BYOD Success Kit
BYOD Success Kit
Table of Contents
• Current state of BYOD in enterprise
• Checklist for BYOD Success
• Helpful Pilot Tips
2
Current State of BYOD in
the Enterprise
BYOD Success Kit
Defining BYOD
Bring-Your-Own-Device (BYOD): a business practice allowing
employees to use their own smart phone, tablet, PC, and/or Mac for
work applications.
'Bring-your-own-device (BYOD) has emerged as an institution in
corporate America today – but does the acronym stand for bring your
own device or bring your own disaster? Surveys show that up to 90
percent of corporations use some form of BYOD, but that up to 80
percent of BYOD activity is "inadequately" managed by IT
departments.’
4
Definition from: SC MAGAZINE JANUARY 2, 2013
BYOD Success Kit
IT Cannot Ignore 2 Billion
Personal Devices
• Corporate employees
have access to 2
Billion devices –
phones, tablets, PCs
• There are already
more tablets &
smartphones than PCs
• The majority of devices
are personal and
unmanaged (BYOD)
5
BYOD Success Kit
Current State of BYOD
Insights on the Current State of BYOD Intel’s IT Manager Survey, October 2012
6
Email is widely
deployed
But very few
customers have
deployed enterprise
apps to BYOD
BYOD Success Kit
Why haven’t companies
deployed apps?
7
Insights on the Current State of BYOD Intel’s IT Manager Survey, October 2012
Top Three Reasons
1. Security & Discoverability
2. Ability to Support Our
Enterprise Apps
3. Lack of compatibility with our
infrastructure
BYOD Solution Check List
BYOD Success Kit
BYOD Solution Checklist
Security
Can I leverage my infrastructure in the data center?
Is my data secure on the device?
Is end user activity on the device discoverable and auditable?
Which applications should I use?
Should I adopt the cloud?
How should I think about end user experience?
9
BYOD Success Kit
The fundamental requirements of BYOD are
satisfied by existing remote access
infrastructure. A new solution for BYOD
should be able to leverage your VPN
deployment.
Can I leverage my current
infrastructure?
Have you deployed VPN
for remote access?
• If you have deployed VPN today,
you don’t need more new
infrastructure in your data center.
• Your remote users already use
VPN to access corporate assets
from home or on the road. The
VPN appliance has been
integrated with your corporate
authentication mechanism – AD &
RSA. You have also integrated
the VPN appliance with a SSO
mechanism like CA Siteminder.
10
BYOD Success Kit
Is my data going to be secure
Is the data protected on the device?
Is the data stored in an encrypted format on the device? Where are the keys stored? Can the data be opened in non-secure applications?
Is the data protected when it is in transit?
All the corporate data being transferred between the device and the corporate network should be encrypted. A good solution will also leave personal data alone, so that all the employee Facebook traffic is not being routed through your VPN.
Is the device secure? What happens when the employee leaves my company?
The client software should check whether or not the device is jail-broken. The solution should also provide functionality to wipe out corporate data from a device if it is lost, or if the employee leaves the company.
11
BYOD Success Kit
Context is key to security
What is context?
Context is who is doing what, when, and from where. For example, user Adam
downloaded a document at 9:00 PM from California. Or Adam took 12 seconds to
access the SharePoint application from an iPhone in Chicago. Context can help you
better secure your data and understand and improve the real user experience for
your employees.
I am worried about compliance, discoverability, and audit
Look for a solution that will help you “prove” you know what end users are doing with
corporate data on the device. For example, you should know which files users are
downloading. Or you should know which apps they are accessing from where?
Adjust level of security to threat condition
Look for a solution that will adjust the level of security based on the threat condition.
For example, the authentication can be different based on whether the user is
accessing corporate assets from a trusted vs. un-trusted location.
12
BYOD Success Kit
Do I need brand new applications?
No, start with the 10-50 apps on which your business runs today, for example, Email, SAP, SharePoint, Intranet, and others. We have observed that the majority of these applications are web based, some are Windows client-server applications, and a few applications are native.
What about form factor?
Most apps will work fine on tablets; some work fine on smart phones. As more optimized applications become available deliver those also. Once the framework is in place, it will be easy for you to deliver those new applications.
Data
Cloud
Context
Apps
Device
UX
60%
Un-Optimized
Web Apps
25%
Windows
Custom
Native
Custom
HTML5
ISV
Native
10%
Optimized
Web Apps
Which applications should I use?
13
Tablets are not bigger phones
• In terms of user interaction, a tablet is more
like a phone than a PC. It needs a simpler
interaction model, more touch and gesture
based. On the other hand, since it has a
much larger form factor than the phone.
Web sites designed for the PC are usable
on a tablet.
• Deborah Gage talks about the differences in
how people use their iPad and iPad Mini vs.
their iPhones: “They communicate and play
games on their phones, but increasingly
they will work and shop on their tablets…”
See the WSJ blog:
http://blogs.wsj.com/venturecapital/2013/04/
24/as-tablets-rise-investors-notice/)
• In a 2012 survey, Business Insider found
that users spent more time browsing the
web (37.3%) than any other activity on the
iPad. This behavior has changed very little
in the last three years. It is very different
from how users use their
phones.http://www.businessinsider.com/ipad
-usage-survey-results-2012-7?op=1
14
BYOD Success Kit
Should I adopt the cloud?
Speed of device refresh => Cloud
Devices are being refreshed at a much faster pace than Windows. Microsoft used to
update Windows every 3-5 years, and you probably upgraded your desktop OS every
7-10 years. Now each device OS (Android, iOS, Windows) is updated multiple times a
year. And each device vendor upgrades its device 1-2 times a year. Remember that
end users upgrade their devices more frequently and not on your calendar. An on-
premise deployment cannot keep pace with this speed of device refresh. Only a cloud
service that is upgraded rapidly can keep pace with the speed of device refresh.
But is the cloud secure?
Choose a cloud service that is designed as a control plane. Corporate data should
flow directly between the client device and the corporate network over SSL/TLS and
should not flow through a traffic reverse proxy running in the cloud that acts like a
"middleman" between the device and the corporate network. The "middleman"
architecture affects the security, performance and availability of the BYOD solution.
15
BYOD Success Kit
How should I think about UX?
How should I think about end user experience?
Its not just about the UI! When Blackberry came out with their email solution,
they simplified the access of email on mobile devices significantly. An end
user could check their email with one hand while waiting at a stop light. Apple
was able to bring a similar experience to other consumer applications when it
launched the iPhone and later the iPad.
For the last decade or so, you have done the same for your users on
corporate PCs – integrating SSO into application authentication, integrating
business workflows using EAI and others.
When you think about simplifying the end user experience, think of how you
would bring a similar degree of integration and seamlessness into a remote
experience from a personal device.
16
Simplify the User Experience
Today a user can take minutes to
access apps remotely!
Typical Mobile User Experience
1. Turn on laptop
2. Fire up VPN
3. Login into VPN
4. Use RSA Token
5. Fire up Browser
6. Login into SharePoint
Now employees want instant
access seconds vs. minutes!
Desired Mobile User Experience
1. Turn on smartphone or tablet
2. Tap on SharePoint
17
BYOD Success Kit
Summary
Simplest User Experience
Rapid Deployment Leveraging Existing Infrastructure (in
minutes not months)
100% Cloud Architecture for
Lowest TCO
Better Security – on device, in network, with
context
Think of the following four keys for your solution for BYOD
Conclusion
BYOD Success Kit
Decision Makers Criteria
20
Criteria Power
User
CIO Network
Manager
Security
Manager
Apps
Manager
CFO
Legal
Security – Protect data in transit or
on device
✔ ✔ ✔
Security – Leverage existing VPN
and AAA
✔ ✔
Security - Audit & Discoverability ✔ ✔ ✔
Simple User Experience ✔ ✔ ✔
Raises Employee Productivity ✔ ✔ ✔ ✔
Measure/Improve End User
Experience
✔ ✔ ✔
Lowest TCO ✔ ✔
BYOD Success Kit
Helpful BYOD Pilot Tips
1. Involve your VPN partner early, ask if there’s an
integrated BYOD partner
2. Test with key stakeholders in line of business (LOBs)
before you settle on a BYOD partner.
3. Test with at least 3 applications – SharePoint, Intranet,
LOB Application
4. Look for flexible terms with vendors; don’t be locked into
buying new infrastructure. Start with SaaS vendors.
21
Learn more about Workspot!
22
User Interface for high productivity
on smartphone or tablets
Cloud Control Panel
Analytics
Workspot Network Architecture
23
Keep up with BYOD trends, follow: workspot.com/blog
@workspotinc
24