According to a 2011 study by IDC, approximately 40% of corporate employees use personal mobile devices to access corporate networks and systems. When executives embrace personal iOS devices, and require that IT support and connect their devices to corporate systems, it fuels the trickledown effect and subsequent need for a BYOD program. An OVATION Wireless Management White Paper: www.ovationwireless.com.
Best practices in bring your own device (boyd) for the enterprise
1. Bes Practices in Bring Yo Own Device (BYOD for the
st B our n e D) e
En
nterprise Secur
e: rely Ena
abling Y
Your Mob Con
bile nnected
Woorkforce While Avoiding the BY
e A g YOD Tax
x
An OVATION Wireless Managemen White Pape
s nt er 1-866-207-2111
www.ova
ationwireless.
.com
2.
Architecting your BYOD strategy
The evolution of enterprise computing has taken-on an entirely new face. Mobile form factors
have dominated the enterprise computing landscape in recent years and this growth trend is not
slowing. That fact that in the fourth quarter of 2011 Apple sold more iPads than any other
manufacturer sold computers is a testament to the rapidly expanding mobile computing
juggernaut. Consumerization of IT has been the catalyst for the proliferation of tablets and
smartphones in the enterprise. Consequently, the growth of Apple iOS devices acquired by
employees is driving the tidal wave of demand for IT organizations to adopt a BYOD program.
According to a 2011 study by IDC, approximately 40% of corporate employees use personal
mobile devices to access corporate networks and systems. When executives embrace personal
iOS devices, and require that IT support and connect their devices to corporate systems, it fuels
the trickledown effect and subsequent need for a BYOD program.
Therefore, it is no surprise that enterprises worldwide are facing increasing pressure to allow
employees to bring their own devices into the enterprise and connect them to corporate
networks and systems. In fact, according to industry reports, over 70% of enterprises have
developed some form of BYOD program. The initial benefits, to the enterprise, of enabling
BYOD include employees working longer hours, greater employee satisfaction and a reduction
in the capital expense of mobility because that burden is shifted, in part or whole, to the
employee. While the initial assessment of BYOD often reveals benefits of allowing employees
to bring their own devices, more often than not there is a significant cost in letting them do so –
the BYOD Tax – which is made-up of higher wireless service expenses, higher support costs,
higher application development costs, higher security costs, higher regulatory compliance costs
and higher administrative costs.
In order to avoid the BYOD Tax, enterprises need to architect their BYOD program with the right
set of constructs that enables the appropriate degree of end-user preference resulting in
increased productivity and satisfaction while ensuring that the total cost of ownership (TCO) of
enterprise mobility is not negatively impacted.
As your IT organization assesses the impact of BYOD and plans for the future of embracing
consumer preference and a mixed mobile IT ownership environment, this white paper will help
you develop a programmatic approach to deliver an effective BYOD framework that enables
choice while containing costs. The following best practices will help you take a holistic
approach by addressing the key factors of your program framework and setup the appropriate
governance model for your mobile connected enterprise.
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
3.
Best Practice 1: End-User Segmentation
In order to align the best mobile IT resources for your workforce you’ll need to develop end-user
segments based on criteria that will maximize end-user productivity while ensuring a secure and
cost effective mobile enterprise ecosystem. In defining the end-user segments you should look
for natural usage patterns, determine location requirements and review business requirements
by segment including:
• End-user contribution to the bottom-line
• Access/time sensitivity
• Location
• Value impact of mobility
• Regulatory compliance
• Data access
• Systems access
• Application usage
• Voice/data usage
Typically five or six different segments are sufficient for developing an effective framework for
your BYOD program to help define the technology portfolio that will be accepted into the
program.
It is helpful to define end-user segments by location/type of worker:
• Task Worker: Day Extender
• Knowledge Worker 1: VIP
• Knowledge Worker 2: Home Office Worker
• Power User 1: Field Sales Force
• Power User 2: International
• Power User 3: Field Force
When you’ve completed the end-user segmentation you’ll need to establish support levels,
expense levels and governance parameters. Next, you’ll need to capture the application usage,
systems access requirements and data access requirements in order to align the best
technology portfolio with the user needs. For example, if there is a specific end-user segment
that has access to highly regulated data or processes then your policy and security for that
segment needs to ensure regulatory compliance. The end-user segments are the cornerstone
for establishing the policies to help govern your BYOD program and ensure a secure and
productive mobile connected workforce.
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
4.
Best Practice 2: Defining Financial Liability by Segment
One of the most overlooked elements of BYOD programs is financial liability. When ignored,
financial liability is the single biggest factor in driving up the TCO of the mobile enterprise and
contributing to the BYOD Tax.
Financial liability is the process of establishing who contracts with the wireless carriers for the
service plan. Corporate liability is when the enterprise establishes the carrier relationship and
financial responsibility for the plan. Corporate liability, when managed correctly, can deliver the
greatest efficiencies in wireless service costs. Individual liability is when the end-user contracts
directly with the wireless carrier. Individuals are typically relegated to the plan du jour and in
most cases purchase plans that are much less efficient based on their actual usage.
According to the December 2, 2011 Forrester report Consumerization Drives Smartphone
Proliferation, “More than half of US information workers pay for their smartphones and monthly
plans, and three-quarters pick the smartphone they want rather than accept IT’s choice.” The
problem with information workers paying for their monthly plans and getting reimbursed by the
enterprise is the loss of enterprise buying power and subsequent increase in the wireless
service costs of up to 35% or more. When enterprises implement a flat stipend (Ex. $50 per
month) then end-users will throttle their usage in order to prevent having to subsidize the
wireless spend for the enterprise resulting in a reduction in the benefit of mobility. In addition,
the administrative cost of processing the monthly payment ($25 to $45) often goes overlooked
and is an additional contribution to the BYOD Tax.
When enterprises allow employees to purchase their own wireless plans then they also
relinquish the decision of what services are selected to enable the end-user to be productive
and efficient.
The changing landscape of rate plans is creating additional complexity. Verizon and AT&T’s
introduction of shared data plans create a new management challenge in containing wireless
service costs. Verizon and AT&T are attempting to stem the loss of revenue from applications
that provide text and messaging capabilities over the data connection and circumvent the carrier
text service. In addition, the unlimited data plans have virtually all but disappeared with a few
exceptions.
Best-in-class enterprises that are driving down the TCO of mobility are implementing a hybrid
approach to financial liability. For knowledge worker and power user segments that need data
access it is important for them to fall under corporate liability in order to mitigate the risk of
escalating costs of individual service plans. For task worker segments that simply extend their
day and use email as the killer application then individual liability and a flat stipend is an
effective method.
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
5.
Best Practice 3: Technology Alignment and Device Choice
As you define the technology and services that best equip each segment with the capabilities
that will drive productivity gains, it is important to take a future-proof approach and make sure
that your enterprise mobility roadmap is in alignment with your overall IT roadmap. When it
comes to BYOD and the portfolio of devices, operating systems, services and applications, best
in class enterprises support end-user choice to a certain degree yet place some limits on what
they’ll support in the BYOD program. Technology alignment by end-user segment is another
area where the BYOD Tax can rear its ugly head.
The cost to develop and support applications across all mobile platforms contributes
significantly to the BYOD Tax. You’re best served to create an environment that consists of
approved devices that enable you to develop applications that work seamlessly with the user
interface models of the device set. Taking this approach will also help reduce your maintenance
expense which often makes-up over 60% of the mobile application expense.
Aligning the technology portfolio for each end-user segment is a critical step that should not be
taken lightly. For example, understanding the location of operation of the end-user segment has
significant ramifications. If the end-user requires global access then the technology portfolio for
that end-user will differ greatly from a domestic end-user. Make sure that the technology
portfolio delivers on the exact needs of each segment. Creating a matrix of devices,
technologies, services, support and associated costs designated for each end-user segment is
an effective way to define, communicate and manage the enterprise mobile technology portfolio.
The enterprise mobility matrix should encompass all technologies including laptops to ensure
complimentary technologies don’t break the budget.
In most BYOD environments, it is not just a device choice but other choices that need to be
defined and approved. According to iPass’ Mobile Workforce Report, Q1, 2012 the average
mobile connected worker is equipped with 3.5 devices. This is up from 2.7 devices during the
same period in 2011. With a plethora of new mobile device introductions taking place over the
next several months, this growth trend is expected to continue. Rumors abound of new tablet
form factors that will likely become complimentary devices versus replacements. Therefore, it
is important that you revisit the enterprise mobile portfolio matrix on a quarterly basis to keep up
with the changing mobile landscape and ensure you’re supporting the best technology set. In
addition, when employees in the knowledge worker or power user segments purchase these
new devices, it is important that they understand that they’ll be required to activate them on the
corporate service plans. When you equip an employee with 3.5 mobile devices on average, the
corresponding service spend can quickly grow out of control. Your BYOD program must have
the appropriate management controls in place to ensure that your wireless services spend
doesn’t break the IT bank.
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
6.
An additional requirement associated with BYOD programs is Mobile Device Management
(MDM) applications. MDM applications ensure policy compliance of devices connecting to
corporate IT infrastructure as well as eliminating security threats. In order for this to be
effective, you’ll need an MDM solution with baseline functionality that generally includes asset
management, encryption, password policy, remote lock/wipe, and email/Wi-Fi/VPN
configuration. When enhanced mobile security and data protection is required, there are also
MDM options that include functions like mobile anti-virus protection and point-to-point
encryption.
Best Practice 4: Policy Development
A detailed enterprise mobile policy is an absolute necessity with any mobility program including
BYOD. Because BYOD introduces some grey areas in terms of ownership and responsible
parties, you need a policy that will limit your legal exposure and provide governance over your
BYOD program.
With the recent issues over Carrier IQ’s diagnostic software providing the ability for carriers to
track location and keystrokes, privacy advocates mobilized and Rep. Ed Markey (D-Mass.)
drafted the Mobile Device Privacy Act. While this has not been passed into law yet, it is a sign
of things to come. When you combine this with the Electronic Communication Privacy Act and
the plethora of state and local government laws that govern distracted driving, you have to make
sure that your enterprise mobile policy mitigates the legal risk of your BYOD program.
One of the most important elements of your BYOD policy is notifying employees that if they
choose to participate in the program then they agree that the corporate IT department will be
placing Mobile Device Management software on their device and that it will be monitored and
managed in order to eliminate risks to the enterprise. It is very important that the employee sign
an agreement accepting this policy.
In addition, you need to have the employee agree that they will not use their mobile device while
operating a motor vehicle. If they do, then they’re responsible for the consequences. The
employee needs to indemnify the enterprise to ensure that all accidents resulting from using a
mobile device while operating a motor vehicle are the responsibility of the end-user.
The policy also needs to help mitigate the risks of nefarious acts conducted by employees with
mobile devices. This can include governing the use of cameras, unapproved content and
removable media.
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
7.
In addition to the items we’ve addressed above, the BYOD policy should include criteria for the
different segments based on:
• System access parameters
• Data loss prevention
• Corporate data management
• Corporate or individual liability
• Financial responsibility
It is not a bad idea to have all employees sign your enterprise mobile device usage policy. That
will help you mitigate the risks of those devices that slip through the cracks. Some reports
indicate that more than 40% of enterprise mobile devices are connecting to corporate systems
without the knowledge of the IT department.
With the rapid evolution of mobile technologies and state, local and federal laws, you’ll need to
review your BYOD policy on a frequent basis. Once a policy has been developed and
implemented then it needs to be managed to ensure that it protects the enterprise and the end-
user. End-users need clear and concise communication on what’s allowed and what’s not
allowed as well as feedback on their compliance. This is an important task for the mobile
governance center of excellence inside your organization. If your organization doesn’t have a
mobile governance center of excellence, then it is important to establish one prior to BYOD
program rollout. These organizations are typically made-up of end-users from each segment,
line of business management and IT management.
Best Practice 5: Security
Security is the single greatest concern of CIOs when it comes to BYOD programs. There have
been many high profile data breaches resulting from mobile device threat vectors. Each device
is an endpoint that can become a security threat that varies based on the end-user segment and
class of device. Therefore, making sure that you implement an MDM solution that provides for a
granular level of policy definition is very important for mitigating risks. According to the 2011
study on IT security practices, laptop or mobile device theft was the second most common type
of security incident and was reported by over 20 percent of organizations
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
8.
In order for the BYOD program to be successful, it is important that your MDM, Data Loss
Prevention (DLP) and Mobile Device Security solutions deliver:
• Asset and identity management
• Storage controls
• Network access controls
• Application policy controls
• Permissions
• Authentication
• Password settings
• Move, add and change management
• Unauthorized usage alerts
• Web and messaging security
Best Practice 6: Support
Supporting end-user segments is another element of BYOD programs that can exacerbate the
BYOD Tax. The end-user segment and the value that they deliver to the corporation via mobility
should be a key parameter in defining the support level.
It is also important that your BYOD policy is clear on device replacement processes and
financial liability to ensure that the correct expectations have been set when these incidents
arise.
For end-users that require high availability and are highly time sensitive in performing their job,
then you’ll want to consider a service level that provides for issue resolution typically within two
to four hours. In some instances onsite support is warranted in order to drive rapid incident
resolution and employee productivity.
For task workers that are not performing mission critical tasks with their mobile devices, then
self-service support through the carrier support line should be sufficient.
These examples are the opposite ends of the spectrum of support that can be required for
BYOD programs. It is critically important to set the expectation of support levels with each user
and establish the process by which they communicate incident requests.
Support costs are a significant component of end-user operations and corporate operations
expense. Defining the supported technology and the appropriate levels of support are critical
for containing the TCO of BYOD programs
An OVATION Wireless Management White Paper 1-866-207-2111
www.ovationwireless.com
9. sion:
Conclus
Avoiding the BYOD Tax ultimate means ac
T ely chieving a leevel of compromise with employees by
enabling choice with the approprriate financia controls, te
al echnology ccontrols, gov
vernance andd
support to enhance productivity while mitigat
t p w ting risks to the enterpris By incorporating the 6
se. e
best prac
ctices outline above, yo
ed ou’ll be deveeloping a hollistic approach to BYOD that will
D
embrace technologic innovation while deliv
cal vering a satissfied, productive and se
ecure mobile
e
connecte workforce
ed e.
For more informatio
e on:
Visit: ww
ww.ovationw
wireless.com
Or call: 1-866-207-2
1 2111
An OVATION Wireless Managemen White Pape
s nt er 1-866-207-2111
www.ova
ationwireless.
.com