- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Network World - The very notion of Bring Your Own Device (BYOD) makes many CIOs and IT managers nervous. BYOD represents a loss of control, additional security risks, and, of course, the unknown. Here are six things to prepare for:
1. Keep an eye on roaming costs
Many BYOD early adopters have reported sticker shock. CIOs and IT managers interviewed for this story agree that BYOD costs can be significant, but the actual numbers can be difficult to pin down.
"The biggest misconception is that it will save you money [by shifting device costs to employees]," says Ben Haines, CIO of Pabst Brewing Company. "My experience has been that you won't save a lot. You'll save some, but you'll get a big boost with increased agility."
Agility is tough to measure, though. Similarly, it's not easy to quantify better collaboration, smoother connections with branch offices and the flexibility to work from anywhere. On the flip side, a single data breach from stolen smartphone that was poorly secured could hurt your company for years.
Another consideration is roaming. Costs can skyrocket if you're reimbursing employees as they download expensive data as they roam, especially overseas. In this case, it's probably wise to invest in a Mobile Expense Management (MEM) solution, which can enforce policies and direct users, for instance, to wait until they find a cheap Wi-Fi hotspot before they download that piano playing cat video.
2. Build on existing security where you can
Organizations with straightforward needs can extend existing security to the mobile device world. The Northern Star Council of the Boy Scouts of America, for instance, uses iSimplyconnect, a mobile VPN solution, to grant employees on iPads remote access to enterprise apps. Granted, the VPN solution is geared for mobile devices, but it's a traditional security concept.
"Moving into the realm of mobile devices is tricky. Moving at a slower pace makes sense and reduces risks," says Clint Andera, information systems director for the Northern Star Boy Scouts. Andera found that a slow adoption rate brings power users to the forefront, and those power users end up becoming the mobile testers for the larger organization.
For Citrix Systems, BYOD just means doing more of what you've been doing. "For us, it's really about the sessions and data. If I can see your iPad, discern that it's not jail-broken, and I know you are indeed you, then I'll let you in," says Kurt Roemer, chief security strategist at Citrix. However, you'll only get access to "safe" data.
As data risks increase, employees must use two-factor authentication. "For really risky data, you may not be granted any access outside of the office. For those three times a week when you need to access salary or HR information, you're going to have to come into the office," he adds.
3. Use new MDM tools to fill in the security gaps
Pabst Brewing started out small. It enabled remote content sharing with Box. Later, as tablets and smartphones caught on, the company deployed Fiberlink's MaaS360 Mobile Device Management (MDM) solution. "We were able to tie MaaS360 into Active Directory, so our enterprise policies can be enforced outside of the physical office," Haines says. Additionally, Pabst uses Okta's identity and access enforcement solution.