The official hub of The Enterprise Mobility Foundation
Want more than just blog posts? Login or Sign up for a free acount and get research, videos, slide decks and more! Join the online social network for Enterprise Mobility.

Two BYOD Discussions…One Theme

Another week, another flight.  At least that’s sure how it feels these days.  It’s not that I am complaining, because I actually enjoy tremendously the opportunity to meet new people (as well as reconnect with people I already know) and speak with them about something I am so passionate about.  It’s just a lot of fun.  I had the opportunity to do that at two events these past seven days: RSA and the new CITE event.

At RSA, I moderated a panel on the last day of the conference.  They were even tearing down the expo area when I got to Moscone, so I was a little skeptical regarding the turnout for this 9 am session.  Boy was I pleasantly surprised when I realized that there were “only” about 250 people in the audience, suggesting that BYOD was still an interesting topic to discuss.

During the CITE event I did a solo presentation on best practices for developing a mobile application strategy.  Later that day, I also participated in a panel that was moderated by Galen Gruman.  The other panelists included:

  • Tony Lalli, Infrastructure Architect, Bank of New York Mellon
  • Brian Katz, Mobility | GIS – Global Infrastructure Services, Sanofi
  • Dave Malcom, CISO, Hyatt Hotels Corporation
  • Walt Oswald, Corporate Vice President and CIO, Motorola Mobility

After we each had the opportunity to make some open remarks about BYOD (I actually said I wished we would stop talking about BYOD as if it’s an all or nothing world) Galen then had each panelist split up the audience into smaller groups to discuss one of seven scenarios.  The scenario I had was: What was an IT manager to do when the CEO of the company (a BES/BlackBerry-only shop) comes into the IT department one day and tells him/her to make his shiny and new non-BlackBerry device “work” on the network.

Where have we heard this one before?

The ensuing discussion was rather interesting, particularly because one of the people in our group had just lived that scenario 5 weeks ago.  In the real world, they chose to create a “test group” that included the CEO and one other person.  The problem is that since this company had never had anything other than BlackBerry devices, they had no tools in place (beyond ActiveSync) and, by their own admission, no real strategy on how to leverage mobility beyond email and PIM functionality.

The rest of the group were concerned (in the fictional scenario) about the chaos that could potentially result from people finding out about the “test group,” in so much as everyone would want to be a part of that group.  They were also concerned about the CEO’s expectations that they would have “this” (meaning mobility) all figured in a very short period of time.

In the end though, they did conclude that they had to do what the CEO wanted, but educate him on the potential risks of using an unmanaged device.  The group also concluded that they needed to develop a mobility strategy that covered more than email and took into account both personal devices and corporate owned devices.  Where have we heard that one before?

Another person in the discussion group asked one question.  “Why do we have to fight against BYOD?  Why can’t we just provide them whatever device they want and that way we get to secure it?”  Hallelujah!!!  I almost fell out of my chair as this person had basically highlighted the main benefits of COPE….without even knowing about COPE!

Last but certainly not least, the group agreed that there needed to be end user training where employees understood the company’s policy around acceptable use and the potential risks (to both the employer and employee) of inappropriate use of mobile devices.

It really does feel (finally) as if we are collectively moving in the right direction in terms of having broad adoption of mobile strategies and a better understanding of the needs and benefits of mobility management.  It’s a great time to be in this space.

7 Comments

  1. Posted March 7, 2012 at 15:47 | Permalink

    I wish I could have made this panel… all the buzz afterwards indicated that it had lived up to the hype!

    Definitely a move in the right direction as IT pro’s are no longer insisting that CoIT doesn’t offer a competitive edge. Now if we can reinforce the notion that it doesn’t matter who owns the device, we’ll be all set. The beauty of today’s consumer-grade device is that it is so versatile. Whether it is personally owned and being used for work, or corporate owned and being used to play, dedicated devices are a thing of the past and we must act accordingly.

    Thumb up 0 Thumb down 0

    • Posted March 8, 2012 at 07:24 | Permalink

      While I think IT pros are finally starting to see the benefits of CoIT…I still think that BYOD is nails on a chalkboard for many of them, because it’s just so far out of their comfort zone.

      Thumb up 0 Thumb down 0

  2. Posted March 7, 2012 at 17:07 | Permalink

    I have to agree I’m tired of discussing BYOD, we spent over a year getting a program approved (countless legal, compliance, HR battles) and to date we have 100 employees enrolled (ouot of 30k).

    It’s pretty much pointless to create all the framework if your employees have no interest in participating. Your companies mileage may vary and I’m guessing for the most part of ones that fully embrace this are cutting off corporate liable offerings which I think has some issues.

    Biggest issues employees harp about:

    - No stipend. They want us to foot the bill or most of it.
    - Written policy is very legal speak and intimidating (what do you mean you’ll take my device for discovery?)
    - Security enforcement “gets in my way”

    We’re plowing forward though and undertaking personal laptops next but the lessons learned is some employee “cultures” are not keen on BYOD.

    Thumb up 0 Thumb down 0

    • Posted March 8, 2012 at 07:25 | Permalink

      Whose idea was the BYOD program? Did it come from listening to the wants/needs of the employees?

      Thumb up 0 Thumb down 0

      • Posted March 8, 2012 at 10:21 | Permalink

        Your missing the point. IT is what drove the BYOD program but by time the mentioned areas added their criteria to allow BYOD it’s such a convoluted mess of legal, HR and compliance speak the majority of employees don’t bother.

        There is no silver bullet for BYOD, it will vary by company, company culutre and how the program is constructed. Right now BYOD is more benefit to the company as they want the same controls and less expense. Employees are not that naive and after the past 3-4 years of cuts and little incentives BYOD is not seen as one.

        To add to this I am now seeing a trend of employees who want a corporate liable iPhone due to extra cost of their part (data roaming) and concerns about privacy and security enforcement. Isn’t one of the pillars of BYOD to have “one device for both worlds”? It’s all fantasy and the majority of those heavily pro-BYOD are surprisingly employeed by a company that has a product that helps manage BYOD .. funny how that works.

        Thumb up 0 Thumb down 0

  3. Posted March 8, 2012 at 14:55 | Permalink

    I completely agree with the group’s consensus that there needs to be training on acceptable use of mobile devices, of course I think that should be a priority regardless of whether the device is BYOD or not. As a Symantec employee I’m also pleased to see far more discussion today (over last year) around developing a comprehensive strategy around mobile adoption. It’s so important that organizations understand that a good enterprise mobility strategy involves so much more than just a point solution MDM.

    Brian Duckering
    Symantec

    Thumb up 0 Thumb down 0

  4. Posted March 8, 2012 at 19:26 | Permalink

    Yes, wish I’d been at the CITE conference!

    BYOD and COPE are two sides of the same coin. The basic challenge = how do I enable personal and business use on the same device? The question begs all sorts of security, compliance, liability and privacy issues, so let’s first acknowledge that “BYOD programs” are going to be a tough (but important) experimentation PROCESS. We’re all learning here.

    As former purveyor of MDM, I readily admit that I (and folks like me) designed MDM with a flawed assumption… that we’re dealing with a device. “a” is just one, little word, but it’s hugely meaningful. What we’re all learning here is that we are trying to enable and manage two VERY different scenarios – personal and business. Managing both on a device is something akin to two cats in a bag. Boy, they don’t get along.

    There are some cool ways to confront this friction. Dual Persona is one. AppWrapper might be another. Both can work with MDM, MAM, MIM, EMM and any other acronyms we all invent (assuring anyone in our space is boring at dinner parties). Whatever your favored technical solution, the problems must be confronted. As I mentioned earlier, let’s give credit to the scope of our collective problem… building a new mobile strategy is tough enough, but it’s a heckuva lot harder when you add BYOD/COPE. We’ll figure it out.

    Thumb up 0 Thumb down 0

Post a Comment

You must be logged in to post a comment.