9 Comments
-
BYOD has actually been a force for change. Without it, we might still be here discussing which flavor of Blackberry we’d be getting this (or next) year. We might still be discussing the marvels of RIM’s QWERTY and the next 20 BES features. We might not be discussing Apps. And perhaps worst of all, we’d be discussing which limited set of employees should be enabled with Mobile.
To me, BYOD and CoIT are about innovation. So the news from Europe saddens me a bit. We are all witnessing a fundamental transformation in computing – arguably something much bigger than the Internet. Smart companies are applying it to drive new ways of doing business – improving how they relate to customers or enabling productivity gains. The challenge here with the Mobile Internet, like the desktop Internet before, is HOW do we enable this?
Neither BYOD nor COPE are easy. They’re two sides of the same “dual persona” coin. Relative to the questions of whether “it’s just not worth it to them in terms of cost, management and security”, I fear the analysis doesn’t account for the value of this innovation.
Well-liked. Like or Dislike:
4 
0-
I agree that CoIT is about innovation, but I’m not sure I agree re: BYOD. BYOD is/was the poster child for the change in IT’s mindset that comes from CoIT…but you don’t need BYOD to reap all the benefits of CoIT in my opinion. I do agree however when you say that neither COPE nor BYOD are easy because that requires IT changes its approach….something that is desperately needed to adapt to the times in my opinion.
0 0
-
-
The fact of the matter is that since there are many benefits to the BYOD approach for enterprises – like reduced capital expenses, users willingly paying for the voice and data plans and users taking better care of devices because they selected and purchased them – many companies are desperately looking for a way to make BYOD work. However, some users will balk at the restrictions many enterprises will want to impose on their new smartphone or tablet and may choose to opt out of BYOD for that reason alone. What my point? Yes, there will certainly continue to be a mix of BYOD and corporate-owned devices, and both scenarios must be addressed.
For corporate devices, standard MDM is a great place to start, as it allows a company to manage the device in a very similar way to PCs, with an agent and policies installed. For BYOD, however, I recommend a more granular approach that protects data on an application by application basis, without the heavy-handed management of the whole device. With advanced mobile application management (MAM), authentication, encryption, containment and data leakage policies can be applied only to the applications that must be managed, while leaving personal apps untouched. The nice thing is that the user experience is unchanged, personal data is untouched and corporate information is contained and controlled appropriately. With this approach, everybody can be happy.
Brian Duckering
Symantec 3 0 -
I agree with Brian here, the answer to enabling corporate information access on BYOD is to focus on the information, not the device, and with container applications that are responsive to corporate control, enterprises can maintain the segmentation between personal and company info.
Even better if those containers have their own secured communications channels, as that ensures the device is off the network.
But the EU attitude you’re hearing on BYOD is surprising, as I’ve received feedback that they are indeed looking for BYOD-compatible solutions as a means of extending the mobility benefits to the largest footprint of not only employees, but also of partners and customers.
0 0 -
In the end, the answer is the right tool for the right job. Meaning BYOD, COPE, or just plain CO depends largely on context. What are the risks, costs and benefits of going with one (or more) of the listed scenarios will vary greatly depending on context.
I think the question (from me at least) is more what what is the context of the sample set? What are the goals of the company, security risk of corporate data, size of employee base, etc. All these will help drive to a scenarios that works in the context of the enterprise.
I’m not really expecting an answer, my point is that “it depends” on the context as to what the best path is for that enterprise.
0 0-
“It depends…” I love it. Were you trained as an economist? There’s an old econ major joke (my field of study) that says: “Ask 100 economist the same question and you’ll get 100 different answers…but they’ll all start off by saying ‘it depends’”
I fully agree with you, as well as Brian’s comment where he says it’s not about the device. When we talk about BYOD, COPE or good old CL (alphabet soup time), I’ll argue that it’s more about the attack vector, because, regardless of the ownership model, you will always need MDM…but you’ll also need much more than MDM as you move beyond basic PIM functionality. The attack vector on device ownership is also in part due to tradtional IT mindsets as well as some non-standardized legal issues around the world re: information privacy.
0 0-
Close, my graduate professor for wireless protocols typically used that response when we asked how to use the propegation decaying algorithms for signals as they passed through walls. His answer, it depends on the type of wall.
And to hop no the bandwagon, yes, MDM is an absolute necessity to get started in the enterprise. Now that we’ve secured the device, let’s secure the app and data layer as well.
0 0
-
-
-
Brian hits the nail I have seen first hand in our BYOD program:
“Some (most in our case) users will balk at the restrictions many enterprises will want to impose on their new smartphone or tablet and may choose to opt out of BYOD for that reason alone.”
Employee’s take their privacy seriously and have seen many times how “corporate” can use information against them. So any concept of “big brother” turns people off.
I’m really hoping virtual / hyper visors that seperate corporate and personal delivers as it would satisfy both sides.
0 0 -
Just found a reference to this topic., apologies for resurrecting it.
Being a consultant in the MDM space in the BeNeLux I would like to add some of my views and experiences (also non statistical) but nonetheless:
Although BYOD is a buzzword in the Netherlands and Belgium, I haven’t met any company myself (I do know a couple by name only) that has implemented BYOD. While everyone talks about BYOD, most likely they mean “Select Your Device”. There are a number of issues that are mentioned always when talking about BYOD with CIO’s and IT managers:
1. Fiscal issues: the Dutch IRS (Tax agency) does not allow the reimbursement of costs for privately owned devices unless you strike a deal with them first. Only a select number of large enterprises have the stamina to actually do so.
2. In some sectors laws and regulations governing employee rights prohibit (while not aiming to do so) BYOD. While often overlooked, the companies that actually investigate this are bound to find some law that makes BYOD impossible.
3. Support issue 1; What about employee’s and especially management and C-level breaking their phone? Companies can’t afford them not being online and available. BYOD makes it too hard to have a steady inventory of device for replacement. And individual BYOD employees do not want to pocket the money for expensive replacement services.
4. Support issue 2; What about actually being able to provide support on the devices the employee’s bring into the company. IT loves BlackBerry and more and more love iOS because it is consistent to support. Whether it’s a BlackBerry or iOS device, all the options, commands, etc. are almost always in the same place. With BYOD you will need to (IT managers truthfully can’t tell employee’s, middle management or at least C-level, they can’t get support on their devices) to start supporting a large variety of Android, Symbian and Windows Mobile/Phone devices.
5. Cost factor. For a company it’s way cheaper to order thousands of voice & data subscriptions incl. devices. It’s hard for companies to see a cost benefit, especially when the users are now, with corporate devices, limited as to the amount of Mb’s they can use. Corporate devices like the BlackBerry with app capability restrained have a little data footprint. Reimbursing employees for smartphones they can use privately is likely to be more expensive.
6. Security is still a factor. While we see companies opening the gates a little, for example COPE as in BlackBerry Balance technology or managed iOS devices without restraining the use of apps, security is still important. The Android platform being consistently mentioned as a problem child (not a closed system or any good malicious app control mechanism)
These are the main reasons company’s still use company-owned devices. While the BYOD hype has its merits, for instance it forces companies to make the corporate smartphones more “sexy” (allow the download and usage of apps), it’s still a hype and likely to pass by the BeNelux.
1 0
To BYOD Or Not BYOD? That is The Enterprise Mobility Question
We talked a LOT about BYOD. You know, the awful four-letter word that makes many an IT manager lose sleep and countless enterprise mobility marketing managers think about the next angle in terms or raising awareness around all the potential risks of unsecured mobile devices entering the corporate workplace.
So I asked directly the people I was talking to today about BYOD and what their thoughts were around the subject. The answers were VERY interesting. Yes, many an organization here (not just in The Netherlands, but in Europe) have been looking more and more at the whole Bring Your Own Device concept and thinking about (at the very least) having a trial deployment to see if it would work for their organizations or not.
The general consensus? Nee. That means “No.”
So a number -albeit non statistically relevant – of companies I spoke to have looked into the whole notion of BYOD and have come up with the conclusion that it’s just not worth it to them in terms of cost, management and security.
Hunh? What are they missing that Americans get? Contrarily, what do they see that Americans don’t?
I think it’s actually more of the latter. Here, there’s actually a greater sense of trust of the employee. They do genuinely believe that the employee is going to do things in the best interest of the company…or rather that they are not going to behave in a fashion that would have a negative impact on the workplace.
Then again, they wouldn’t sue a fast food company when they were dumb enough to spill hot coffee on your lap when going through a drive-through (remember the McDonald’s coffee law suit?)
So regardless of where you fall around hot coffee, the point is this. BYOD is NOT the singular, be all and end all answer for companies all across the world. Multi-national corporations are going to have to deal with a mix. In fact, many of the companies I learned about today were adopting strategies that were very much like COPE…Corporate Owned, Personally Enabled. They were allowing their employees to pick whatever devices they want, but the number, device and service plan was paid for by the company. They found this to be a lot easier to manage – from the broadest perspective. The companies still let the employees use the devices for personal use and didn’t track EVERYTHING the employee was doing, but still had the liberty – nee – the RIGHT, to control and manage the device as need be.
So again, I ask the question. What are these European companies missing that Americans get? Or contrarily, what do they see that Americans don’t?