A Survival Guide for CIOs
Evolving your
network for
the BYOD Era
Viewpoint
3-step guide
to developing a
mobility strategy
Introduction: The Rise of the Mobile Workforce
3
The New Meaning of ‘Flexible Working’
3
The Unstoppable Rise of Mobile Devices
3
Risks and Rewards of Worker Mobility
4
Three Approaches to Mobile Flexible Working
5
Total Lockdown
5
Blind Eye
5
Trailblazer
6
Three Steps to Safely Enabling Mobility in Your Business
7
Define Your Mobile Working Policy
7
Align Internal IT with the Policy
7
Continually Communicate and Enforce Policy to Users
8
Conclusion 9
Recommendation 9
Contents
A Survival Guide for CIOs
Evolving your
01 01 02 02 03 03A Survival Guide for CIOs
Evolving your network
for the BYOD Era
A three-step guide to developing a mobility strategy
The Rise of the Mobile Workforce
New and powerful mobile devices are making flexible working the norm in many organisations. Employers are equipping workers with laptops rather than desktop PCs, and a growing number of employees are also using their own smartphones and tablets to conduct
work-related tasks. The number of devices they use is increasing too. Today, a typical knowledge worker might use their work laptop, employer-issued BlackBerry, personal Android phone and personal iPad for workrelated activity over the course of a day that now stretches far beyond the traditional nine-to-five.
The New Meaning of ‘Flexible Working’
These developments are rapidly changing the concept of flexible working. Where once it might have meant working from home one day per week, now it means being able to work anywhere; in the evening at home, on a train, from the beach on holiday. For today’s mobile employees, work is what you do, not where you are. The challenge for IT is to manage, support and enable this new, ‘consumerised’ world for the benefit of the organisation.
Source: DigiTimes, March 2012
The Unstoppable Rise of Mobile Devices
Smartphones in useworldwide
2011 2011
336 Million
54.8 Million
2013 2013
1 Billion
130 Million
Tablets in use worldwide
Risks and Rewards of Worker Mobility
For modern organisations, mobility is a double-edged sword. On one hand, mobile-enabled workers are undeniably more productive. On the other, the explosion in the use of personal devices for work – the so-called Bring Your Own Device (BYOD) trend – and the increasing need to make company applications and data mobile are creating new and often unforeseen risks:
Security
Company data may be moved outside the firewall as the boundaries between personal and work use of IT become blurred.
Integration and Compatibility
The number of different devices and operating systems makes it impossible to standardise device configuration.
Reliability and Support
Outside of the company’s networks, Wi-Fi and 3G network performance for users of wireless-only devices is beyond IT’s control.
Bandwidth Issues
Employees may try to use the corporate network for things like uploading photos and videos, putting pressure on bandwidth (see graph).
240
Number of extra hours per year
typically worked by employees with
smartphones.
(Source: iPass, 2011)
7,000
Petabytes per month
Mobile VOIP Mobile Gaming Mobile M2M Mobile P2P Mobile Video Mobile Web/Data 3,500 0 2010 2011 2012 2013 2014 2015 92% CAGR 2010–2015
With so many challenges to overcome,
how do you ensure that mobile flexible
working is appropriately enabled and
supported in your organisation?
Three Approaches to Mobile Flexible Working
To date, organisations have taken one of three approaches to the mobility revolution and overcoming the challenges listed above, and in particular, the use of personal mobile devices in the workplace:
Total Lockdown
To date, organisations have taken one of three approaches to the mobility revolution and overcoming the challenges listed above, and in particular, the use of personal mobile devices in the workplace:
Pros Cons
Enterprise data remains secure (or at least, as secure as the security measures in place allow it to be).
Users are frustrated at the lack of access to sites and apps that make them more productive (and could benefit the business in other ways too). Talented, digitally-savvy employees may leave to go to more forward-thinking organisations.
Data remains within the enterprise IT environment, so it is backed up, audited and producible in the event of a compliance investigation.
Users start to bypass IT by using their own smartphone or tablet devices, their own choice of networks (e.g. 3G, public WiFi) and their own choice of apps to get things done. They use personal email, Dropbox etc to transfer data onto personal devices.
Data starts to be created outside the enterprise IT environment, where it is unmonitored, unbacked-up, and inaccessible in the event of an investigation.
Support costs are controlled and predictable.
Blind Eye
The employer recognises that consumerisation makes employees more productive, but has no strategy or policy in place to embrace it. Employers and IT departments turn a blind eye to unknown mobile devices accessing wired and wireless networks, and tolerate the use of non-enterprise apps for work-related activities.
Pros Cons
Employees are more productive and tend to work longer hours voluntarily.
The organisation has lost control of IT, leaving it at the mercy of users’ own habits (e.g. lax attitude towards device/data security) and demands (e.g. support for personal Android device). Employees are happier with their working
environment, reducing staff attrition rates. Risk of sensitive enterprise data being removed from the enterprise IT environment or stolen along with the mobile device.
Work-related data is created outside of the enterprise IT environment, causing fragmentation, security issues and possible compliance breaches. There is a lack of clarity as to who is responsible for what: IT or users?
Employees have access to much higherspec hardware than IT departments have the budget to provide.
Trailblazer
The employer actively encourages workers to use whatever devices and apps help them to do their job best, but in a controlled and responsible manner. This approach strikes the right balance between total lockdown and turning a blind eye.
Pros Cons
The organisation remains in control of IT, so the risk of ‘nasty surprises’ is significantly reduced.
The IT landscape is more complex, with new devices and platforms to onboard and integrate, and potentially the need to mobile-enable key enterprise apps.
Employees are more productive and tend to work longer
hours voluntarily. There are more and different types of devices to support, some non-corporate owned.
Employees are happier with their working environment, reducing staff attrition rates.
Employees have access to much higherspec hardware than IT departments have the budget to provide.
Data is secure, backed up and audited.
Secure, responsible use of mobile devices is difficult to enforce without a clear policy that everyone is aware of. In some industries, a tight regulatory environment may make an open approach to worker mobility impossible regardless of control/responsibility measures.
Total Lockdown
To date, organisations have taken one of three approaches to the mobility revolution and overcoming the challenges listed above, and in particular, the use of personal mobile devices in the workplace:
02
Survive the rising tide of mobile devices in your workplace
Three Steps to Safely Enabling Mobility in Your Business
Many organisations will find the third option the most appealing, but the challenge for IT departments is to implement in such a way that the business can reap the rewards of mobility while mitigating the risks.
While the ‘old days’ of IT having complete control over the environment are fading, best practice is emerging around how IT can manage and guide the consumerisation trend to the benefit of employees, the organisation and itself.Core elements of this best practice include a well-defined mobile working strategy, clear communication with users around who is responsible for what, and a policy that can be easily communicated, enforced and modified. Based on our work with customers in multiple sectors across the UK, we recommend the following three-step approach:
The policy will clearly set out the ground rules for IT and employees in a number of key areas. Its terms will depend on what you want the user experience to be, and how much mobile/ BYOD use you want to allow. Key areas to cover will include:
• Which devices and operating systems will be tolerated/supported by the organisation • How the device is secured (password policies, remote wipe, lockout policy)
• Apps (which ones are allowed, and using which kinds of network – e.g. corporate wLAN, home WiFi, public WiFi and 3G – are authorised for access)
• Data management (what users can and can’t store. Whether personal data is allowed on the device and what happens with it if the device is wiped)
• Access methods (what methods are recommended, what’s not allowed, expectations on connections e.g. what users should consider when using public wireless)
• General considerations (user acceptance of policy, what support do IT offer, who is liable for the device, what responsibility is placed on the user)
Define Your Mobile Working Policy
A clear policy is essential. Without it, users will fall back into bypassing IT to get what they want, and IT will end up trying to support more devices, operating systems and apps than budget, time and expertise allow. With a policy, everyone is aware of their own options and responsibilities, and IT can shape what they deliver to enforce and underpin the policy.
Survive the rising tide of mobile devices in your workplace
Align Internal IT with the Policy
To enable the policy to be workable, you must align your IT infrastructure, processes and resources with the terms set out in it. Key points to consider are:
02
Infrastructure
Implement the right security and access controls on the LAN, wireless LAN and any VPNs to enable the users and devices identified in the policy to access allowed networks, and to prevent any unauthorised users and devices from accessing the corporate network. Ensure relevant enterprise apps are mobile-enabled for the devices and platforms specified as ‘allowed’ in the policy.
Processes
Ensure appropriate support and escalation processes are in place for any
employeeowned devices that will be allowed under the policy, and that support staff are aware of what they can and can’t support.
Resources
Ensure the support team has all the right skills to deliver support for the apps and devices specified in the policy.
Continually Communicate and Enforce Policy to Users
A policy is no good if nobody is aware of it, and too many policies sit on shelves with no one reading them. IT has a unique opportunity to communicate and enforce policy using the very devices that employees are using every day under the terms of the policy.
03
Policy can be communicated to mobile users by installing an app on each authorised device that communicates a user-friendly, humanised version of the policy, customised to the specific user.
Updates can be communicated as they are rolled out, and users can be encouraged to engage with the policy app by accessing ‘how to’ guides (e.g. ‘how to access the corporate network from my iPhone’) and other useful information to help them work better.
VIEWPOINT: A SurVIVAl GuIdE fOr CIOs: EVOlVING yOur NETWOrk fOr ThE ByOd ErA
Processes: Ensure appropriate support and escalation processes are in place for any employee-owned devices that will be allowed under the policy, and that support staff are aware of what they can and can’t support.
Resources: Ensure the support team has all the right skills to deliver support for the apps and devices specified in the policy.
Continually Communicate and Enforce Policy to Users
A policy is no good if nobody is aware of it, and too many policies sit on shelves with no one reading them. IT has a unique opportunity to communicate and enforce policy using the very devices that employees are using every day under the terms of the policy.
Policy can be communicated to mobile users by installing an app on each authorised device that communicates a user-friendly, humanised version of the policy, customised to the specific user. updates can be communicated as they are rolled out, and users can be encouraged to engage with the policy app by accessing ‘how to’ guides (e.g. ‘how to access the corporate network from my iPhone’) and other useful information to help them work better.
3
VIEWPOINT: A SurVIVAl GuIdE fOr CIOs: EVOlVING yOur NETWOrk fOr ThE ByOd ErA
Processes: Ensure appropriate support and escalation processes are in place for any employee-owned devices that will be allowed under the policy, and that support staff are aware of what they can and can’t support.
Resources: Ensure the support team has all the right skills to deliver support for the apps and devices specified in the policy.
Continually Communicate and Enforce Policy to Users
A policy is no good if nobody is aware of it, and too many policies sit on shelves with no one reading them. IT has a unique opportunity to communicate and enforce policy using the very devices that employees are using every day under the terms of the policy.
Policy can be communicated to mobile users by installing an app on each authorised device that communicates a user-friendly, humanised version of the policy, customised to the specific user. updates can be communicated as they are rolled out, and users can be encouraged to engage with the policy app by accessing ‘how to’ guides (e.g. ‘how to access the corporate network from my iPhone’) and other useful information to help them work better.
3
VIEWPOINT: A SurVIVAl GuIdE fOr CIOs: EVOlVING yOur NETWOrk fOr ThE ByOd ErA
Processes: Ensure appropriate support and escalation processes are in place for any employee-owned devices that will be allowed under the policy, and that support staff are aware of what they can and can’t support.
Resources: Ensure the support team has all the right skills to deliver support for the apps and devices specified in the policy.
Continually Communicate and Enforce Policy to Users
A policy is no good if nobody is aware of it, and too many policies sit on shelves with no one reading them. IT has a unique opportunity to communicate and enforce policy using the very devices that employees are using every day under the terms of the policy.
Policy can be communicated to mobile users by installing an app on each authorised device that communicates a user-friendly, humanised version of the policy, customised to the specific user. updates can be communicated as they are rolled out, and users can be encouraged to engage with the policy app by accessing ‘how to’ guides (e.g. ‘how to access the corporate network from my iPhone’) and other useful information to help them work better.
Conclusion
Organisations that have followed these three steps have been able to strike the right balance between the “Total Lockdown” and “Blind Eye” approaches outlined on page 5. In doing so they have created a flexible working environment for the mobile age, in which employees are aware of their own responsibilities and permissions, and IT retains proactive control of the network environment.
Recommendation
If you’re serious about embracing the mobile revolution and freeing employees to work in more productive, collaborative ways, you need to start now by getting your mobile working policy in place. Networks First can help you at every step of the way; drawing on our extensive experience in multiple industry sectors to help you define a workable policy, configure your IT infrastructure, processes and resources accordingly, and communicate the policy to users via mobile app.
To find out more about how we can help, contact us today.
call us on 0845 850 5577
email us at [email protected]
visit our website www.networksfirst.com
About Networks First
Today’s users demand access to information from any device, anywhere anytime. To guarantee this, IT need a service delivery model enabled by a reliable network foundation – a network that is cost effective, mitigates risk, optimises performance and ensures future business agility.
Experts in networking, Networks First provide a range of services delivered through our services based network platform that provides end-to-end management from device to information. Our focus is on delivering optimum user experience, regardless of device or access mode, and throughout the lifecycle of the network.
Further Resources
Webinar: The Multiple Faces of Mobility and the Impacts on Your Network - practical advice from Networks First’s Consultant Paul Lewis on how to enable the corporate network for mobile working. Go to www.brighttalk.com/webcast/7063/39197 to view.
