Page 1 of 2
The Bring Your Own Device (BYOD) trend is picking up momentum, particularly in the tablet space, with the popularity of devices such as the iPad and Samsung's Galaxy. Managing all those not-issued-by-corporate devices can be a challenge, notes Jon Rolls, vice president, product marketing for User Workspace Management at Quest Software. While smartphones are increasingly used for work, there is an equal explosion in device variety in the laptop and tablet worlds; Rolls explains how you can productively and safely enable users to use their own tablets and laptops.—Jennifer D. Bosavage, editor
Bring Your Own Device (BYOD) is getting increasing focus as the variety of platforms and devices consumers choose for their personal computing tasks explodes, and they expect to be able to use those same devices and platforms in the workplace. This expectation brings many challenges and concerns. Because being forewarned is forearmed, here's a look at the five biggest mistakes made when considering a BYOD program, so solution providers can guide their customers appropriately.
Mistake 1: Fearing BYOD
Many IT departments are paralyzed with fear that the security or liability problems cannot be overcome, that they will be buried in support problems, or that users will just bring viruses and malware onto the network. Done badly, those are all possible consequences of a BYOD program. The prevailing wind, however, is leading us to a future in which IT is decentralized, users operate outside of corporate boundaries, and tight control of an inventory of computing devices is not required or possible. BYOD is just the latest step in this evolution and, done correctly, it can be embraced.
[Related: How To Maintain Security In a BYOD world]BYOD is not just about placating demanding users and flashy executives with their shiny new milled aluminum computing toys; it also enables extended and more flexible work styles, and attracts a more creative, forward-thinking, and problem-solving class of employee. A successful BYOD program can be a great way to break a culture of corporate dependence in an organization where every worker expects everything to be done for them, and to empower workers with a sense of ownership and team-building, where the organization values their contribution and doesn’t just want to them to show up.
Embrace BYOD before it happens despite an official sanction. The fact is that users can do so much for themselves; if IT gets in the way, they will simply bypass it. Users can have massive email quotas, online collaboration and file sharing, their own CRM, Internet connections, proxies/tunnels, etc. in minutes, if they want them. The balance between user freedom and corporate control is shifting and requires a new approach.
Mistake 2: Losing control of what data the user has on their own, personal devices
To be fair, this varies by industry. Some workplaces have less to protect than others, and only protect their most sensitive files and documents, trusting employees to take appropriate measures and protect less critical information. Other organizations have few liability concerns and believe it is not worth the time and investment to restrict user activity, preferring a culture where individuals are aware of a corporate policy, but it is not systematically enforced.
So, the real mistake here is to not make the decision, and just let BYOD happen. Once the balance between corporate control and user freedom has been set, including the decision on how much data can be allowed onto user devices, it is time to look for a solution that gives that control, and this is where virtualization is my favorite approach.
Virtualization was originally designed to provide a layer of isolation from the underlying hardware in a desktop or server, allowing multiple virtual machines to share the same physical hardware, and preventing problems in a virtual machine from affecting others, as well as allowing greater portability of operating system images across hardware. However, another benefit of this isolation is that virtual machines can be sandboxed, in such a way that data cannot get in or out of them without corporate approval. There are two approaches relevant to BYOD – (a) virtual machines in the datacenter with remote access from any device, anywhere and (b) virtual machines on endpoints, managed and secured from a datacenter.
Approach (a) is cleanest because you can completely prevent data from leaving the datacenter, and access is easy from almost any device with an Internet connection, including Mac and PC laptops and desktops, tablet devices, and even some smartphones. It does require the user to be continuously connected, as well as investment in datacenter hardware and software, but it’s a well-established solution that comes in flavors known as session virtualization, Terminal Server, and more recently, desktop virtualization.
Historical resistance to this technology has come from three objections. First, users no longer own their own desktops. This was one reason VDI was seen as a worthy successor to Terminal Server/Session Virtualization, in spite of higher hardware and licensing costs. Second, virtualization was seen as having incompatibilities with endpoint hardware peripherals. Again, VDI offers some significant improvements in this area. The final objection is that some applications do not behave well in session virtualization/Terminal Server. Again, this last point was partially addressed by VDI, but VDI is a lot more expensive and there are now excellent automated solutions on the market that solve the problem of testing and preparing applications for use in session virtualization, easing transition to a hosted model for delivering corporate Windows applications.
Approach (b) is less well-known, but we will turn to it next …