The Bring-Your-Own-Device (BYOD) program has several benefits from an IT administration and general business perspective, such as improving employee job satisfaction and productivity, costs savings on company owned devices, and increasing employee availability across the company
But CompTIA’s recent survey suggests that 51 percent of large enterprise firms have not jumped on to the BYOD bandwagon – only three percent of medium and large firms and nine percent of small firms have adopted a full BYOD policy. According to the survey respondents, in addition to security concerns, the math for BYOD investment apparently fails due to hidden indirect costs such as the complexity of supporting a wide array of devices, investments in building the mobility management skills of IT staff and the overhead of balancing the needs of end users and IT. Make no mistake, all these enterprises have also acknowledged the growing importance of mobility management and are making investments in that direction. They seem to be more comfortable with the idea of having complete control of the devices – just like they do on employees’ laptops and PCs. The natural tendency to extend this deep entrenched IT management philosophy to mobile devices and that is precisely the reason why many BYOD initiatives fail.
The math for BYOD adds up if you adopt a simple philosophy in your BYOD mobile strategy: Manage Data Not the Device. With this philosophy you can realize the value of BYOD program that enables your employees to use their personal devices securely for work.
Now let’s address the challenges that can potentially drain the savings from BYOD program. Note that the capabilities discussed below aren’t theoretical. They are currently provided by some of the robust BYOD management solutions available in the market.
- Security: BYOD programs amplify security concerns owing to the rapid proliferation of mobile endpoints accessing corporate network and assets. Instead of the entrenched IT view of controlling device features and capabilities, a viable and practical alternative is to ensure complete protection of company data at rest (on the device) as well as in flight (during transmission), and not worry about the device itself. For this, the BYOD management solution must provide robust encryption, on top of SSL, and isolate corporate data from the rest of the mobile device using “encrypted containerized apps” to deliver business data, documents and applications on personal devices. The solution should also enable pin locks on these apps independent of device pin lock, protecting the data in the apps against casual perusal.
- Integrating a wide array of diverse devices: From 2012 to 2013, the number of distinct Android devices grew from 3,997 to 11,868. This is an overwhelming growth of devices for IT admins to support on their company network. A robust BYOD management solution will keep all the mobile devices outside the network and process the mobile requests using an intermediary “gateway-behind-a-firewall” that makes only outgoing connections to exchange data with the devices. Using this gateway, IT admins can further control what company resources are accessible on these personal mobile devices. Such solution architecture ensures virtually no changes to network VPN and firewall settings.
- Balancing the needs of end users and IT: A successful BYOD implementation is all about striking the happy balance between corporate data protection and employee’s personal freedom. This is possible by the use of “containerized” apps for accessing company emails, documents and intranet sites. When required, the IT admins can just remote wipe the data within these “containerized” apps without impacting the personal data on the device.
- Determining ROI: The benefits of a BYOD program are clear: employee flexibility, savings on company-owned device costs, productivity gains, higher employee availability, and competitive differentiation. Some of these benefits can be easily quantified such as savings on device costs. But the qualitative benefits such as employee productivity gains and greater employee availability are more difficult to quantify. Additionally, to realize these qualitative benefits, you will have to look for opportunities throughout your workforce and business applications to identify where mobility could drive substantial efficiency and innovation. Determining the ROI of a BYOD management solution is possible with thorough internal review of processes, building activity-based costing and identifying potential areas of savings and additional revenues.
- Enforcing mobility policy: IT organizations have painstakingly developed IT policies for their companies, keeping laptops, desktops and servers in mind. Mobile devices, by the very nature of their design and use cases, have greater exposure to vulnerabilities. A BYOD management solution should allow IT admins to easily extend existing IT policies and authentication systems to the mobile devices with further refinement to what information can be accessed on the mobile devices by specific users. The aforementioned gateway-based architecture that integrates with existing security and authentication systems enables single sign-on to back-end systems with NTLM.
- Building mobility management skills of IT staff: IT staffs have to be knowledgeable about mobile technologies in order to support mobile business users. This need is accentuated in company-owned device scenarios where the IT staff needs to be able to troubleshoot the devices that they control and manage. BYOD management solutions typically use a suite of apps to deliver emails, documents and business applications, which rarely differ from device to device. These apps may only vary between mobile platforms like iOS, Android and Windows 8. So the focus of IT staff’s training, in a BYOD context, is the suite of apps on a handful of mobile platforms instead of features and capabilities of numerous devices.
In conclusion, the BYOD trend is compelling and inevitable. It is, however, not devoid of challenges. Often these challenges are exacerbated by IT admins adopting traditional methods to manage and control devices in a BYOD context, which is a misfit. BYOD has tangible benefits of which some are easy to quantify while others require more detailed analysis. If one focuses on managing just corporate data in BYOD scenario, using a comprehensive mobility management solution, the BYOD challenges can be easily addressed without compromising security. This helps to minimize indirect costs and increase the ROI from your BYOD investment, making the math for BYOD add up.