The Irresistible Force of
BYOD – How to Get it
Running Securely
Presenter: Marco Nielsen
Vice President, Services
mnielsen...
Introduction
BYOD Strategy
BYOD Execution
BYOD Support
Summary
Q&A
Contact Us
Marco Nielsen, VP of Services, Enterprise Mobile
Marco is an internationally recognized expert
in mobile device management...
Bring your own device (BYOD) is the policy of
permitting employees to bring personally owned
mobile devices (laptops, tabl...
According to Forrester, there will
be 1 billion smartphone
customers by 2016, with 257
million smartphones and 126
million...
Need for Mobility
NeedforSupport
Low High
LowHigh
Admin/Clerical
Call Center/Support
Finance
IT Support
IT Educator/Traine...
User Requirements
Human
Resources
Sales
C-Level
Execs
Device and Data Plans
Compliance
Security
Applications
Agreements
Privacy
Services

 Questions to consider:
◦ What mobile devices will
be supported: only certain
devices or whatever the
employee wants?
◦ H...

 What regulations
govern the data your
organization needs
to protect?
◦ Example: HIPAA
requires native
encryption on any
...

 What security measures
are needed?
◦ passcode protection
◦ jailbroken/rooted devices
◦ encryption
◦ device restrictions
...

 What apps are
forbidden at your
organization?
 What are the approved
and supported Content
Management solutions?
◦ Drop...

 Does your organization have
an Usage Agreement for
employee access to
corporate information?
 Consider including:
◦ Opt...

 What kinds of
resources will the
employees have
access to?
◦ Corporate email, certain
wireless networks, VPNs
◦ You coul...

 Your #1 priority is to protect
your network and sensitive
company information, but
you also need to think about
the priv...
 Employee Qualification:
◦ Who qualifies?
◦ Review the labor laws for exempt and non-exempt
employees.
◦ Hourly employees...
Are you confident in the security of
BYOD management in your
organization?
YES No
MDM MAM

App installation and configuration
App wrapping and containerization
Relevant acceptable app use policies

Control wireless networks
Control app access
Keep your OS & firmware current
Back up your data
Password protection
Don’t s...
SUPPORT Spell it out
Consider loaner devices
Provide additional support for execs
Educate and enable employees
Utilize out...
82%of surveyed
companies in 2013
allow some or all
workers to use
employee-owned
devices.
BYOD IS POPULAR – AND GROWING!
BYOD
https://twitter.com/entmobile
http://www.linkedin.com/company/enterprise-mobile
https://www.facebook.com/entmobile
http://...
While every care has been taken to ensure that the information in this document is correct, Enterprise Mobile cannot accep...
The Irresistible Force of BYOD -- How to Get it Running Securely
Upcoming SlideShare
Loading in …5
×

The Irresistible Force of BYOD -- How to Get it Running Securely

2,369 views

Published on

From increasing productivity to reducing operational costs, it's time for companies to look at how they be more effective with BYOD. Join Marco Nielsen, VP of Services at Enterprise Mobile, as he shares how to optimize your BYOD strategy and execution, how to make the most of your existing management solutions and how to address security challenges that have arisen from a much more diverse mobile device and application landscape.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,369
On SlideShare
0
From Embeds
0
Number of Embeds
1,462
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • I’d like to take a moment to welcome you all to the Webinar: The Irresistible Force of BYOD – How to Get it Running Securely. My name is Erica Hansen and I’ll be moderating the webinar and discussion today. Your presenter today will be Marco Nielsen. Marco is the VP of Services and the Chief Mobility Architect at Enterprise Mobile. Today he’ll share some of the tips he’s gleaned from working with clients and helping them select the right mobility solutions for successful BYOD programs.
  • Image source: http://www.cio.com/images/content/articles/body/2012/04/byod.jpg
  • Your presenter today will be Marco Nielsen, Marco is the VP of Services and the Chief Mobility Architect at Enterprise Mobile. He leads the company’s services division. As one of Enterprise Mobile’s senior technical experts, Marco participates in the most complex and challenging projects, drawing on his technical expertise. Today he’ll share some of the tips he’s formulated working with clients on BYOD strategy, execution and support.
  • Hello, thank you for joining. So what is BYOD?From increasing productivity to reducing operational costs, time has come for companies to look at how they can be more effective with BYOD. Today we’ll discuss how you can optimize your BYOD strategy and execution. How to make the most of your existing management solutions and how to address some of security challenges that BYOD brings.Image source: http://redboardbiz.rogers.com/wp-content/uploads/2012/09/BYOD.jpg
  • Just to bring some perspective into the scale of the market today.By 2016, smartphones and tablets will put power in the pockets of a billion global consumers. This is bringing a tidal wave of change to the business area and questions to IT on how to support it. The advent of rich, context-aware, and easy to use, applications running on mobile devices has brought a fundamentalshift to business technology in general.To remain vital in this business technology reformation, organizations must step up and work to establish and implement a mobile strategy for a successful and secure program for their employees.Source: Mobile Is The New Face Of Engagement: http://www.forrester.com/Mobile+Is+The+New+Face+Of+Engagement/fulltext/-/E-RES60544?docid=60544
  • It is important to understand that there are different segments of users within any BYOD implementation. One recommendation is to conduct a user segmentation analysis within your company to help understand needs and the likelylevel of required support. Every company is different. When you are gathering user segments within your company, evaluate employee roles against the need for mobility and mobile applications and against the likely level of required support. BYOD deployments are easy with users who only need low levels of IT support, and using self-service solutions. Deployments may be more difficult with users who have high mobility needs but also require high support levels, such as executives. Conducting such an analysis will help you develop the correct usage policies and support models, and may prevent frustration and control your IT budget.
  • In addition to gathering user segments, you will also need to gather user requirements. Gather information from members of the various business units, including sales, C-level executives, human resources, and other key departments like finance and IT and to determine which personal devices, applications, and personal cloud services are in use today.It can be important to understand how they are used, how tech-savvy the users are, and how employees feel these tools enhance their effectivenessand productivity. The requirements can also be adjusted to meet overall business goals and make sure proper alignment takes place.Gathering both user segments and requirements will help with the next step; the creation of your BYOD policies.
  • REMIND AUDIENCE TO ASK QUESTIONS AS WE GO ALONG. Do you have questions for me about creating a BYOD Policy? Most organizations have a wide range of policies they need to implement, depending upon their industry, regulations, and their own policies. Adoption of BYOD must provide a way to enforce the required policies, which can be challenging on consumer devices like smartphones and tablets.Another complication results from the mixing of personal and work tasks on the same device. Smartphones are usually used for business and personal calls, and tablets likely have both personal and business applications installed.  Aim to develop the needed policies to be able to implement a BYOD solution that will meet your user requirements, while also meeting your organization’s own policies. When your BYOD policies are created you can then choose technologies that can deliver these policies, rather than choosing technologies and creating policies around the capabilities of the technology. I’ll next go through these 7 import areas for policy creation. 
  • First up is device and data plans:You should think about the following questions:What mobile devices will be supported; only certain devices or whatever the employee wants? You may, for example, choose to exclude Android devices below v4.x, due to supportability. I have seen some organizations grant specific platforms more corporate access than others, based upon security policies.Will the organization pay for the data plan at all? Will you issue a stipend, or will the employee submit expense reports? Who pays for these devices? How will the procurement process work?
  • Image source: http://www.digitaltrends.com/wp-content/uploads/2012/08/shutterstock-carlosgardel-unlimited-data.png
  • When it comes to Compliance you should ask: What regulations govern the data your organization needs to protect? For instance, HIPAA requires native encryption on any device that holds data.International and state laws
  • Image source: http://blogs.pb.com/mail-solutions/files/2013/02/compliance.jpg
  • Security is a biggie!What security measures are needed?passcode protection, jailbroken/rooted devices, encryption, device restrictions, iCloud backup, Consumer content solutions (DropBox, SkyDrive, etc)What is the employee perception of security? Do employees perceive that company security controls hinder their ability to get their job done?Perhaps you segregate security policies between BYOD and corporate owned devices
  • Apps are synonymous with mobile devices and tablets, so definitely think about:What apps are forbidden at your organization? IP scanning, data sharing, DropBox? Approved and supported Content Management solutions. There are now some great solutions that tie into MDM solutions to better manage application security threats and you can create automated policies. For even more security, there are other stand alone solutions How to handle malware?Old fashioned black/white listing within MDM solutions. Time consuming, could get quickly outdated.Solutions like Appthority now plug into some MDM solutions and can provide automated rules on apps that have been vetted for security risks
  • Image source: http://im.tech2.in.com/images/2012/oct/data_plans_cover_640x360.jpg
  • Don’t forget about your A-U-A, “Acceptable Usage Agreement” that is. Does your organization have an Usage Agreement for employee access to corporate information?Craft one that hasOpt-in/out clauses What the company will monitor and perform on mobile devices (I have seen the “Big Brother” syndrome can make it difficult to get a BYOD program running)Specifically outlines what happens if an employee does something bad.When and how a company will perform a remote wipe of company information. Have you discussed plans with HR and Legal?
  • Image source: http://interactyx.com/wp-content/uploads/2012/03/HR-Tech.gif
  • Next you should think about Services for employees: What kinds of resources will the employees have access to?Corporate email, certain wireless networks, VPNs You could, based upon your user segmentation, provide access only to certain networks or apps.To kickstart a BYOD program and get buy-in from the user population we have seen positive and quick adaption when:Specific applications that will assist the end-user is pre-purchased, gifted (office document utility, DocumentsToGoetc)Mobility solutions announced at the same time. (mobile expense solution/app)
  • Image source: http://www.wanttlc.com/images/tlclogo.gif
  • Last be not least, Privacyis a big issue. - Your number one priority is to protect your network and sensitive company information, but you also need to think about the privacy of your employees. What data is collected from employees’ devices? What personal data is never collected? Will the inadvertent remote wipe of personal data make for an unhappy employee? How are the international laws in different countries? France for example has very strict privacy laws, so you may need to adapt as necessary.  
  • Image source: https://www.law.upenn.edu/blogs/regblog/Privacy.jpg
  • To wrap things up, no questions are off limits when it comes to BYOD. There must be frank and honest dialog about how devices will be used and how IT can realistically meet those needs. Additional issues to discuss with your HR, legal, security and finance departments when developing your BYOD policy include:Employee Qualification:- Who qualifies? - Review the labor laws for exempt and non-exempt employees. - Hourly employees may claim overtime based on reading email on a personal device. Recent lawsuits have already occurred (Chicago police department)Restrictions:What are the restrictions on enterprise security, data usage and privacy in the organization?Employee Termination:Data and phone number transition at termination.Is there a clear process and who does what? 
  • REFER TO POLLING QUESTIONREMIND AUDIENCE TO ASK QUESTIONS. Do you have questions about how you can increase your confidence in your BYOD security management? Are you confident in the security of BYOD management in your organization? Yes or No?What are some of the reasons you are not?
  • Moving along, once you’ve put your BYOD strategy together, analyzing the user segments, requirements and policies to fit the needs of your organization, you need to think about BYOD security management solutions. - Currently, two main solution types, mobile device management (MDM) and mobile application management (MAM) are commonly used. - MDM is device centric – devices are managed with client software, device security posture, etc.- MAM is application centric – deployment and security of applications themselves. - Many solutions now have both features, and can provide the best of both worlds when executing a BYOD program within your organization. While MDM is all about locking down devices, MAM helps safeguard mobile environments by controlling application access; If you are considering a BYODstrategy, MAM helps you do so without putting corporate data at risk becausecorporate and personal apps can peacefully (and safely!) coexist on the same device. Employees are responsible for the security of the personal apps on their devices, while IT staff can protect and remove corporate apps and data if a device needs to be wiped.There could also be environments where MAM is all that is required based upon your security requirements.But having both MDM and MAM features you can successfully manage both corporate owned and BYOD devices.
  • Here are some MAM best practices:Decide on relevant acceptable use policies to help set expectations. Make sure employees are clear on which applications they’re allowed to access and which are blacklisted or monitored.Use an Enterprise AppStore to publish applications to employees, on some platforms you can force installations.Use various MAM features to Track app downloads and ongoing usage, Monitor and detect outdated or disabled apps, Enforce the removal of blacklisted apps and to prevent outside malware, Allow only certain users to install/use specific applications on specific devices,- Additional MDM features include:A VPN connection can be made mandatory for specific corporate appsAdditional corporate authentication can be enabled“Containerization” – placement of all corporate apps and data in an encrypted area on the device
  • Here are ten best practices to secure BYOD devices in your organization:Use password protected access controls -encrypted device dataControl wireless network & service connectivity - network access control (NAC), corp VPNControl application access and permissions - multi-layered security programKeep your OS and firmware current – patched vulnerabilities, detect down-level devicesBack up your data – Lost data if you loose your device, use personal or corporate servicesWipe device data automatically if lost or stolen – Put processes in place for selective wipeNever store personal financial data on your device – Lost or stolen device riskBeware of free apps – malware, unsanctioned appstores, recent Android “master key” vulnerability scareTry mobile antivirus software or scanning tools on certain platforms – May slow down the device, network tools may be better at this timeUse MDM and MAM software – policies, compliance processes, jailbreak/root detection, containizeration
  • Establishing support and maintenance levels with employees in your organization is extremely important for a successful program. Spell it out: Make sure to spell out the type of incidents IT will support and the extent of this support. Loaner Devices: A loaner pool of devices allows for uninterrupted productivity during service, especially when a personally-owned device is used in place of a corporate device. Consider providing key personnel with additional, VIP-style support. Employee Education & Enablement: Educate and enable your users for self-support and capture key metrics to continually maintain and enhance your BYOD model/solution. Training on security topics can also be benefical. Outside Support Utilization: Don’t feel like you have to go it alone when it comes to supporting BYOD in your organization; utilize outside support. Enterprise Mobile offers flexible yet controlled BYOD Support framework solutions for organizations.
  • *ReadWrite Survey Results - What a Typical BYOD Program Really Looks Like: http://readwrite.com/2013/01/18/readwrite-survey-results-what-a-typical-byod-program-really-looks-like#awesm=~o9R7ByyuQDg1Wc
  • BYOD is more than a trend, it is a reality heading into the next phase of adoption and end user integration. Today the conversation is moving from “is BYOD for me?” to “how do I securelyimplement BYODto leverage the power of consumerization in my organization?”.From increasing productivity to reducing operational costs, it's time for organizations to look at how they can be more effective with BYOD.Spend some time taking the necessary steps to build your BYOD strategy and evaluate what is needed for you to securely execute a BYOD program in your organization. Our Enterprise Mobile BYOD Solution Management provides a flexible yet controlled framework to assess, design, deploy and support the right approach for your organization. And, our BYOD Solution Management spans across all operating system platforms, from Apple iOS to Windows and Macs. Need more information? Please contact us!Image source: http://www.ringdna.com/wp-content/uploads/2013/05/BYOD.jpg
  • Enterprise Mobile is the leading provider of Mobility-as-a-Service, making it simple and affordable for customers to keep up with the quickly evolving mobile marketplace. Enterprise Mobile draws on our deep mobility expertise and best practices in every facet of the mobile lifecycle, from planning and application development to management, support, and optimization.Contact us today!
  • Thank you! That concludes our presentation.
  • The Irresistible Force of BYOD -- How to Get it Running Securely

    1. 1. The Irresistible Force of BYOD – How to Get it Running Securely Presenter: Marco Nielsen Vice President, Services mnielsen@enterprisemobile.com
    2. 2. Introduction BYOD Strategy BYOD Execution BYOD Support Summary Q&A Contact Us
    3. 3. Marco Nielsen, VP of Services, Enterprise Mobile Marco is an internationally recognized expert in mobile device management and mobile devices, with nearly 20 years’ experience spanning systems architecture, operating systems, hardware and communications. Marco brings a broad perspective on how to design and deliver a successful enterprise mobility initiative.
    4. 4. Bring your own device (BYOD) is the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smartphones) to their workplace, and use those devices to access privileged company information and applications. BYOD“Bring Your Own Device”
    5. 5. According to Forrester, there will be 1 billion smartphone customers by 2016, with 257 million smartphones and 126 million tablets in the US alone.* *Source: Forrester – Mobile is the New Face of Engagement
    6. 6. Need for Mobility NeedforSupport Low High LowHigh Admin/Clerical Call Center/Support Finance IT Support IT Educator/Trainer Technical Support Executives Sales Reps Healthcare Workers Engineers IT Staff Technical Sales Staff
    7. 7. User Requirements Human Resources Sales C-Level Execs
    8. 8. Device and Data Plans Compliance Security Applications Agreements Privacy Services
    9. 9.
    10. 10.  Questions to consider: ◦ What mobile devices will be supported: only certain devices or whatever the employee wants? ◦ How will the procurement process work? ◦ Will the organization pay for the data plan at all? Stipend or will employee submit expense?
    11. 11.
    12. 12.  What regulations govern the data your organization needs to protect? ◦ Example: HIPAA requires native encryption on any device that holds data. ◦ International or state laws
    13. 13.
    14. 14.  What security measures are needed? ◦ passcode protection ◦ jailbroken/rooted devices ◦ encryption ◦ device restrictions ◦ iCloud back-up ◦ consumer content solutions  What is the employee perception of security?
    15. 15.
    16. 16.  What apps are forbidden at your organization?  What are the approved and supported Content Management solutions? ◦ Dropbox, SkyDrive etc.  How to handle malware?
    17. 17.
    18. 18.  Does your organization have an Usage Agreement for employee access to corporate information?  Consider including: ◦ Opt-in/out clauses ◦ What the company will monitor and perform on mobile devices ◦ Specifically outlines what happens if an employee does something bad ◦ When and how a company will perform a remote wipe of company information
    19. 19.
    20. 20.  What kinds of resources will the employees have access to? ◦ Corporate email, certain wireless networks, VPNs ◦ You could, based upon your user segmentation, provide access only to certain networks or apps.
    21. 21.
    22. 22.  Your #1 priority is to protect your network and sensitive company information, but you also need to think about the privacy of your employees. ◦ What data is collected from employees’ devices? ◦ What personal data is never collected? ◦ Will the inadvertent remote wipe of personal data make for an unhappy employee?
    23. 23.  Employee Qualification: ◦ Who qualifies? ◦ Review the labor laws for exempt and non-exempt employees. ◦ Hourly employees may claim overtime based on reading email on a personal device.  Restrictions: ◦ What are the restrictions on enterprise security, data usage and privacy in the organization?  Employee Termination: ◦ Data and phone number transition at termination. ◦ Is there a clear process and who does what?
    24. 24. Are you confident in the security of BYOD management in your organization? YES No
    25. 25. MDM MAM 
    26. 26. App installation and configuration App wrapping and containerization Relevant acceptable app use policies 
    27. 27. Control wireless networks Control app access Keep your OS & firmware current Back up your data Password protection Don’t store personal financial data on devices Beware of free apps Try antivirus/scanning software Use MDM and MAM software Remote device wipe 
    28. 28. SUPPORT Spell it out Consider loaner devices Provide additional support for execs Educate and enable employees Utilize outside support
    29. 29. 82%of surveyed companies in 2013 allow some or all workers to use employee-owned devices. BYOD IS POPULAR – AND GROWING!
    30. 30. BYOD
    31. 31. https://twitter.com/entmobile http://www.linkedin.com/company/enterprise-mobile https://www.facebook.com/entmobile http://www.enterprisemobile.com Marco Nielsen mnielsen@enterprisemobile.com
    32. 32. While every care has been taken to ensure that the information in this document is correct, Enterprise Mobile cannot accept (and hereby disclaims) any responsibility for loss or damage caused by errors or omissions. All rights reserved. No part of this document may be reproduced without the prior permission of Enterprise Mobile. ©2013 Enterprise Mobile. Image Sources: MorgueFile: Slide 16: dhester, Slide 17: mconnors, Slide 18: Melodi2, Slide 20: doctor_bob, Slide 21: dhester, Slide 22: Alvimann www.enterprisemobile.com Thank you!

    ×