Bes Practices in Bring Yo Own Device (BYOD for the      st             B      our     n     e     D)     e     En   ...
  Architecting your BYOD strategyThe evolution of enterprise computing has taken-on an entirely new face. Mobile form fact...
  Best Practice 1: End-User SegmentationIn order to align the best mobile IT resources for your workforce you’ll need to d...
  Best Practice 2: Defining Financial Liability by SegmentOne of the most overlooked elements of BYOD programs is financia...
  Best Practice 3: Technology Alignment and Device ChoiceAs you define the technology and services that best equip each se...
  An additional requirement associated with BYOD programs is Mobile Device Management(MDM) applications. MDM applications ...
  In addition to the items we’ve addressed above, the BYOD policy should include criteria for thedifferent segments based ...
  In order for the BYOD program to be successful, it is important that your MDM, Data LossPrevention (DLP) and Mobile Devi...
        sion:ConclusAvoiding the BYOD Tax ultimate means ac                     T         ely           chieving a leevel ...
Upcoming SlideShare
Loading in …5
×

Best practices in bring your own device (boyd) for the enterprise

851 views

Published on

According to a 2011 study by IDC, approximately 40% of corporate employees use personal mobile devices to access corporate networks and systems. When executives embrace personal iOS devices, and require that IT support and connect their devices to corporate systems, it fuels the trickledown effect and subsequent need for a BYOD program. An OVATION Wireless Management White Paper: www.ovationwireless.com.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
851
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Best practices in bring your own device (boyd) for the enterprise

  1. 1.    Bes Practices in Bring Yo Own Device (BYOD for the st B our n e D) e En nterprise Secur e: rely Ena abling Y Your Mob Con bile nnected Woorkforce While Avoiding the BY e A g YOD Tax xAn OVATION Wireless Managemen White Pape s nt er 1-866-207-2111 www.ova ationwireless. .com
  2. 2.   Architecting your BYOD strategyThe evolution of enterprise computing has taken-on an entirely new face. Mobile form factorshave dominated the enterprise computing landscape in recent years and this growth trend is notslowing. That fact that in the fourth quarter of 2011 Apple sold more iPads than any othermanufacturer sold computers is a testament to the rapidly expanding mobile computingjuggernaut. Consumerization of IT has been the catalyst for the proliferation of tablets andsmartphones in the enterprise. Consequently, the growth of Apple iOS devices acquired byemployees is driving the tidal wave of demand for IT organizations to adopt a BYOD program.According to a 2011 study by IDC, approximately 40% of corporate employees use personalmobile devices to access corporate networks and systems. When executives embrace personaliOS devices, and require that IT support and connect their devices to corporate systems, it fuelsthe trickledown effect and subsequent need for a BYOD program.Therefore, it is no surprise that enterprises worldwide are facing increasing pressure to allowemployees to bring their own devices into the enterprise and connect them to corporatenetworks and systems. In fact, according to industry reports, over 70% of enterprises havedeveloped some form of BYOD program. The initial benefits, to the enterprise, of enablingBYOD include employees working longer hours, greater employee satisfaction and a reductionin the capital expense of mobility because that burden is shifted, in part or whole, to theemployee. While the initial assessment of BYOD often reveals benefits of allowing employeesto bring their own devices, more often than not there is a significant cost in letting them do so –the BYOD Tax – which is made-up of higher wireless service expenses, higher support costs,higher application development costs, higher security costs, higher regulatory compliance costsand higher administrative costs.In order to avoid the BYOD Tax, enterprises need to architect their BYOD program with the rightset of constructs that enables the appropriate degree of end-user preference resulting inincreased productivity and satisfaction while ensuring that the total cost of ownership (TCO) ofenterprise mobility is not negatively impacted.As your IT organization assesses the impact of BYOD and plans for the future of embracingconsumer preference and a mixed mobile IT ownership environment, this white paper will helpyou develop a programmatic approach to deliver an effective BYOD framework that enableschoice while containing costs. The following best practices will help you take a holisticapproach by addressing the key factors of your program framework and setup the appropriategovernance model for your mobile connected enterprise.An OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  3. 3.   Best Practice 1: End-User SegmentationIn order to align the best mobile IT resources for your workforce you’ll need to develop end-usersegments based on criteria that will maximize end-user productivity while ensuring a secure andcost effective mobile enterprise ecosystem. In defining the end-user segments you should lookfor natural usage patterns, determine location requirements and review business requirementsby segment including: • End-user contribution to the bottom-line • Access/time sensitivity • Location • Value impact of mobility • Regulatory compliance • Data access • Systems access • Application usage • Voice/data usageTypically five or six different segments are sufficient for developing an effective framework foryour BYOD program to help define the technology portfolio that will be accepted into theprogram.It is helpful to define end-user segments by location/type of worker: • Task Worker: Day Extender • Knowledge Worker 1: VIP • Knowledge Worker 2: Home Office Worker • Power User 1: Field Sales Force • Power User 2: International • Power User 3: Field ForceWhen you’ve completed the end-user segmentation you’ll need to establish support levels,expense levels and governance parameters. Next, you’ll need to capture the application usage,systems access requirements and data access requirements in order to align the besttechnology portfolio with the user needs. For example, if there is a specific end-user segmentthat has access to highly regulated data or processes then your policy and security for thatsegment needs to ensure regulatory compliance. The end-user segments are the cornerstonefor establishing the policies to help govern your BYOD program and ensure a secure andproductive mobile connected workforce.An OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  4. 4.   Best Practice 2: Defining Financial Liability by SegmentOne of the most overlooked elements of BYOD programs is financial liability. When ignored,financial liability is the single biggest factor in driving up the TCO of the mobile enterprise andcontributing to the BYOD Tax.Financial liability is the process of establishing who contracts with the wireless carriers for theservice plan. Corporate liability is when the enterprise establishes the carrier relationship andfinancial responsibility for the plan. Corporate liability, when managed correctly, can deliver thegreatest efficiencies in wireless service costs. Individual liability is when the end-user contractsdirectly with the wireless carrier. Individuals are typically relegated to the plan du jour and inmost cases purchase plans that are much less efficient based on their actual usage.According to the December 2, 2011 Forrester report Consumerization Drives SmartphoneProliferation, “More than half of US information workers pay for their smartphones and monthlyplans, and three-quarters pick the smartphone they want rather than accept IT’s choice.” Theproblem with information workers paying for their monthly plans and getting reimbursed by theenterprise is the loss of enterprise buying power and subsequent increase in the wirelessservice costs of up to 35% or more. When enterprises implement a flat stipend (Ex. $50 permonth) then end-users will throttle their usage in order to prevent having to subsidize thewireless spend for the enterprise resulting in a reduction in the benefit of mobility. In addition,the administrative cost of processing the monthly payment ($25 to $45) often goes overlookedand is an additional contribution to the BYOD Tax.When enterprises allow employees to purchase their own wireless plans then they alsorelinquish the decision of what services are selected to enable the end-user to be productiveand efficient.The changing landscape of rate plans is creating additional complexity. Verizon and AT&T’sintroduction of shared data plans create a new management challenge in containing wirelessservice costs. Verizon and AT&T are attempting to stem the loss of revenue from applicationsthat provide text and messaging capabilities over the data connection and circumvent the carriertext service. In addition, the unlimited data plans have virtually all but disappeared with a fewexceptions.Best-in-class enterprises that are driving down the TCO of mobility are implementing a hybridapproach to financial liability. For knowledge worker and power user segments that need dataaccess it is important for them to fall under corporate liability in order to mitigate the risk ofescalating costs of individual service plans. For task worker segments that simply extend theirday and use email as the killer application then individual liability and a flat stipend is aneffective method.An OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  5. 5.   Best Practice 3: Technology Alignment and Device ChoiceAs you define the technology and services that best equip each segment with the capabilitiesthat will drive productivity gains, it is important to take a future-proof approach and make surethat your enterprise mobility roadmap is in alignment with your overall IT roadmap. When itcomes to BYOD and the portfolio of devices, operating systems, services and applications, bestin class enterprises support end-user choice to a certain degree yet place some limits on whatthey’ll support in the BYOD program. Technology alignment by end-user segment is anotherarea where the BYOD Tax can rear its ugly head.The cost to develop and support applications across all mobile platforms contributessignificantly to the BYOD Tax. You’re best served to create an environment that consists ofapproved devices that enable you to develop applications that work seamlessly with the userinterface models of the device set. Taking this approach will also help reduce your maintenanceexpense which often makes-up over 60% of the mobile application expense.Aligning the technology portfolio for each end-user segment is a critical step that should not betaken lightly. For example, understanding the location of operation of the end-user segment hassignificant ramifications. If the end-user requires global access then the technology portfolio forthat end-user will differ greatly from a domestic end-user. Make sure that the technologyportfolio delivers on the exact needs of each segment. Creating a matrix of devices,technologies, services, support and associated costs designated for each end-user segment isan effective way to define, communicate and manage the enterprise mobile technology portfolio.The enterprise mobility matrix should encompass all technologies including laptops to ensurecomplimentary technologies don’t break the budget.In most BYOD environments, it is not just a device choice but other choices that need to bedefined and approved. According to iPass’ Mobile Workforce Report, Q1, 2012 the averagemobile connected worker is equipped with 3.5 devices. This is up from 2.7 devices during thesame period in 2011. With a plethora of new mobile device introductions taking place over thenext several months, this growth trend is expected to continue. Rumors abound of new tabletform factors that will likely become complimentary devices versus replacements. Therefore, itis important that you revisit the enterprise mobile portfolio matrix on a quarterly basis to keep upwith the changing mobile landscape and ensure you’re supporting the best technology set. Inaddition, when employees in the knowledge worker or power user segments purchase thesenew devices, it is important that they understand that they’ll be required to activate them on thecorporate service plans. When you equip an employee with 3.5 mobile devices on average, thecorresponding service spend can quickly grow out of control. Your BYOD program must havethe appropriate management controls in place to ensure that your wireless services spenddoesn’t break the IT bank.An OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  6. 6.   An additional requirement associated with BYOD programs is Mobile Device Management(MDM) applications. MDM applications ensure policy compliance of devices connecting tocorporate IT infrastructure as well as eliminating security threats. In order for this to beeffective, you’ll need an MDM solution with baseline functionality that generally includes assetmanagement, encryption, password policy, remote lock/wipe, and email/Wi-Fi/VPNconfiguration. When enhanced mobile security and data protection is required, there are alsoMDM options that include functions like mobile anti-virus protection and point-to-pointencryption.Best Practice 4: Policy DevelopmentA detailed enterprise mobile policy is an absolute necessity with any mobility program includingBYOD. Because BYOD introduces some grey areas in terms of ownership and responsibleparties, you need a policy that will limit your legal exposure and provide governance over yourBYOD program.With the recent issues over Carrier IQ’s diagnostic software providing the ability for carriers totrack location and keystrokes, privacy advocates mobilized and Rep. Ed Markey (D-Mass.)drafted the Mobile Device Privacy Act. While this has not been passed into law yet, it is a signof things to come. When you combine this with the Electronic Communication Privacy Act andthe plethora of state and local government laws that govern distracted driving, you have to makesure that your enterprise mobile policy mitigates the legal risk of your BYOD program.One of the most important elements of your BYOD policy is notifying employees that if theychoose to participate in the program then they agree that the corporate IT department will beplacing Mobile Device Management software on their device and that it will be monitored andmanaged in order to eliminate risks to the enterprise. It is very important that the employee signan agreement accepting this policy.In addition, you need to have the employee agree that they will not use their mobile device whileoperating a motor vehicle. If they do, then they’re responsible for the consequences. Theemployee needs to indemnify the enterprise to ensure that all accidents resulting from using amobile device while operating a motor vehicle are the responsibility of the end-user.The policy also needs to help mitigate the risks of nefarious acts conducted by employees withmobile devices. This can include governing the use of cameras, unapproved content andremovable media.An OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  7. 7.   In addition to the items we’ve addressed above, the BYOD policy should include criteria for thedifferent segments based on: • System access parameters • Data loss prevention • Corporate data management • Corporate or individual liability • Financial responsibilityIt is not a bad idea to have all employees sign your enterprise mobile device usage policy. Thatwill help you mitigate the risks of those devices that slip through the cracks. Some reportsindicate that more than 40% of enterprise mobile devices are connecting to corporate systemswithout the knowledge of the IT department.With the rapid evolution of mobile technologies and state, local and federal laws, you’ll need toreview your BYOD policy on a frequent basis. Once a policy has been developed andimplemented then it needs to be managed to ensure that it protects the enterprise and the end-user. End-users need clear and concise communication on what’s allowed and what’s notallowed as well as feedback on their compliance. This is an important task for the mobilegovernance center of excellence inside your organization. If your organization doesn’t have amobile governance center of excellence, then it is important to establish one prior to BYODprogram rollout. These organizations are typically made-up of end-users from each segment,line of business management and IT management.Best Practice 5: SecuritySecurity is the single greatest concern of CIOs when it comes to BYOD programs. There havebeen many high profile data breaches resulting from mobile device threat vectors. Each deviceis an endpoint that can become a security threat that varies based on the end-user segment andclass of device. Therefore, making sure that you implement an MDM solution that provides for agranular level of policy definition is very important for mitigating risks. According to the 2011study on IT security practices, laptop or mobile device theft was the second most common typeof security incident and was reported by over 20 percent of organizationsAn OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  8. 8.   In order for the BYOD program to be successful, it is important that your MDM, Data LossPrevention (DLP) and Mobile Device Security solutions deliver: • Asset and identity management • Storage controls • Network access controls • Application policy controls • Permissions • Authentication • Password settings • Move, add and change management • Unauthorized usage alerts • Web and messaging securityBest Practice 6: SupportSupporting end-user segments is another element of BYOD programs that can exacerbate theBYOD Tax. The end-user segment and the value that they deliver to the corporation via mobilityshould be a key parameter in defining the support level.It is also important that your BYOD policy is clear on device replacement processes andfinancial liability to ensure that the correct expectations have been set when these incidentsarise.For end-users that require high availability and are highly time sensitive in performing their job,then you’ll want to consider a service level that provides for issue resolution typically within twoto four hours. In some instances onsite support is warranted in order to drive rapid incidentresolution and employee productivity.For task workers that are not performing mission critical tasks with their mobile devices, thenself-service support through the carrier support line should be sufficient.These examples are the opposite ends of the spectrum of support that can be required forBYOD programs. It is critically important to set the expectation of support levels with each userand establish the process by which they communicate incident requests.Support costs are a significant component of end-user operations and corporate operationsexpense. Defining the supported technology and the appropriate levels of support are criticalfor containing the TCO of BYOD programsAn OVATION Wireless Management White Paper 1-866-207-2111 www.ovationwireless.com
  9. 9.    sion:ConclusAvoiding the BYOD Tax ultimate means ac T ely chieving a leevel of compromise with employees byenabling choice with the approprriate financia controls, te al echnology ccontrols, gov vernance anddsupport to enhance productivity while mitigat t p w ting risks to the enterpris By incorporating the 6 se. ebest prac ctices outline above, yo ed ou’ll be deveeloping a hollistic approach to BYOD that will Dembrace technologic innovation while deliv cal vering a satissfied, productive and se ecure mobile econnecte workforce ed e.For more informatio e on:Visit: ww ww.ovationw wireless.comOr call: 1-866-207-2 1 2111An OVATION Wireless Managemen White Pape s nt er 1-866-207-2111 www.ova ationwireless. .com

×