How Workers Can BYOD Without Risking Data, Networks
By Cimarron Buser
The IT consumerization wave is hitting enterprises at full force as end users begin to demand more freedom and flexibility in the way they interact with business applications. Frontline end users as well as senior executives want the convenience of using just one smartphone or one tablet for both work and personal use. They’re tired of carrying around two devices and want to eliminate the hassle of physically switching from one to the other.
The movement has prompted many businesses to offer employees the option of Bring Your Own Device (BYOD) to work rather than forcing users to rely on corporate-owned devices. In addition to responding to user requirements, embracing the shift to BYOD makes sense from a business and an IT perspective.
The benefits not only reduce IT costs but also improve employee productivity:
Lower Total Cost of Ownership: By giving employees the option of using their own smartphone or tablet for business purposes, enterprises reduce capital expenditures for the devices. They also reduce on-going costs for mobile phone usage as well as Internet-access data plans. And because end users who bring their own device understand how it works to a much greater degree, they typically do not require as much technical support, which reduces on-going IT costs.
Improved Morale: Giving employees the freedom to bring their own device also gives them more control over their computing environment and acknowledges the fact that business-life and personal-life both sometimes need attention on a 24x7 basis. In addition to keeping current employees happy, the BYOD approach can also serve as an effective recruiting and retention tool for companies working to attract the best and brightest.
Improved Productivity: With the ability to easily switch from personal applications, music, photos and e-mail to corporate applications, businesses are much more likely to see increased productivity from employees when they are away from their jobs, especially if the mobile platform creates a fun and familiar interactive environment they can enjoy.
Securing Corporate Applications and Data on Personal Devices
When giving employees the BYOD option, businesses also need to turn to an effective mobile application management platform and well thought-out policies to ensure applications function optimally and to keep corporate applications and data safe. When a mobile platform that provisions applications is deployed properly, businesses can keep corporate assets just as safe on employee-owned devices as they can on corporate-owned devices.
Leading mobile application management (MAM) platforms make it possible to disable application access and remotely wipe corporate data from devices when employees leave the company or change job roles, as well as when devices are lost or stolen. The technology also makes it possible to leave personal applications, data, music and pictures intact so that employees don’t have to worry about losing personal content. This is an important aspect when asking employees to use their own devices for business purposes.
Mobile platform technology also makes it possible to easily deploy and update corporate-branded applications that create a fun and interactive experience for end users. This boosts productivity by increasing the time employees want to spend using business applications, and they become more likely to switch over to business tasks when not on the job. With just one device accessing both personal and business content, they can easily move from one view to the other.
When employees choose their own devices and corporations opt for an effective mobile app management platform, IT generally spend less time on help-desk-type support for these users. In many cases, users can take care of their own configurations and other tech support issues, especially with a platform that provides a familiar interface while automating the application deployment and updating process.
When researching platform solutions for adopting the BYOD approach, it’s critical that enterprises turn to a leading mobile application management provider to ensure security and performance. By looking for a solution that includes all the key capabilities required, businesses can facilitate the BYOD process and ensure the integrity of corporate assets.
The key requirements for any MAM solution:
- Enables creation of secure applications that ensure authorized user access (e.g., with a simple SDK that can be used by the developer)
- Allows for fast distribution and automated updates of applications
- Permits IT to maintain control of business applications on devices owned by employeesProvides end users with a familiar application interface
- Allows end users to “opt in” to corporate policies before given access to corporate applications and data, and logs this event for compliance reporting
- Facilitates employee ability to download applications, view additional information, and access training materials such as PDF files and videos
- Gives application developers the ability to manage application testing during the development process with smooth transitions to the full pilot and roll-out stages
Carefully Planned Policies Required to Complement the Technology
In conjunction with the mobile application management platform, businesses must also apply a clear set of policies. The policies help employees understand the access that the business must be given to personal devices to protect corporate data and applications.
Employees must also understand the consequences of conditions that might dictate the need for a complete wipe of a device, such as when devices are lost or stolen. In return, businesses must declare how they will not infringe on personal applications and content as long as employees adhere to corporate policies.
The policies should not restrict employees beyond what is reasonable since the premise of BYOD is an equal swap: employees alleviate the business from the need to purchase devices in exchange for receiving access to both personal and business applications. It’s best to give employees sufficient freedom in the use of the devices and only clamp down on anyone who violates the policy.
Also include a methodology for determining which mobile devices will be supported for accessing corporate applications. Each device operating system requires platform programming, so support should not be offered to any and all devices, but businesses should make sure they support mainstream, in-demand devices.
Policies for Bring Your Own Device
Through recent interviews conducted with CIOs, Deloitte Consulting director David Smud has developed a set of baseline policies that enterprises can use as a starting point for creating BYOD policies and user agreements. Here are some adapted excerpts from those guidelines that help reduce business risk as well as legal liabilities:
- Create guidelines for determining which smartphone and tablet devices the business will evaluate—not only today but also on a regular basis as new technologies emerge.
- Develop device evaluation criteria and determine how users will be notified as to which devices are permitted.
- Consider the variances of devices and tailor user agreements for different countries with respect to the differences in regulatory requirements.
- Communicate to users how devices are evaluated and provide the company’s device-certification roadmap
- State clearly how mobile devices must be configured and how they will be supported, especially if there will be different support levels for user-owned and company-owned devices.
- Provide training so users understand their responsibilities, mobile security risks, acceptable-use policies, prerequisites for connecting devices to the network, and inappropriate use.
- Implement processes for notifying users when and why they are out of compliance while providing the steps they must take to become compliant.
Reduced IT Costs, Improved Morale and Increased Productivity
A set of policies such as those above, combined with a proven mobile application management platform, gives enterprises the ability to truly catch the ‘Consumerization of IT’ wave as it develops more and more momentum. With clear policies and effective technology in place, businesses can ensure the security of their applications and data while reducing IT costs, improving morale, and giving employees the flexibility they need to raise their productivity levels.
Cimarron Buser is vice president of product marketing for Apperian.