Rene Hendrikse, vice-president Europe at mobility services firm iPass, explains some of the issues businesses must consider when introducing bring-your-own-device (BYOD) schemes
It is clear that the rise in popularity of personal smartphone devices is making its mark on the office environment. This consumerisation trend provides employees with more device choices and flexibility in where they work, but it’s taking away control from IT departments. Unfortunately for IT, the consumerisation train has left the station without regard for IT’s role and studies have shown that a staggering 73% of enterprises have non-IT managed devices accessing corporate resources – what has become known as a bring-your-own-device (BYOD) culture. This has caused a fracture in IT security policy and network costs. IT cannot rely on a policy that tries to effectively use the PC security model in a smartphone and tablet environment - a comprehensive enterprise mobility strategy needs to be in place.
So what are the challenges with BYOD?
Only 30% of UK IT departments are incorporating smartphone and tablet management initiatives in their strategies for 2012. The cascade of devices entering the enterprise, combined with the lack of a coherent enterprise mobility strategy, is throwing many IT departments into turmoil: their presence on an organisation’s network without the right tools for support increases costs, as well as risks of data breach, data loss and non-compliance. However, if implemented correctly, a proactive enterprise mobility strategy that encompasses a BYOD plan can improve compliance, flexibility, device security and contain network costs. So how can IT managers ensure they get the most out of a BYOD environment while mitigating the risks?
The importance of onboarding
Making the most of personal devices in the enterprise is not as straightforward as merely letting users log on to the corporate network. In the first instance, devices need to be registered or onboarded so that users can securely and seamlessly access corporate data. Registration allows devices to be identified and user credentials validated in a way that allows IT managers to differentiate and control network and data access privileges. This also ensures employees have the right knowledge, skills and behaviours for ensuring the security of devices and ultimately company data. Onboarding devices is a critical step for management and maintenance and it is important for any enterprise that permits BYOD to understand and plan for this.
Securing against data loss
Smartphones and tablets are being increasingly used to access corporate data and, as security is one of the main priorities for IT departments, it’s important to determine which corporate applications can be accessed from an employee-owned device. IT departments need to be able to manage device and access policies, preferably from a single point of control, so IT can ensure security policies relating to VPN, anti-virus software, activation of personal firewalls or use of encryption are enforced, and that in the event of a device being lost or stolen, IT is able to remotely wipe corporate data. Security issues around non-managed devices are on the rise, with 46 percent of IT executives admitting to experiencing a security problem related to an employee with an unprovisioned device. Companies not only need to consider the value of their data and the risk of losing it, but also the potential compliance and reputation implications.
Keeping mobile data costs down
At present, 68 percent of IT managers believe their mobility costs will go up over the next 12 months, due to a rise in the number of mobile users and employees’ growing use of multiple devices. Furthermore average smartphone usage nearly tripled in 2011, and each tablet generated 3.4 times more traffic than the average smartphone. As of today, the typical mobile employee uses 3.5 devices ranging from laptops, netbooks, smartphones and tablets. Corporate IT departments need to ensure that their BYOD strategy is designed to handle this increased number of devices without a negative impact on costs. The new iPad is only going to increase CIOs’ headaches, both on the strain on their networks and as a managed device.
BYOD can also result in much higher cellular data charges for an enterprise if not managed correctly. A recent article in the New York Times, ‘Proposal for EU Roaming Fees Includes Global Cap,’ highlighted this issue by outlining the roaming challenges of The Coca-Cola Company, whose 2,000 cross-border working employees experience such prohibitive roaming costs they cannot use such basic productivity tools as e-mail, Skype or efficiency programs.
A dedicated Wi-Fi provider can allow enterprises and their employees to be globally mobile in a cost-effective manner and there are a few insightful traditional network operators around the world, such as Orange Business Services and Deutsche Telekom, who have realised the value of incorporating a Wi-Fi roaming solution with 3G and 4G access. Bring your own network with you and your employees have access to a global commercial Wi-Fi network. Enterprises are then exposed to less risk than unknown and unvalidated hotspots. In this way, businesses can also enhance their security as users maintain a secure connection to corporate data wherever they go.
The BYOD phenomenon is here to stay. The biggest challenge for IT now is how to best manage all these devices and get their time back to focus on their core role. It is important to ensure an enterprise mobility strategy includes a BYOD policy, addressing how to effectively manage and secure personal devices while avoiding high network usage charges. With the right policy in place, companies can enjoy the many benefits of allowing BYOD, including attracting and retaining the top talent, increased worker productivity and global mobility, which brings greater employee satisfaction as well as reduced IT headaches and costs.