In 
Defining a policy framework around BYOD to access right data, combined with right security measures will ensure higher productivity.
BYOD (Bring Your Own Device) as a concept provides freedom to employees in an enterprise to use multiple devices (enterprise owned or personal) to access different layers of enterprise data. The desire to have seamless user rich experience without any downtime is impacting the corporate networks tremendously and also posing a great security challenge to the CISOs.
This blend between the consumer and enterprise technologies is resulting in ‘consumerisation’ of IT, which has led many organisations to rethink their business models to promote agility and flexibility for their employees. At the same time, this enables an enterprise to remain competitive by significantly increasing their employees’ productivity and satisfaction.
However, the key question that confronts the CIOs or the senior IT decision makers is how to make this BYOD trend more employee-friendly and put to productive use. Experts suggest that there are a few steps that they need to observe to adopt the trend with less hassle.
Key steps to make BYOD more organisation friendly
- Embrace the broad range of choice in new mobile devices, so that your employees can connect anytime from anywhere by any means: By supporting compliant devices whether they are corporate or personally owned, employees are enabled to use the devices they want to get their work done. CIOs can also take advantage of hardware innovations built for mobile connectivity, to empower their field workers with access to their information anywhere, anytime.
- Enable employees to use mobile devices for both business and personal life: IT Solutions (with advanced security options) today make it possible to support business and personal access and apps together on the mobile device.
Most CIOs and IT managers echo the similar sentiment that the BYOD adoption increases productivity. A survey by Intel IT Centre much earlier revealed that majority of the IT managers had agreed that BYOD drove better worker productivity.
Much of the success of the BYOD trend will strictly depend upon BYOD policy and its alignment with security.
Security remains a big challenge for IT managers
In this journey of BYOD, the first issue that comes to the mind of IT manager is the security of corporate data. IT managers are challenged with providing an on-premises experience to a diverse set of remote workers – while protecting business-critical data and intellectual property.
Today, the IT managers know that they need to change their thinking and processes, using technology to minimise the impact on productivity without driving up business costs to support mobile workers – and ensure that the solution provides the flexibility to support business-continuity scenarios. IT managers need to address data and security management aspect in an enterprise, where asking right questions to HR and taking cognisance of the legal and compliance issues becomes critical.
Key areas that the IT managers need to focus for better productivity
Handling data: Before getting into how to ensure security, an important thing IT managers should first talk about is data. Since ‘data’ is what one needs to secure, it is important to first classify the existing types of data, and then decide the level of security for each type of data. The key points are:-
Classify data according to sensitivity and business impact; Differentiate access to data based on identity and role; and Change perspective from device control to data governance.
The above activity will help in defining a framework for Policy Based Access to Corporate Information. The following diagram gives an insight into how this can be achieved.
For instance, this can help in:
a) Providing a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies,
b) Users can access corporate data regardless of device or location with work folders for data sync and desktop virtualisation for centralised applications,
c) IT can publish resources using the web application proxy and create business-driven access policies with multi-factor authentication based on the content being accessed,
d) IT can audit user access to information – based on central audit policies.
Best approach to manage security
Device choice in the enterprise is creating a diverse, heterogeneous environment to manage. Unmanaged devices accessing the corporate network and confidential business resources pose a security risk, particularly in the event when the device is lost or stolen.
With System Center 2012 Configuration Manager SP1 and the Windows Intune working together, one can manage all of his/her devices from a single tool and gain visibility, enforce policies, and maintain control of a heterogeneous mobile device infrastructure.
Right measures to secure
It is a real problem these days, and the number one question we get around security and management with consumerisation is, “how can I manage devices other than Windows-based devices?” The reality is that any unmanaged device poses these risks, but for most of our customers today, this heterogeneous environment is a struggle.
We’re helping in addressing the problem with System Center (for on-premises management) and Windows Intune (for management through the cloud) – and we’re increasingly focusing on interoperability between the two. Through the administration console in System Center 2012 Configuration Manager SP1, you can add mobile devices managed through Windows Intune into your Configuration Manager console and manage all the devices through one tool. While you can continue to use Windows Intune as your ‘fully in the cloud’ management solution for PC and mobile device management, the interoperability of our on-premises and cloud services is a big step forward for organisations that want to manage all of their devices from one place.
Right solution
Let’s understand as to how these two products help with security and management:
- With SCCM (System Center 2012 Configuration Manager), one has the ability to control and manage settings on broad range of mobile devices, including the iPad, iPhone, Symbian-based devices, and Android-based devices, as well as Windows Phone and Windows-based devices. The latest version will add the ability to deploy and manage Windows 8 (including Windows To Go USB drives) and to manage Mac OS X clients. It will also enable you to more easily manage policies for new Windows 8 client-side caching, roaming user profiles, and folder redirection features. And for mobile workers, it will include a new ability to detect 3G and 4G network connections to prevent delivering software at a time when data charges may apply.
- System Center 2012 Configuration Manager makes it much easier to manage the mobile devices in the enterprise - from a single console - and gain visibility, enforce policy, and maintain control while giving users the device freedom that they expect. One has the ability to see what devices are connecting to your network. One will also be able to easily configure security policies, such as to enforce a password policy, and gain remote control of the device so that you could, for example, remotely wipe it and restore it to its factory defaults in the event that it is lost.
- Windows Intune offers a cloud-based solution for mobile and companion devices (as well as traditional PCs) that do not require any on-premises infrastructure. Microsoft hosts and maintains the service. It’s an ideal solution for businesses with unmanaged or lightly managed devices that need the essentials of management and protection – including updates, malware protection, inventorying, and basic software distribution. Windows Intune is also ideal for provisioning applications for non-domain-joined devices.
For a successful mobility and BYOD adoption, it is also important to look at all the Human Resource (HR) and Legal issues and appropriately update processes to mitigate any risks.
Add new comment