CONSUMERIZATION OF IT BYOD and Cloud-based File Storage

C

ONSUMERIZATION OF

IT

BYOD and Cloud-based File Storage

Moderator:

John Payne, Principal Consultant, Pueblo Technology Group, Inc.

Speakers:

Royce Holden, Director of Information Technology, Greater Asheville Regional Airport Authority

Vanessa Hickman, Vice President & CIO, Metropolitan Nashville Airport Authority

John Newsome, Director IT, Greater Orlando Aviation Authority

Brice Callison, Mobile Solutions Architect, Dell Services

2

C

ONSUMERIZATION OF

IT

BYOD and Cloud-based File Storage

www.aci-na.org

3

C

ONSUMERIZATION OF

IT

BYOD and Cloud-based File Storage

www.aci-na.org

2007…..

Bring Your Own Anything (BYOA)

Royce Holden, MBA-TM, CISSP

Director of Information Technology

Greater Asheville Regional Airport

Authority

The Business Problem…

How to obtain “Always on, reliable access to airport systems and devices” from “Any Device”?

•

Perception of “always connected” staff

•

Staff’s reliance on mobile devices

•

Ability to work from anywhere

•

Consumerization of IT – Blurred Lines

(Organization Oriented)

•

The CEO – Can use whatever they want

•

Types of Systems and Services

•

State of North Carolina – “Bring Your Own Device Policy”

•

State of North Carolina – “Cloud Computing Strategy”

•

Personally Identifiable and confidential information

•

Short Term: Protect data at device level

•

Long Term: Protect data, no matter where it resides

Where should you start?

The Business Solution …

•

Policy in Place?

•

Training in Place?

•

Ideas on which Systems and

Services are going to be in Place?

•

IT Staff and SLA’s in Place?

Now, focus on Security and

Productivity…

•

VDI – Virtual Desktop Interface

•

Enterprise Mobility Management

•

End Point & Network Security

•

Identity Management

•

Malware & AV Support

•

Single Sign On

•

Split Tunneling

www.flynashville.com

Cloud File Storage

Experiences @ MNAA

Presented by

Vanessa Hickman

VP & CIO

ACI – NA

www.flynashville.com

The Business Problem. . .Automate Board Documents

www.flynashville.com

Unintended Consequences solved with Dropbox

for Business

•

Dropbox use expanded to 75 users across organization

•

* Initial purchase: 100 user licenses; annual subscription

•

Security & governance of corporate assets

•

* Single Sign-on

•

* Remote wipe

•

* Audit logs & sharing controls

•

Integration with Windows Explorer or access via browser

•

Access data on multiple platforms; both on-line and off-line

•

Unlimited capacity for business account; also increased capacity

of personal Dropbox

•

Users can maintain personal Dropbox separately from business

Dropbox account

Bring Your Own Device

Orlando International Airport

John Newsome - Director of Information Technology

Greater Orlando Aviation Authority

BYOD

Business Drivers

1. Business need for ever more smart

mobile devices

2. Business decision to permit one

combined business / personal device

for personnel convenience (i.e., one

versus two devices).

3. Business decision to permit personnel

to select a device of their preference

to improve efficiencies ….and

4. Business decision to require personnel

to own the device to shift support

from internal IT to the carrier of

preference.

5. Business need for data leak

prevention and malware protection

for the business partition ….and

ensure business email (and latter text

messages) are retained in accord with

public record regulations and laws.

BYOD

Lessons Learned

1. MDMs were immature at the time (2012):

a.

Could not ensure performance across

multiple vendor’ devices and frequent

OS revisions

b. Could no prevent documents from

being moved from one partition to

another (e.g., email attachments)

c.

Text messages could not be captured

and retained except on the Android OS

and even then were carrier dependent.

2. Maintenance of an Application library was

a more controversial and daunting effort

than first anticipated

3. Personnel continued to come to IT to

solve problems instead of the vendors /

carriers. IT support increased rather than

decreased.

4. Personnel became concerned / suspicious

about the potential for eavesdropping,

location tracking, etc.

5. The amount of the stipend was even

controversial due to different capabilities

needed for different users

Consumerization of Corporate IT:

BYOD and Cloud-base File Storage

Brice Callison

360 Integration Design

AD Assessment Latency, Bandwidth, Wireless and/or Remote Access

User Fit

Assessment

Discovery Hypervisor Connection Broker Web Access Load Sharing

DVS Software

Functioning Client Virtualization Environment Prioritized User Groups and

Technology Fit

GPO Control

Active Directory

Design Application Groups

Network & QOS

Implement Plan

Deployment Planning

Deployment Schedule

Applications

Map Users to Apps Prioritize Apps to Optimize Schedule Define Deployment Groups Device Readiness Reports Track Infrastructure Readiness

Infrastructure

Track App Readiness

Client Devices

Maps to Users and Locations Replace or Refresh Peripherals and Special Requirements

Build Schedule

Schedule Rollout Identify Tech & PM Resources CPU & Utilization

RAM Installed and Used Network Connections IOPS Define Expected ROI App Performance Needs by User

Implement Infrastructure

Validate Server, Storage and Networking sizing

Hardware

Mobile Access Email and Exchange

Communications

VOIP/Lync Video Compatibility Testing

Applications

Design Custom Mobility Apps

App Inventory

HW Inventory

ROI

Applications

App Virtualization Build Custom Mobility Apps Implement App Layering Technology Software Licensing Evaluate DNS and DHCP

Network

Identify Performance Needs

Plan Method(s) for Providing Apps

Identify Endpoint Form Factors

User Access and Single Sign On

User Data Access Data Security on Endpoint Test Latency

Network

Identify Where Stored

User Data

User Data

Identify Shared Data for Multiple Users

Design AD Container for DVS Identify Synchronization Issues Implement Plan Screen Sharing

Peripherals

USB Storage Card Readers and

RSA Tokens Printing from Mobile Devices

Printing

Determining Closest Printer Bandwidth Utilization of Printing Local Printers

Active Directory

Deploy Servers and Storage

Hardware

Engineer Data Migration Solution

User State

Migration and Deployment

Define Settings and Apps for Each PC

Define T-Minus Plan

Site or User Group Schedule Replace Devices Where Needed Run Automated Migration Process QA Test T-30 T-20 T0 T+5 Deploy User Support Site Survey User Comms T-5 T-10 T-15 T-2 Target PCs Schedule migration App list Complete Final check

T-Minus Site and User Readiness Plan

Change Management Communication User Training Support Desk Deploy Agents Build Image(s)

Engineer OS and App Settings Customization

Scheduling

User Switchover Post Migration Support Define Content

User Image(s)

Map Users to Images

Implement Plan

Printing

Communications

Peripherals

Implement Plan Implement Plan

User Image(s)

High Level App Compatibility

Network Capacity

Identify Application Migration needs

Process Changes

Help Desk Support Lifecycle Image Management App Management Infrastructure Readiness Plan Application Migration Application Delivery

Process Changes

Develop Support Desk Changes and Train Develop and Implement Lifecycle Process Change Develop and implement Image Management Develop and Implement

App Management Change Image

DVS

Apps User Personality

Pilot

Define Pilot Success Criteria Identify Pilot Users

Configured

device

Browser

Image

Container

Application

Container

_receivers

VDI

End users will only adopt tools they like

Empower end users to use their evolving skills

88% need remote access

66% use free file sharing tools

Productivity

Privacy

End users

They want to use their personal devices

Mobile devices

Laptops/tablets

IT

End users need productivity

Agency owners will do anything to ensure productivity

Need productivity tools to deliver outcomes

more quickly than IT can create them.

Your devices, your users, your mobile strategy

Enterprise Mobility Management (EMM)

•

Complete, secure endpoint management

•

Secure enterprise workspace on all devices

•

Secure access to enterprise data

•

Integrated console management

•

User self-service

•

Identity management

•

Business apps and services you need

•

Flexibility for future-proofing

Comprehensive mobile enablement

Unified solution with common functions for all your devices

EMM functions

Real-time reporting

and alerts

User self-service

Secure access to

corporate resources

Systems, device, app and

content management

Endpoint management

Container management

User experience—same look and feel as an

enterprise PC

End users can:

•

Run applications directly on their PC

•

Login and start VPN and apps just like always

20

Policies to

protect

Windows apps

and data

Choose your own adventure

Corporate-owned devices

Most organizations have needs

across these tiers

Corporate owned,

personally enabled

Corporate issued

Choose your own

Bring your own

(from enterprise-approved product list)

Future State Workspace

22

Mgmt

Platform

Active

Directory

BYOPC

Application

gateway

DMZ

VPN

connector

Live PC

_management

Workspace

Authentication,

policy, player,

and image

updates

ABC Inc.

Corporate

Windows 7

Secure access

Corporate apps

and data

Corporate VPN

and firewall

Policies

DLP controls

• Cut and paste

• Drag and drop

Corporate network

Public network

24

C

ONSUMERIZATION OF

IT

BYOD and Cloud-based File Storage