Upload
jeff-gaura
View
133
Download
2
Tags:
Embed Size (px)
DESCRIPTION
This is a BYOD Device given at CPCC.
Citation preview
Bring Your Own Device (BYOD)
RationaleResponse
Jeff Gaura, President
14 November, 2013
Agenda
• Define the “circumstance” from the user perspective
• Define the “circumstance” from the IT leader perspective
• Discuss the components of a response for all
• Discuss some optional responses
• Q and A
Tidbits to start the conversation
• Mobile employees ranked their smartphone as the most important item in their lives, after their wallet and keys.
• Previous Mobile Workforce Reports have shown that mobile workers are more productive and work longer than non-mobile workers.
• 8 percent of mobile workers believed they would get a Windows Phone device before the end of 2013. US is TBD. Europe is at 10%
• The BYOD trend is growing. The percentage of mobile workers who own their smartphones rose (from 42 percent to 46 percent) while the percentage provisioned with phones by their employers declines dramatically (from 58 percent to 33 percent).
What is it? Version A: Company/School
Restricted• Individuals feel “entitled” to get Internet Access on their personal devices.
• If they don’t get Internet Access, they find a way to get it, using consumer grade products that are, in many cases, faster and perceived to be better than commercial and business grade products
• They seek no permission when doing so.
• They continue to do their job with multiple levels of access
• They see no problem with this model
• They teach others sitting near them or in their social circles how to accomplish what they deem to be a professional set forward.
What is it? Version B: Company/School Provides
Access with “he said/she said,” verbal or written rules
• Users connect to the company provided network and compare to their consumer grade wireless network
• If they feel that they are unrestricted, they use the company network. As soon as they feel they are restricted, they disconnect and use their consumer grade solution.
• They tell others what happened and how they “fixed it,” and continue to be productive workers.
Typical problems and fixes
• Email access
• File access
• Required AV updates
• Forced locked down of device
• Limited freedom within the network
“I need to improve my customer service”
“My staff needs the latest information at their fingertips”
“My staff needs to collaborate…from wherever they are”
“I need to monitor/manage/enable task-specific devices”
“I want to stay ahead of my competition”
“My users are demanding BYOD and I need to get ahead of the curve”
“I need to allow partners, contractors, customers access to my network”
“I have a specific use case, not on this list”
The BYOD Spectrum
• Internet Access
• Guest Networks
• Education
• User needs workspace access to application plus confidential information based on location
• Classified Networks
• Compliance Issues
• Critical information
Limited AccessLimited Access AdvancedAdvancedEnhancedEnhancedBasicBasic
• User needs full workspace regardless of location
• IT needs to control and manage data
NativeNative VirtualVirtual
User choice and experience
Okay to mix corporate and personal data
Application performance on mobile devices
Meet strict privacy and or audit regulations
Existing policy for VDI and immediate need
Maximize consistency and security
Unified AccessWireless and Wired Policy and
ManagementIdentity-based access control
SecurityData loss and threat prevention
Mobile and cloud security
ManagementSingle system for wired / wireless / VPN
Provisioning and Mobile Device Management
PolicyContext aware access to data
Device profiling and posture
ApplicationsNative mobile-aware applications
Desktop applications delivered virtually
Security
“My users use multiple devices including their own; they are mobile and need role-based access
to the Internet and internal apps.”
Unified VPN ClientWired Access
Wireless Control
Identity
MDM
Mobile Device Mgmt
Cloud/Mobile SecurityCloud/Mobile Services
Unified Management
A Framework for Native Applications
BRANCH
Virtualization-Aware Borderless
Network
WAAS
ISR
CDN
MS Office
Desktop Virtualization Software
Virtualized Data Center
Hypervisor
Virtual Unified
CM
Cisco CollaborationApplications
Thin Client EcosystemThin Client Ecosystem
Virtualized Collaborative Workspace
Compute UCS
WAAS
Nexus
ACE
Virtual QuadCompute UCS
“My users need mobile access and
my organization needs to meet strict audit and security standards, so finding a solution that balances both is important.”
CISCO CLIENTS
Cius Business Tablets
Cisco Desktop Virtualization Endpoints
CiscoWAN
A Virtual Solution for BYOD
Virtual Experience Infrastructure
Build on what you already have
VPN External Wi-Fi Internal Wi-Fi
Wired
Devices Layer
Smartphones Desktop/NotebooksTablets Thin/Virtual Clients (VXC)
Connectivity Layer
Limited Access
Firewall Router Wireless Switching ISE NCS Prime
Basic
ISE NCS PrimeAnyConnect ScanSafe ESA/WSA
Enhanced
ISE NCS PrimeVXIQuadJabberWebex
Advanced
MDM App Virtualization
What’s Next For You?
BYOD is not a product you buy, but a strategy you buildYou already have many of the pieces
Different companies are in different places on the “BYOD” spectrum
It MUST start with an Intelligent Network to help build that strategy
Portfolio breadth, expertise, end-to-end vision and architecture
Let’s get started…
Components of BYOD for all
• Intelligent Network
• Firewall with Intrusion Detection AND prevention
• Anyconnect technology: any device, from any location.
• Virtualized Endpoint Operating Systems. NOTHING on the endpoints of value. No My Documents, no web browser, etc.
• End user training and explanations. People will do their own thing, if you don’t explain why to do your thing.
Optional Components
• Ability to shut off do it yourself options for end users. Firing them or threatening to fire them has been found to be ineffective and auditors do not find that “acceptable use policies” are justifications when breaches do occur.
• Additional allowances for self-procured devices
• Training for BYOD for users and part of the new hire process.