerful, easy-to-use handheld devices, constant global connectivity, and an app for everything have given rise to a stunning consumer-driven transformation of the IT landscape. According to IDC, 56% of the business smartphones shipped in 2013 will be employee-owned.1 By 2016, up to 85% of enterprise employees worldwide will be using smartphones or tablets—as high as 95% at many large corporations.2 But as thousands of unmanaged devices connect to networks, CIOs are losing sleep, and IT organizations are struggling to catch up. In the “old world” of laptop PCs, it was already difficult for IT to safeguard networks, keep track of corporate data and protect it from loss or theft—even with near total control of procurement, provisioning and security for PCs. With the BYOD phenomenon, employees are making their own purchasing and provisioning decisions without concern for security or support. Without enhanced protection, these devices are less secure than PCs, and their small form factor makes them particularly susceptible to loss and theft. This paper outlines 6 essential factors that must be considered to create a successful enterprise- wide BYOD strategy and policy. It outlines several key issues that must be addressed to arrive at secure, usable, manageable mobile solutions. This is much more than a technology challenge. Business policy, legal policy, management and governance are all involved, along with technology selection and deployment. BYOD solutions will vary widely from organization to organization, but the issues that all enterprises must address are outlined here. 1 IDC Research, November 2011 2 ABI Research, “Enterprise Mobility Management Services for Smartphones and Media Tablets,” October 2011 DMI WHITE PAPER 1
  • 2. BYOD: Six Essentials for Success Essential 1: Understand Your Current Environment and Business Requirements Successful execution of a BYOD strategy requires the development of a comprehensive framework of policies to cover the business, legal, technical and governance issues that arise when integrating employee-owned devices into the enterprise. But these policies cannot be developed without a clear assessment of the current environment and a roadmap for future requirements. Gathering information from management and directly surveying users will help build a meaningful picture of the current environment and guide the development of BYOD and broader mobile device policies. A few key questions include: What is a company’s goal for implementing a BYOD policy? It is employee satisfaction, flexibility, cost savings, or some other objective? What distinct segments of mobile users can be identified in the organization? What information and applications need to be accessed by each of those segments? What levels of security will need to be applied to this information? What are the data usage requirements of each user segment? What travel requirements and other environmental factors need to be considered? These questions only scratch the surface of the information needed to develop a useful understanding of the current environment, but they offer a glance at the sort of picture that needs to be painted in order to develop policies that map to real business requirements. Once an understanding of the current environment and future requirements is developed, it’s time to draft the policies that will govern the introduction and use of employee-owned devices within the organization. DMI WHITE PAPER 2
  • 3. BYOD: Six Essentials for Success Essential 2: Build a Business Policy Framework Armed with an understanding of user and security requirements, a policy framework can be drafted to address the following business policy questions: SOURCING: Can employees purchase devices anywhere or just from preferred vendors? This policy may well vary based on user segment and location, with varying data usage needs, travel, environmental, security and other requirements factored in. Executives might be encouraged or required to purchase from one set of devices, sales from different set, and mobile service personnel from yet another. SUPPORTING DEVICES: This is one of the most important but often overlooked aspects of a BYOD policy. It’s unrealistic to expect your IT team to support every device that could be purchased by employees. IT will need to determine which devices it is willing to support. It may be that a tiered structure is called for—no support for “not-allowed” devices, limited support for “allowed devices,” and a higher level of support for “recommended” devices. GEO-FENCING: It may be that security or data use requirements necessitate policies to govern device use within predefined geographical areas. Everything might be allowable in your native region, but in other areas restrictions might apply that govern data usage levels, data access levels, or both. BANDWIDTH THROTTLING: For corporate-sponsored data plans, will bandwidth be limited to a predetermined level for various user segments? What happens when limits are met? Is data cut off? Is the employee required to secure special approval or to pay for data use beyond a certain limit? Which policies apply to which user segments? There could be exceptions to policies, for example policies for employees who are travelling internationally might be different from domestic policies. BUSINESS SUPPORT VS. PERSONAL SUPPORT: For an employee-owned device that accesses personal data and applications as well as business data and applications, how far will IT support extend? Will the organization support all calls from the employee about the device? What constitutes a personal support issue vs. a corporate support issue? Does the policy vary by user segment? DEVICE LOSS: If an employee-owned device is lost, stolen or broken while being used for business, what’s the policy? Can data be wiped from the device? How much control does IT have? Can they try to locate the device? How do you tread the fine line between privacy and security? And for employee-owned devices, what’s the policy for replacement or repair? Many companies view BYOD as a cost-saving initiative but based on how these questions are answered it may actually increase costs. REIMBURSEMENT: How will employees be reimbursed for devices and/or data plans? A broad range of options exist, from total coverage of devices and unlimited data, to reimbursing employees for data expenses up to a certain preset level. Do employees submit a reimbursement for their expenses or do they get a fixed amount/allowance? What happens when employees exceed the data plan? Once again, different policies are likely to apply to different user segments. DMI WHITE PAPER 3
  • 4. BYOD: Six Essentials for Success Essential 3: Build a Legal Policy Framework The introduction of employee-owned devices into the enterprise environment, and the presence of enterprise data on personal devices, will immediately give rise to legal issues. Policies must be outlined in advance to avoid costly mistakes. RESPONSIBILITIES: Does an employee using a device with corporate apps and data have a certain responsibility to protect the device? What if reasonable or required precautions are not taken to protect the device? What if they are but information is still compromised? RIGHTS: What rights does the employee have to protect his/her private data? What rights does the organization have to protect its data? What if a disgruntled employee leaves the company with a device that contains—or may contain—sensitive corporate information? What actions can the company take to protect itself? Can an organization delete information and applications housed within a secure corporate container at any time without notice? The legal rights of employees and organizations differ from country to country and have to be customized to meet applicable regulatory and privacy requirements. LIABILITY: Is the company liable if some action on its part results in exposure or loss of private data? Is the employee liable if corporate information is lost? What if the employee is following the required security policy, like password protecting the device? Does that remove liability? In a different vein, is the company liable if the employee uses his/her device for illegal/unethical practices in personal time? DMI WHITE PAPER 4
  • 5. BYOD: Six Essentials for Success Essential 4: Build a Security and Technical Policy Framework Technical issues abound for BYOD implementations. As is the case for business and legal policies, no single approach is best for all organizations, environments and users. Regardless of your specific business characteristics, the following issues should be considered in light of user segmentation and business and security requirements. DEVICE ACQUISITION: When employees purchase new devices, technical considerations may influence policy for device acquisition. Specific hardware or operating system requirements may favor the purchase of particular devices, may influence the selection of a particular vendor, or may require a particular vendor to supply devices that have already been provisioned to your organization’s specifications. SECURITY: One of the most challenging technical issues in BYOD is balancing security and risk. A successful IT strategy for BYOD security might involve applying different security policies and technologies to different user segments. IT security requirements for a typical employee accessing e-mail could reasonably be lower than those for an executive accessing sensitive enterprise data. Applying the same security policy to both user segments could be unwieldy and expensive. At the same time, however, applying multiple policies and technologies can be complicated and must be carefully coordinated by IT. A broad range of security technologies can be applied as needed: physical device security; secure containers and sandboxes to isolate sensitive data and applications; solutions to protect data at rest and data in transit; solutions to safeguard network connectivity. An in-depth discussion of these technologies is beyond the scope of this white paper. The point is that these technologies and solutions will need to be mapped to specific user segment security requirements. SPECTRUM OF MOBILE DEVICE SECURITY OPTIONS SECURITY REQUIREMENTS BY SEGMENT This concept is represented in the accompanying spider chart. Each user segment is likely to have a distinct security requirements map. One segment may have a high requirement for secure email and productivity tools while another may need secure access to a set of custom apps. All might need a certain level of security applied to the mobile device itself. Technologies deployed—and associated costs—will apply accordingly. DMI WHITE PAPER 5
  • 6. BYOD: Six Essentials for Success DEVICE PARTITIONS: This user segment-based approach maps well to the use of device partitions and personas to support flexible application of security privileges. A growing number of devices are designed to support multiple user personas. Secure containers can also be used to isolate the data and applications associated with each persona, simplifying the assignment and ongoing maintenance of user access controls. APPLICATION MANAGEMENT AND DEVELOPMENT STANDARDS: Management policies need to be established to ensure the right level of control on each app based on its sensitivity and use. Access to certain apps and data could be blocked if they are not relevant to a certain role. Perhaps an individual app should be geo-fenced rather that the device? What about time-fencing apps so they are not used outside business hours? To support the user segmentation-based security and provisioning model, application development standards will need to be developed. Securing email is relatively easy. But to secure mobile apps and data at rest and in transit, apps should be developed to fit into a more scalable and secure app model. One approach is to create a container on the user’s device which functions as a shield around the data and apps which reside within it. A composite app resides in that container, and a set of granular apps sit inside the composite app. When a user is provisioned, they are granted access to the appropriate container(s) and composite app(s) based on the user’s persona. If the container is secure, the apps and data are secure. The standards and architecture implemented will impact app distribution, employee-owned device management and security management. This container/composite app model can greatly simplify app provisioning and maintenance. But the standards for app development need to be established up front to ensure that the full range of enterprise apps is consistent with the model. DATA ACCESS: Data access policies will also need to be established. This is true for both company- owned and employee-owned devices, but employee ownership introduces an added layer of complexity and need for governance. Key questions that will need to be addressed are: Will the company offer corporate WiFi access to supplement the broadband access being purchased from a telco? While this may be practical for many organizations, physical layouts, geographical distribution and building structural issues may drive different decisions. What level of broadband access is the company willing to pay for, and what are the bandwidth requirements of the different user segments? Is 3G adequate? Is 4G necessary? For which users? DMI WHITE PAPER 6
  • 7. BYOD: Six Essentials for Success Essential 5: Build a Plan for Successful Policy Implementation Employee ownership of devices introduces a unique set of challenges and requirements when it comes to policy implementation: SELF-PROVISIONING: The most obvious challenge with employee-owned devices is that the company doesn’t typically have access to the device. So, mechanisms must be set up to enable employee-owned phones, tablets and other devices to be provisioned by the users themselves. USER PROFILES: A solution must be in place to link individual employees with their user profiles— probably based on an AD/LDAP access control system and set of policies around individual membership in groups and group access to various data and apps. AUTO-CERTIFICATION: With employees connecting to the network and provisioning their own devices, the technology and process for automatically certifying that the device has a container needs to be established. Further, the company needs to be able to ascertain that the device is connected through the container. EMPLOYEE SELF SERVICE: Since organizations cannot typically take possession of employee- owned devices, it is essential that employees can provision and service devices through a “single self-service window.” Device and data plan management, usage tracking, and access to corporate applications that are authorized for individual personas all should be included. Without simple, integrated, single-window service, employees may wind up frustrated and unhappy, while IT is bogged down in an overwhelming stream of support calls. TELEWORKING: An organization’s virtual desktop and unified communication strategy should extend to mobile devices. In fact, mobile devices, particularly those with larger form factors, provide a logical setting for enabling teleworking. A comprehensive BYOD strategy and policy should encompass teleworking as well. Essential 6: Provide for Ongoing Governance to Maintain and Evolve Your BYOD Policy As with any new initiative of this magnitude, a BYOD policy must evolve as new factors and considerations emerge. To do so, a governance model is necessary – one that measures and monitors key factors such as cost, security breaches, lost phones, jailbreaks, etc. The definition of a BYOD governance model is beyond the scope of this paper, but suffice it to say that a BYOD strategy and policy is only as effective as the measures that are implemented through a governance model. DMI WHITE PAPER 7
  • 8. BYOD: Six Essentials for Success Conclusion Harnessing the power of employee-owned devices can deliver tremendous advantages to the organizations that do it successfully. Keys to success include establishing a solid foundational understanding of the current environment; developing a clear set of business, legal, and technical policies; executing a well-defined implementation plan; and providing for ongoing governance and evolution of policies. Experienced enterprise mobility management service providers who have successfully guided organizations through the creation of BYOD programs can offer vital assistance in the process, anticipating challenges and opportunities, and avoiding costly missteps. The BYOD opportunity is here. The right partner and planning can help you seize it. DMI and Successful BYOD Management DMI is the world’s leading provider of enterprise mobility services and solutions. We have been providing Managed Mobility Services for the past 9 years to a growing set of commercial and government customers. Our comprehensive Managed Mobility Services portfolio includes: Mobile Strategy Consulting 24 x 7 Mobile Help Desk 24 x 7 Mobile Device and Solution Management Service Mobile Device Logistics MDM Solution Implementation, Upgrades, Health checks and Assessments Mobility Solution Training We partner with the leading software and hardware vendors in the industry. Our partnerships include MDM vendors such as MobileIron, AirWatch, Fixmo, Good Platform, BlackBerry UDS/BDS/ BES, as well as platform and hardware vendors such as Apple, Samsung, Google and Microsoft. We also build enterprise class mobile solutions that generate results for the world’s top brands and businesses. Our mobile solutions combine the award-winning user experience design that has made us one of the top creators of consumer apps, with the deep middleware and engineering expertise that we’ve used to build and manage enterprise applications for the most demanding IT departments in the world. DMI mobility solutions improve business processes, tap new revenue streams, build customer loyalty, and increase employee productivity. DMI WHITE PAPER 8
  • 9. BYOD: Six Essentials for Success The Proof: We have 500,000 devices under management for more than 100 clients, including many Fortune 500 companies—like BP, Johnson & Johnson, Sears, The Associated Press, Allergan, and more. At BP, we’re deploying 1,000 managed mobile devices each day. We provide 24 x 7 x 365 mobile service support for more than 500,000 users. DMI is the one call our customers need to make to resolve any issue—devices, apps, infrastructure, and even carrier problems. We offer a full range of security options that include Federal-grade hardware-based security, two-factor authentication, secure container, and sophisticated encryption solutions. With our expertise and economies of scale, we can provide mobility management at a higher service level and on average 20% lower cost than most companies can do on their own. Pervasive excellence is our commitment to quality service. We’ve built more than 400 mobile apps—in the past 12 months alone—for more than 150 leading organizations—like Disney, Coca-Cola, Toyota, Vodafone, P&G, The National Guard, and Universal Studios. We offer brilliant creative and user experience: Our mobile app development group was named the Best Branded App Developer at the 2012 Mobile Entertainment Awards. We are a Google Platform partner and Apple Consultant. DMI is one of only a handful of companies that is CMMI L3 appraised for both application development and services, as well as ISO 9001:2008, ISO 27001:2005, and ISO 20000-1:2011 certified. Our average D&B Open Ratings performance score from our clients is 94/100. Contact DMI today to learn how our Managed Mobility Services can deliver worry-free security, easy management, and reduced costs for your enterprise. DMI DMI Sales Team One Rock Spring Plaza U.S. Sales: 855.963.2099 6550 Rock Spring Dr Intn’l Sales: 240.200.5848 Bethesda, MD 20817 sales@DMInc.com DMInc.com ©2013 Digital Management, Inc. All right reserved. DMI WHITE PAPER 9