Upload
martin-perry
View
219
Download
0
Tags:
Embed Size (px)
DESCRIPTION
BYOD is the concept that employees (or students) will bring and use their own mobile devices (such as laptops, tablets, and smart phones) to their workplace (or college). These devices are used to access privileged company information and applications on the company's (or academic institute's) IT infrastructure; there is a challenge to balance the demand to be connected to everything with proper accountability or oversight to protect the company's (academic institute's) IT assets. This webinar will analyse the demand for BYOD, driven by factors such as: • Pervasive connectivity • Globalisation • Workforce Age profile and expectations • Employee work life integration • The growth in personal devices connected to web [consumerisation of IT] • Change in our relationships with the outside world • Impact on the porosity of the border between private life and work. And how the balance can be struck between this demand for BYOD, and the need to protect IT assets. This webinar was first hosted with the Warwick Technology Professional Network of the Warwick Business School wbs.ac.uk Part of the University of Warwick, we have an international reputation for top quality education and research in management and business.
Citation preview
Martin Perry
Consumerization of IT and BYOD Bring Your Own Device
Why Now?
The Demand
Organizations say 34%of their employees are accessing business apps on personal devices
The Demand
69% of employees saythey are accessing business apps on personal devices
The Demand
Who do you think is right
???
34% 69%
BYOD is happeningEvery CIO is trying to understand how this trend impacts the organization
6
6
An Unstoppable Shift
88%
Globally, 62% of executives say they are now have or are planning to have a BYOD program for smartphones and tablets*
62%
Information workers will have 3.3 connected devices in 2014 – up 18% from 2.8 in 2012^
3.3Globally, 88% of
executives report employees are using
their personal computing
technologies for business purposes
today*
* Gartner: Using Peer-to-Peer communities to Drive BYOD self-support; Aug 3, 2012 ^ Cisco: The Everywhere Employee: Increase of Business Devices
Common BYOD scenariosMost customers are experiencing one or more of these three situations
7
Work on any PC anywhere
Alice has a desktop at the office but wants to be able
to check email and catch up on work over the weekends
on her personal laptop at home
Work on many devices
Mae is a highly mobile sales manager who wants to use her laptop at work and her
smartphone and tablet when she travels
Business users are making the choice in what devices, applications, and services they use to get their work done
Rolando fell in love with the tablet he got for his birthday and wants to use it at work as well as at home
Work on your own device
NEW USAGE MODELS IN THE NEW WORKSPACE
Companion devices: In this usage model, people use tablets and smartphones as companion devices to augment the functionality delivered by their primary device, such as a PC. This is the category where the BYOD trend is most prevalent.
Presentation devices: Particularly common in sales environments; for example in retail, a sales assistant in a clothing store may use a tablet or a smartphone to check if an item is in stock or to even photograph people in-store and superimpose images of clothes on them to save them a trip to the fitting room.
Digital workflow devices: In paper-based workflows, we are seeing increasing digitisation. To illustrate, nurses may have previously relied on clipboards to keep track of medication records. In some hospitals they are now given tablets to connect this process to the rest of the IT system, increasing efficiencies.
Context-aware devices: This future-orientated usage model is characterised by the adoption of emerging technologies that have traditionally been used by consumers in business class devices. For example, an estate agent might use an augmented reality application to give prospective house buyers a tour of an empty property to demonstrate a possible furniture layout or to show where the nearest train stations and schools are located in relation to the property
• Cost savings – BYOD can shift the upfront cost of device purchases and connectivity to the users, moving you from full service payments to a predictable monthly mobile allowance for your users.
• Enhance users’ experience, productivity and satisfaction – Let your users work on their preferred, familiar personal devices (often superior to the corporate-liable counterpart) and carry less by consolidating to a single device for work and personal use.
• Increase personal responsibility - BYOD leads users to be more aware of excessive usage and savvy employees are more willing to troubleshoot their own devices as a first resort, before calling for IT support.
• Speed up the rate of technology adoption - By allowing users to dictate technology choice, there is more innovation throughout the organisation. This can lead to new ways of working
WHAT ARE THE BENEFITS
10
BYOD Top Priorities
Consumerization of IT is driving new devices and access requests
Companies need to address consumerization of IT and implications to BYOD
People expect to work on multiple devices and from anywhere
Companies need to provide access to applications and data from any device
IT to manage the devices in a cohesive manner, taking security into consideration
Challanges
“Aberdeen Group found that a company with 1,000 mobile devices spends an extra $170,000 per year, on average, when they use a BYOD approach.” (CIO magazine, 27 August)
“Many of the 200 ANZ ICT decision makers surveyed believe their business are at increased risk because of BYOD programs …only 37% felt they were well prepared for it” (IT Wire, 20 Aug)
“47% of the large enterprises surveyed are not expanding their BYOD program…reasons for this include increased cost, complexity, administrative overheads, additional security concerns and a common perception of immature solutions.” (ARN, 20 Aug)
“67% of IT Directors admitted that supporting the CEO’s latest toys is behind many current BYOD agendas!”
UK Survey
“73% of IT Directors say BYOD will lead to uncontrolled costs, not savings”
UK Survey
“69% of IT Directors say cost savings through lower support costs are ‘non-existent’ despite the perception that personal devices will reduce the workload of IT staff”
UK survey
“The use of personal devices continues to be driven by employees rather than a defined business strategy”
UK Survey
Top 5 Threats with BYOD
Category Threat ID Threat Description
Data Leakage T1 (T#1 CSA) Data loss from lost, stolen or decommissioned devices
T2 (T#2 CSA) Information stealing malware
T3 (RD1 ENISA)
Loss of corporate data due to unauthorized sharing of information, services or sharing of devices
T4 (RD2 ENISA)
Potential loss of corporate data as a result of access by unknown users and unmanaged devices to enterprise networks
Device Security
T5 (T#4 CSA) Vulnerability in hardware, OS, application and third party apps.
Device compromise (malware attack, jailbreak).
The deployment of a BYOD solution brings new challenges, one of the most critical being security.
Additional Considerations and Hurdles for BYOD
of devices used to access business applications are personal devices
of identity theft is by Friends and family
said they would try to get around an IT policy that forbade them from using a personal device at work.
higher costs for BYOD, on average, than a company-owned policy - The Aberdeen Group
Compliance
Privacy
Systems Management
Security
Support
New Types of Apps HR
Device theft & Data BreachData Retention
MalwareCost Savings Usage Policies
40%
27%
36%
33%
Solutions
Building a BYOD strategy
BYOD is gathering momentum and is a current issue for all organisationsNot clear what the policies, security aspects, benefits and infrastructure will look like. A broad spectrum of approaches, each organisation must define their own path to deal with a mixed-ownership mobile environment.Even if BYOD is not embraced, it needs to be dealt with3 different approaches are proposed here to tackling BYOD:– The liberal approach – Bring your own device– The hybrid approach – Choose your own device– The zero tolerance approach – Get what you’re given
The Liberal Approach- Actual BYOD
Let staff buy the device and pay for the contract. Employees will – buy the device of their choice– own the SIM and the number– the organisation will compensate with a monthly allowance (similar to a car
allowance).
IT will need to take the necessary measures to secure the corporate data, applications and network on these devices
Pros:Simple to implement – users pay for their own contracts from a monthly allowance and use their own personal devices, removing the burden of procurement, billing and administration from the company.Potential cost savings – transfer the upfront cost burden to the employees and replace full service and hardware costs with a predictable monthly spend.Superior, familiar and more productive user experience – allowing users to work on their preferred devices can increase satisfaction and productivity, by giving them the tools they want to use for the work they need to do.
The Liberal Approach- Actual BYOD
Cons:Cost savings can be less than expected – most businesses currently purchase their hardware and tariffs at highly subsidised rates from the vendors. Full consumer prices expensive verses a standard business contractExcessive calls costs – with no central corporate tariffs and consumer contracts spread across multiple mobile networksAcceptable usage and liability issues. Distinguishing between personal data usage and calls can be difficult– legally the users don’t have to disclose this information if the contract is in their name
Securing the unsecure – people use personal devices differently from business devices, falling foul of compliance - privacy vs security.– Lost Device what data can be remotely wiped in this scenario?
Security Issues– All devices must have the fundamental security features required to be viable for corporate use, if
security features prove too restrictive, the users’ experience may be damaged and make the whole concept of BYOD unappealing.
– secure the corporate network against these BYOD devices accessing it
Support and suitability – can IT support customer preference which tend to shift rapidly?Level of support is offered. Do BYOD devices get– full support, – best effort– no support
The Hybrid Approach- Choose Your Own Device CYOD
Use the device of choice for work purposes, but with the organisation retaining ownership of the SIM and contract.CYOD still offers the flexibility to select their preferred device, while allowing the organisation to manage data security and have greater visibility and control around mobile costs.
Pros:Supports device choice – select the device which offers high user experience and functionality. – A policy that doesn’t support the devices users’ desire – or that has extensive usage restrictions will
have limited appeal and impact. – A variant might be to offer a recommended list of devices to users, but sourced through the
company, possibly with varying levels of subsidy based upon job roles.
IT retains greater control – by owning the SIM, IT can exert much greater control over expenditure, contract negotiation,
compliance, security requirements and costs.– retaining control of the SIM eliminates several grey areas around the disclosure of usage
information, and also allows the company to retain number control if the employee leaves the business.
Reduce mobile call costs – calls cost are still one of the most significant areas of mobile spend.
Easier to manage - centralised billing from the primary network provider enables billing interrogation which offers greater visibility of tariff costs and operating efficiency.Single mobile network eases the support burden and offers user familiarity.
The Hybrid Approach- Choose Your Own Device CYOD
Cons:Personal vs corporate conflicts–– steps to secure corporate data,– users are equally protective of their privacy and the integrity of their personal
data.– if the device is lost can it be fully or selectively wiped?– user policies must be in place before allowing devices to access the network.
personal calls versus work usage.– ensure compliance with VAT rules around personal call costs– control and reduce your mobile call costs. – clear policy on personal use policy that outlines guidelines for acceptable personal
usage and the ramifications for breaching these.
Need IT resources who are experts on the range of devices and operating systems (iOS, Android, BlackBerry etc.) that are supported. Device refresh - users will want regular upgrades to their devices, similar to the yearly upgrades they are used to from consumer contracts. How will these be funded and paid for?stringent security requirements and restrictions on personal usage can damage the user experience and satisfaction.
THE ZERO TOLERANCE APPROACH - GET WHAT YOU’RE GIVEN (GWYG)
This strategy is to discourage rather than embrace BYOD– prioritising protecting your network and data over user experience and satisfaction.
Employees will be issued business owned devices, SIMs and contracts– will be discouraged from using personal devices.
This doesn’t mean they can’t be issued the latest and greatest devices, – those decisions will be driven by the business and personal usage will be strictly regulated.
Pros:it eliminates– concerns around supporting and securing personal devices– securing the corporate network against these devices.
It also sidesteps several potential concerns around – personal vs corporate liability– procurement.
Cons:This approach can seem to be ignoring rather than addressing the challenge. – Tech savvy users may well still try to circumvent your restrictions and connect to the network anyway, – could easily result in a damaging data breach.
Poor user experience and satisfaction– business-led decisions around devices and usage will inevitably lean towards the conservative, offering a
lack of user satisfaction as they can’t work in the way they want to, where they want to and on the technology they prefer.
Conclusions - Do the pros outweigh the cons?
BYOD schemes can help businesses – gain access to a more mobile, connected and engaged workforce. – Workforce members can use their smartphones and tablets to work more
effectively and boost productivity rates, – little outlay other than to tweak their security procedures to account for
the use of external devices.
There are potential risks associated with the use of personal mobile devices in a professional setting. – the required security safeguards must be put in place– employees fully understand the boundaries and buy in to the
organisation's mobile culture.
If businesses focus on the advantages of BYOD– there is a compelling case for allowing employees to use their own
laptops, smartphones and tablets in-house– firms which turn a blind eye to BYOD, management may have difficulties
explaining to their workers why they need to use a business-owned smartphone or laptop, when they can work more effectively on their personal device.
Thank You