Over the past decade, the Bring
Your Own Device (BYOD)
concept has become popular with
organizations and employees alike.
Finding that perfect balance between privacy, security, and budgetary concerns presents complex
choices for organizations. BYOD
benefits include reduced equipment costs, increased employee
satisfaction and efficiency, and
decreased IT staff burdens.
BYOD can be good for an
organization’s bottom line, but
the most obvious risk with BYOD is that you may be opening
another gateway with potential security vulnerabilities that isn’t
adequately managed by the IT staff. Increased security monitoring can be expensive and in this day and age IT investments
need to demonstrate a clear and measurable return.
Gartner predicts by 2017 half of all employers will require
employees to supply their own device for work purposes. Ensuring data security between these mobile devices and corporate networks will require advanced planning. When considering BYOD, organizations frequently evaluate the cost benefits of
Mobile Device Management (MDM) and Mobile Application
Management (MAM) solutions for securing their systems.
MDM and MAM are considered the most popular technologies for enabling secure use of an individual’s smartphone
and tablet within the enterprise. These technologies started with
different use cases, but their features are beginning to overlap.
Though they involve a significant investment, the benefits result
in securely allowing employee-owned equipment to connect with
corporate networks by completely controlling each device. MDM
provides command and control of mobile devices in a model that is
similar to managing PCs and therefore easily understood by IT.
There is a belief that gaining control of every setting on each
device is necessary to protect and secure the organization. However, this idea conflicts with the nature of the device being an
extension of someone’s personal life and a secure and convenient bridge between personal and professional activities. The
good news is in some cases it is possible to implement secure
BYOD initiatives without an intrusive MDM configuration.
Do employees really need their mobile devices to be connected
to the internal network in order to be productive? Mobile devices
are inherently nothing more than portals to online services with
small amounts of information stored on the device itself.
A device that is connected to the Exchange email service
may contain corporate contact lists and some cached email
attachments, but it is not like a laptop that is logging into the
network and gaining unfettered access to a myriad of network
services. It can be configured to only be connected to the individual services for a specific reason such as the Exchange email
service or to a website through its browser.
In situations such as these, the major threat with mobile
data loss is from stolen or lost devices that can be hacked. Fortunately, there are many free or inexpensive methods for wiping
a device remotely once it has been lost, without an MDM.
Apple provides a free iOS configuration utility that organizations’ IT groups can use to configure employees phones with an
IT-controlled AppleID for Find My iPhone. To implement this
solution, you will of course need to establish policies to govern
how this control will be used and communicated.
If little is stored on personal devices, there is little for IT to
manage. Many organizations are already using cloud services
for even their most sensitive data like CRM and marketing
analytics. Extending these cloud services to personal devices is
a more cost effective alternative to MDM.
The IT team then only needs to manage access to services
such as email, file storage, company and third-party applications and programs at the user level instead of the device level,
just like they already do today for company-owned resources.
Why does all this matter? The balance between privacy,
security, and budget does not mean you have to deny your employees requests to use their own device. And it does not mean
you have to necessarily transfer the savings into an MDM solution. Consider the real way your employees will use the devices
and cheaper alternatives before you make the leap. ITA
Martin Gillespie is director, Mobility Center of Excellence for
Salient Commercial Solutions and is responsible for bringing together resources to create a combination of solutions
to vet ideas, offer strategic and tactical thought leadership,
build proof-of concept prototypes, and oversee production
delivery that provides benefits to customers.
Mobile Device Management Not the
Only Answer to Dealing with Personal Devices
BYOD provides value and satisfaction to business users, but has challenges.