This document discusses bring your own device (BYOD) policies in enterprises. It notes that the mobile device market is thriving, with growing usage of personal devices for work purposes by physicians and other professionals. It outlines considerations for allowing employee-owned devices onto corporate networks, including how to provide secure access while protecting data and delivering mobile apps. The document discusses developing a holistic enterprise mobility strategy and solution that provides security, manageability, scalability and support for multiple mobile operating systems. It also raises questions that organizations should address around compliance, risk tolerance and device support when developing a BYOD policy.
2. Client computing is evolving - giving IT
and end users the power to do more
2
Users Devices
Mainframe computing
era
Personal
computing era
Mobile
era
Less than 2000 systems sold in
1960
Over 900,000 systems sold in 1980 1 billion processors connected by
2015
Users
n 1 1 1
Users
1 n
DevicesDevices
3. The mobile device market is thriving
3
$100 million $1.7 billionMarket for mobile devices in healthcare
2011 2014
$4.7 billion U.S. hospital spending on IT $6.8 billion
2 out of 5 physicians go online during patient
consultations; mostly on handheld devices
63% of physicians are using personal devices for mobile
health solutions not connected to their practice
86% of physicians are interested in accessing Electronic
Medical Records from mobile devices
2% Mobile device usage compared to overall IT 25%
Source: TechTarget news
4. Enterprise Mobility Adoption Curve
Mobile Workflow
Mobile Intranet
Corporate
File& Directory Search
Sales & CRM
Enablement
Field Service
Enablement
Mobile Business
Intelligence
Enablement
UnifiedCommunications
Mobile KPI Dashboards B2CApps
Personal Information
Management
Email
Internet
InstantMessenger
ProductivityApplications
• Many organizations follow a similar
mobility adoption curve.
• The right strategy and roadmap must
be established to help you on your
journey, and design and implement
the right solution to support your
business needs.
• Empower the workforce in a flexible
and secure way maximizing ROI.
• Reach out to your customers, enable
them to interact with you in
convenient ways, expand business
value and maximise customer
satisfaction
4
5. Handling the Smartphone & Tablet explosion presents
new enterprise management challenges
5
Corporate Owned
BlackBerry Devices
Secure
Proliferationof Smartphone/TabletPlatformsin theEnterprise
o How doI providesecure access and protect
corporatedata?
o How doI deliverLOB mobileapps toimprove
productivity?
o How doI ensure my mobileapps workonsuch a wide variety
of devices?
o How doI keep costsfrom getting out ofcontrol?
o How doI let myemployees select the mobiledevices they
want while deliveringthe security and management IT
requires?
Enterprise Systems / Data
6. Why allow employee-owned devices into your
environment
• They are fun, and your executives
and employees want them
• Improved employee morale and
productivity
• Improved compliance and security by
recognizing that employees will use
device of choice and planning for
these devices in corporate
environment.
• Ability to create customized mobile
applications to solve business
problems
• Reduce device and plan costs
• Reduced employee costs for devices
and plans based on corporate
agreements with carriers
6
7. Considerations for employee-owned devices in your
environment
• Control over devices to implement
governance and policy requirements
• Timely deletion of data in the event
of loss or theft of device
• Ability to restrict content on the
devices, including third party
applications
• Control over the device platforms,
operating systems, and other factors
to manage vulnerabilities associated
with each consumer device platform
• Better support from carriers than
maybe available for individual
employees utilizing their own,
consumer-grade device
• Additional security controls may be
required to meet security,
compliance, and regulatory
requirements.
7
8. Special Concerns for Some Industries
• Consumer mobile devices present special
challenges:
– New operating environment is like the wild west
– Unhardened Operating Systems are vulnerable to
exploitation, with few protections compared to hardened
or purpose-built devices
– Devices may represent unmanaged entrance/exit points to
secured, segregated ICS networks
– Clear definition of allowable devices and activities is
required
– Security flaws in devices may not be resolved in a timely
manner, if ever
8
11. What is your risk level / appetite?
11
Government Intelligence
DOD – TS/TS SCI
Federal Civilian and Global 500
Financial, Engineering, Pharmaceutical
PCI Data on the phone
PHI data is on the phone
PII data is on the phone
Email is on the phone
Data on the phone
Recover phone
12. Mobility security affects/is affected by…
12
End Users
Security
Governance Business Strategy
Architecture
Applications Infrastructure Risk Posture
Service Desk
Data Classification
WiFi VPN Policies
Compliance
DLP NAC
Encryption
13. A mobility strategy leads to a solution that is secure,
manageable, scalable, and open to all mobile OSs
13
Key Features:
•Provide Security
– SecureDeliveryof EnterpriseData
– DataIsolationonDevice
– Encryption
– PolicyCompliance
•Manage Complexity
– MobileDevice Management
– Multi-OSSupport
– Multi-ApplicationSupport
•ImproveProductivity
– LOB MobileApplications
– CustomMobileApplications
– WirelessEmail& PIM
•Manage Costs
– MobileExpenseManagement
– Carrierplanmanagement
– Alerting
– UsageTracking
Customer
Secure
End User
Secure
14. MDM – Making the Smartphone Enterprise Ready
Multi-Platform Support
– ActiveSync, BES, Good
Security & policymanagement
– Enforcement ¬ification
Dynamic cost management
– Roaming &plan management
Application management
– Enterprise application store
Device monitoring
– Health &usage
Analysis and reporting
– Predictive & cost avoidance
Deliveringmulti-platformsecurity,visibility, controlandcostsavings
“Managing how users
Interactwith devices”
“Managing devices, data and applications”
“Managing costs of devices”
“MDM should be an agnostic OS, device and carrier
independent solution”
17. Value of a Mobile Enterprise Application Platform
17
18. Strategies for BYOPC
18
• Establish catalog of supported operating systems:
– Windows 7 & 8
– Mac OS X?
– Linux Variants?
• Catalog of supported AV solutions
• Use Inspect to Connect technology to interrogate
employee-owned PC to verify compliance
• Utilize virtualized applications or virtual desktops to
secure enterprise apps and data on untrusted devices.
• Virtual desktop clients can be configured to control
writing to local or removable media, printing, cut &
paste, etc.
19. Questions to ask when considering BYOD
19
• Are there any specific concerns that would
preclude the use of employee-owned devices?
– Information may be subject to FOIA requests or
other regulatory or compliance requirements.
• Is there a catalog of devices that would be
allowed to access enterprise applications?
– With each new platform supported in the
environment, complexity is added. Costs may
increase as additional versions of enterprise apps
are developed and maintained.
20. Questions to ask when considering BYOD
20
• Is the organization willing to accept a short-term
increase in risk to allow newer platforms access
to data while the device’s management and
security tools mature?
– For corporate-owned devices, it may be an easy
decision to delay upgrades; however, for personally-
owned devices, employees may be unwilling to forego
the latest devices or updates.
• Have we considered all of the risks?
– Inappropriate content on personally-owned devices.
ECPA considerations? Compensation considerations,
especially for CA-based employees?
*** Should we copy into non-Dell presentation template?
*** KEEP or DROP – maybe change third column to “Mobile Era?”
*** I Think this is a good slide showing the adoption curve, will need to revise title and remove dell consulting references in text
In a recent study – 75% of surveyed companies indicated that they currently allowed, or were considering allowing personally-owned devices to access company information
Smartphone device sales are forecasted to exceed Notebooks + Desktops (combined) by 2012 [Morgan Stanley]
End user preference is driving enterprises to offer more device choices
Security is #1 concern; must protect enterprise data on growing population of mobile devices
Wireless Email & PIM (contacts, calendar, tasks) is core application that most solutions are build around today
LOB apps and collaboration are next logical opportunities
Good Strategy Overview Slide – may need to revise some text in boxes to more accurately meet audience’s needs
***Change title to reflect benefits of using consumer devices
Personal information management (PIM) refers to both the practice and the study of the activities people perform in order to acquire, organize, maintain, retrieve and use information items such as documents (paper-based and digital), web pages and email messages for everyday use to complete tasks (work-related or not) and fulfill a person’s various roles (as parent, employee, friend, member of community, etc.).
E*Trade’s mobile trading app on BlackBerry
Coca-Cola Enterprises (CCE) mobilized its merchandisers to make the jobs they do on a daily basis as easy and intuitive as possible
Heineken - refreshed its mobility platform to empower field and merchandising representatives
Xerox – front line employee mobile app for enterprise data access