BYOD (Bring Your Own Device) is here to stay and the consumerization of IT is staggering to say the least! When checking the latest IDC figures one can only wonder about the mobile revolution and its consequences within the social enterprise! According to IDC, 2Q2012 worldwide smartphones vendors shipped more than 150 million devices; the battle ground remains between Samsung and its wonderful Galaxy III with roughly 33% market shares [50 million devices shipped] & Apple with 17% of the market [26 million devices shipped]. Nokia’s market shares are dwindling like snow melting in the sun as the Finish vendor went down from 8.21% [Q112] to 6,7% [Q212] market shares with 10 million units being shipped.
The PC era is not dead but somewhat losing ground to the new virtual workplace necessary today for the Y generation mobile workforce in need of agility, flexibility and above all remote access to company data, apps & software. Rolling out a successful BYOD strategy is tricky but if you are looking for resources remember all the main vendors are providing ample white paper as well as case studies when it comes to implementing a ratified BYOD strategy and policy within your own premises.
1. Get the right foundation with C-Level involvement
Let’s bear in mind that our traditional PC/Notebook workstation is not fully fitted to the mobile environment unfolding in front of us and no BYOD policy template is available since requirements and corporate priorities need to be defined on a one to one basis. It is of the utmost importance to require C-Level involvement and support right of the bat and have your BYOD architect closely work with IT, HR, Legal departments in order to establish the right foundation. This is also a wonderful opportunity to consider more data stewardship towards your traditional PC & Notebook workstations.
2. Assess carefully your present legacy policies, type of mobile device involved and practices
Heavily consider MDM (Mobile Device Management) IT oversight & support. We all like our freedom but let’s face it folks, security and responsibility is mandatory if mobility is to allow us comfortable and secure remote company data access! Take a solid inventory of all the present devices in use including platforms, OS, privately or company owned, data used and access technology available such as Wi-Fi, VPN, Bluetooth, cellular or bridge to workstation.
3. Find out from your end-users what their real needs are
Remember your end-users should become your strongest advocates when it comes to a successful BYOD strategy and policy implementation, so get them onboard early and find out about their genuine company needs especially from those who are mobile or work remotely! Bear in mind workplace, geography, authentication, mobile apps, mobile device ownership and expected level of support.
4. Establish a clear and ratified BYOD platform support
Which OS & devices types are you considering? What is end-users support for both company and privately owned devices going to be like? How can we expect IT to give the required level and quality of service if suddenly faced with devices they have not considered in the first place?
5. Chose carefully your Mobile Device Management (MDM) tools and technologies
MDM tools can help your company define device access compliance thanks to a choice of onsite or cloud-based supervision. Consider user authentication for both device and services login whether in your corporate network or in the cloud. Secure Web Gateways (SWGs) will help your BYOD program into monitoring possible malware, fraud or leakage threats! Bear in mind the growing array of apps. Consider future app development and private app store for managing and distributing apps endorsed by your company and include a Mobile Application Management (MAM) program while you are at it. MEAP (Mobile Enterprise Application Platform) also need to be reviewed and considered. MEAPs address the difficulties of developing mobile software by managing the diversity of devices, networks and user groups at the time of deployment and throughout the mobile solution’s lifecycle.
6. Review the content of your BYOD policy
Define HR and IT’s responsibilities and liability. Describe BYOD hardware, software, OS and apps administration management including data encryption for sensitive data, loss and theft responsibilities, authentication and pins. Define lock and wipe features and make sure your employees are informed about this very specific policy as soon as you hire them! Limit sensitive system access to servers via VPN and Gartner even recommends “wiping and rebuilding when returning from trips to high-risk countries.
7. Ratify your preliminary BYOD policy
This should be the first preliminary document handed out to employees and signed by them and their respective supervisor before usage including definitions of BYOD, responsibilities for companies and privately owned devices, user liability. Carefully chose a limited amount of users and test the policy 4 weeks long. With the help and comments of the participants redefine and review areas that need improvement and refine your policy until a second test rollout can be started again.
What difficulties are you encountering when planning a BYOD strategy? What are the challenges your company is facing? Let us know and we will include your suggestions and ideas in upcoming articles.