CDW EDITORIAL

BYOD: COST SAVER NOT CURSE

Make “bring your own At fi rst blush, bring your own device (BYOD) sounds device” policies part of a like a gift for budget-minded organizations. After all, if employees off er to use their personal broader mobility strategy computers and communication devices for work that’s less that IT can manage and money for computer gear coming out of an enterprise’s secure, and employees can capital expense budget. Employees also get to use their preferred hardware, and some organizations report use to be more productive. this can result in overall higher employee morale. But is it really a bargain? What about the IT department, which will have to manage and secure a wide range of new devices, from notebook PCs and to tablets and even consumer-oriented iPod touch digital assistants — not to mention the many operating systems and applications trying to sensitive corporate data? While the concept presents pros and cons, many high- profi le organizations are adopting bring your own device to work policies, allowing workers to use the computing machine of their choice. While such policies may require some changes in corporate strategy, they can result in a number

6 BYOD

of benefi ts including increased users across diff erent departments.” a portion of associated data plans. productivity, lower support costs Mobility experts and veterans of has analyzed the and enhanced employee morale. BYOD initiatives say the answer is fi nancial impact of BYOD since it to understand the business needs launched its own internal program BYOD Benefi ts of the organization and then devise three years ago. It now pays 15 percent Larger enterprises off ering liberal a plan that balances corporate of its employees a $2,100 stipend device policies include CARFAX, governance and employee choice. to buy and use a notebook of their Kraft Foods and Proctor & Gamble, choice. But along with that, employees which off er incentives to induce New Th inking Required must purchase a maintenance employees to bring their own mobile How signifi cant is the BYOD contract from the device supplier, devices into the workplace. trend? One measure to look at which means the Citrix help desk CARFAX, for example, gives is how workplace smartphones does not support these employee- staff interest-free loans for new are being provisioned. Forrester provisioned devices. And that’s where computers. Kraft plans to let Research says employees choose Citrix sees monetary savings. employees buy their own PCs. And their own smartphones 70 percent Th e company estimates that Proctor & Gamble is letting several of the time, with 48 percent of the procurement and support costs hundred of its employees use their devices picked without regard for for notebooks boost the TCO to own notebook PCs in the offi ce. IT support. Th at means only 23 about $2,600 for equivalently Even the federal government percent of the smartphones used priced systems it requisitions. Th e is jumping on this bandwagon. at work in the United States are bottom line: BYOD saves Citrix about Th e Veterans Aff airs Department delivered as a take-it-or-leave-it $500 per device over three years, has announced plans to begin device by IT, the analyst fi rm says. according to Michael McKiernan, vice letting use of and iPads Th e consumerization of IT is president of business technology. on its networks this fall. upending the control IT departments With another 10 percent of the And last year, a senior White used to enjoy when they could staff participating (even without a House technology offi c i a l fl o a t e d enforce corporate standards for stipend), nearly a quarter of Citrix’s the idea of the government using specifi c PCs and operating systems. staff now uses BYOD notebooks. Th at stipends as part of larger initiatives But mobile devices change things number is likely to increase as new to reduce IT costs and help agencies because employees routinely use hires are brought into the program migrate more services to cloud- the latest and greatest devices and current participants renew their computing environments. outside of the workplace and can participation after three years. (Stipend “While gaining acceptance, there’s an become dissatisfi ed quickly with a recipients are charged a pro-rated fee increased complexity from managing all corporate standard if they view it as if they leave the company sooner.) those devices and versions of software, inferior to their options personally. Citrix provides a BYOD stipend and complexity is the enemy of total What’s more, some mobile renegades only for the purchase of a notebook, cost of ownership,” says Jack E. Gold, will deliberately fl aunt corporate not other mobile devices. “We ran president and principal analyst with guidelines. Th ey will bring in rogue the numbers for smartphones the consulting fi rm J. Gold Associates. devices that IT doesn’t even know are Th e reality is that many IT on the network — or let alone manage. managers are under pressure to A well-crafted BYOD policy can help develop BYOD policies that address incorporate employee preferences into these security and complexity a sound management policy. But many SMARTPHONES: issues — and to do so quickly. enterprises are motivated by more than THE NEW BUSINESS TOOL “Two years ago, device management a desire to quell employee uprisings. meant deploying a line of business Organizations can see some clear users handle applications for the fi eld sales group,” business benefi ts through creation of of work-related says Mark Jordan, senior product a workable BYOD strategy, including 36% calls and manager for mobility at Sybase, which reduced capital expenses. For example, includes mobile management solutions Forrester reports that more than of e-mail on their mobile phones. within its software portfolio. “Now, half of the nation’s workforce now 26% organizations may have to manage 20 pays for all or some smartphone use Source: Forrester Research or 30 apps each, for several thousand at work, picking up the cost of all or

7 CDW EDITORIAL

AND THE business needs fi rst, then retrofi t the technology that works the best to achieve those goals.” WINNER IS … Th at means seeing BYOD not as an end game. It’s one component in a robust mobile strategy that Before enterprises defi ne the specifi cs of their addresses all the areas where mobility makes sense BYOD policies, they should look at mobility and creates a long-term roadmap for delivering strategically. Th is means fi guring out which the appropriate applications and services. applications can take advantage of the small but “You don’t want to do BYOD with a series of powerful computing devices that people now short-sighted projects,” Jordan advises. have access to virtually anytime and anywhere. Enterprises also should update their existing mobility If the organization needs help identifying policies, which may have been tucked away in three-ring the top applications, do what a number binders or fi le cabinets since their initial creation a decade of companies and government agencies ago. “Organizations really need to re-evaluate all these have done: Sponsor a contest challenging policies in light of the latest technologies and the most employees to design and develop mobile apps. recent regulatory issues for information management that apply to their industries,” Ginevan recommends. “Whoever has the best ideas gets a free For security and management ease, BYOD tablet,” says Sean Ginevan, product manager rules should address fi ve core considerations: for Mobile Iron. “Who better than the • Which workgroups can bring in their own gear? people with boots on the ground inside the • Should groups be segmented by job organization to tell you what to mobilize?” function, organizational unit or region? • To what data will BYOD devices be granted access? • What kinds of mobile devices will be allowed? and tablets, and because of discounts we receive, • What will be allowable minimum capabilities it’s not economical,” McKiernan says. of the devices and operating systems? Some additional BYOD benefi ts beyond fi nancial Answering the last question will be complicated savings are rippling throughout enterprises. A large because security and management capabilities of pharmaceutical company reports the volume of some hardware and OS combinations are still a work Tier 1 help desk calls is less for employee-owned in process, experts say. For example, some Android devices, says Sean Ginevan, product manager smartphone manufacturers, including Samsung, for Mobile Iron, which supplies a mobile-device and LG, are customizing the Android OS management (MDM) solution to the drug company. with proprietary management capabilities, such “If this is my phone, and I tweaked it just the way I as enhanced password controls, hardware-based want it within organizational security bounds, I’m going encryption and hardened e-mail security. to be more willing to try and fi x it before I call the help Th ese extensions are a security plus for IT managers, desk,” he says. “Th is isn’t a corporate laptop where as but the lack of standardization means the enterprise soon as there’s one little hiccup I throw up my hands will need to develop alternative management policies and say ‘IT, this is your device. Figure out how to fi x it.’ ” for other Android smartphones that run more basic Personal responsibility may extend to security versions of the OS. But what kind of alternative policies? practices as well. “Th ere are fewer issues with For example, IT may decide to force users of personal devices than with corporate laptops,” the basic OS to access corporate e-mail through a McKiernan says. “People better take care of security application. By contrast, the IT department these devices when they own them.” may decide it is safe for devices with proprietary security extensions to connect directly to the Manageable BYOD corporate e-mail server. Or it may decide that some How can the IT department assure that the systems or data are off -limits to all BYOD devices. enterprise sees these benefi ts instead of watching For added security, and an absolute necessity for an unmanageable mobile environment arise to organizations in highly regulated markets, IT shops may create chaos for the existing IT environment? want to issue an authentication certifi cate for each BYOD “You have to address what end users want device. A step up from password security, the certifi cates in terms of personal choice — but don’t start confi rm that both the users and their individual hardware there,” Gold says. “Th ink about what your have been authorized to access the network.

8 BYOD

Cool Tools that are part of the BYOD program accept Fortunately, a variety of tools are available to help client virtualization in part because data and IT administrators implement and enforce the BYOD applications stored in a central location makes policies they create. Mobile-device management those resources accessible from any one of the software can act as a kind of command center, multiple computing devices they may own. letting IT managers centrally confi gure access “If the data is stored on a C drive in one computer, authorizations and business applications. they may not always have access to it,” he says. MDM solutions also let the IT department track And what about the potential for greater security devices, confi rm device security settings, and create risks if IT doesn’t have complete control over the virtual private networks (VPNs) that establish devices that each person uses? “Th e rubber hits protected communications links between uses in the the road with our results after three years. We fi eld and the enterprise network. An MDM application have not seen our exposure increase,” he says. can also check that each device is running an updated “If you provide the right incentives for people to version of its OS and scan for malware before a user protect corporate data, they will. Just because device connects to the corporate network. If the someone chooses to use their own MacBook, hardware is lost or stolen, IT administrators can go they don’t suddenly turn into a deviant.” „ to the MDM command center to wipe the data. “MDM can push down a variety of settings to individual devices, but just as importantly, it enables IT managers to take all those settings back,” Ginevan says. “So when someone leaves the IS BYOD enterprise, I can delete all the corporate e-mails, corporate applications and any security certifi cates WORTH THE that identify the device to the network.” Because MDM tools can streamline or RISK? automate so many basic device-management Consider these fi ve risks when starting a tasks, IT isn’t scrambling to service hundreds or “bring your own device” program: perhaps thousands of individual devices. “Th at • Network security: Be ready to defend gives IT administrators more time to focus on against unauthorized access in addition to strategic tasks, such as building and mobilizing controlling uploads and downloads. applications inside their enterprises,” he says. • Device security: Enterprise protection should Role for Desktop Virtualization extend to each authorized device. Another important mobile-management • Burgeoning support requirements: Wikis and other technology is desktop virtualization, which lets IT passive tools can help your organization manage create individualized desktop environments tailored multiple device platforms without getting buried. for each notebook, smartphone or tablet. With virtualization, staff members use their mobile devices • Growing costs: Carefully consider how to implement to send screen images and keyboard clicks over security protections, additional access portals and wireless networks to applications centrally stored wired/wireless infrastructure before jumping in. in the backend data center, which also houses all • Compatibility: Evaluate your network corporate information. Because data doesn’t reside architecture to determine if a range of platforms on mobile devices, there’s less risk of a security and OSs can easily and safely connect. breach if portable hardware is hacked or stolen. For its BYOD strategy, Citrix enhances each device with its own commercial technology, Citrix Receiver. It connects end-user hardware to virtual Ask how CDW can help augment your desktops created by central IT administrators. professional technology staff , whether To protect the messages fl owing back and forth you’re looking for permanent, semi- between users and data center systems, Citrix permanent or temporary placements. establishes VPNs that support data encryption. McKiernan says members of the Citrix staff

9