Attention CXOs: There's something you need before you BYOD.

Attention CXOs: There's something you need before you BYOD.

Summary: The keystone for any successful BYOD program is a management suite. Without one you will fail.

TOPICS: Mobility

I hope that it's obvious that before you start a BYOD program at your company that you have considered how you're going to manage those devices on your network. If you haven't explored a mobile device management (MDM) or mobile application management (MAM) suite, then you're not ready for BYOD. From a C-level seat, a bring your own device program saves money, effort and irritation but you have to manage it wisely. If you don't put some control on user-owned devices with a good management suite, you'll regret the day you bought into to this whole consumerization shtick.

MDM or MAM, Which is Better?

If you've done your homework, you realize that neither is superior over the other; they're different. Mobile device management takes more control of the device, provides remote wipe, remote lock and many other features to prevent App installation, to limit access to App stores, to deny access to jailbroken devices and to restrict which Apps can be run on the device during working hours. Some managers and users alike feel that this approach is heavy-handed, while others clearly see a need to create a more structured work environment.

Mobile application management takes a different approach. A typical MAM scenario involves installing one or two Apps on a new device to register it and to provide a secure link into the corporate network. MAM suites still have the same power as MDM to remotely wipe the corporate App, to deny jailbroken devices and to impose limitations while connected to the company portal. MAM is less intrusive and often requires less effort to convince users to allow access to their devices.

Managing Freedom

I have many readers comment negatively on corporate management of their devices. Some have said, "No way" to corporate assimilation and others have agreed reluctantly. I think there's some resistance because of the "I own this device and you're not going to control it" or the feeling that they're being spied on in some way.

First, I don't believe that any company executive has the time nor the inclination to spy on their workers beyond what's reasonable in a competitive corporate environment. No one wants to see their intellectual property sail out the door to a public site or to a competitor's hands. And, it's normal and legal to prevent theft at any level. The company owns your email, your IMs, your documents and your phone conversations.

Second, most BYOD programs are optional. You don't have to submit your device to the corporate monster. If your paranoia or personal habits put you in an opposing position to your company's goals, then don't partake. Either that or take the stipend given to you by the company to purchase a second "personal" device to use on the corporate network. This option makes the most sense for those who subscribe to conspiracy theories.

Third, BYOD is the new normal. In five years (my prediction), more than 90% of companies with 100 or more employees will have a BYOD program in place. It's a win-win for the company and the employee.

Finally, corporate BYOD programs must be managed. Even the most "personal freedom fighter" employee realizes that security is extremely important. You can choose to shop in stores that have no anti-theft equipment. You can choose to drive an automobile that has no GPS device. And, you can choose to work for another company, if you find that your personal freedoms are being violated beyond your tolerance level.

Personally, I wouldn't allow any personal device on my network without a strict management policy and application suite in place. Each employee would have to sign a document that outlines company responsibility and employee responsibility. And, absolutely no jailbroken devices allowed.

BYOD Going Forward

Managing devices is going to become interesting in the coming years. New devices will come equipped with the ability to have a personal device mode and a corporate device mode, which are separated by something akin to virtual machines. Other devices that can't handle the hypervisor concept will certainly have some "personality-aware" hardware and software on board that makes it easier for companies to manage them as personal devices. By personality, I'm referring to personal, corporate, airplane, secure, etc. modes that allow certain Apps and capabilities to be switched on and off when that device enters a managed space.

When an unmanaged device enters a managed zone, the user will be prompted to allow a personality to be engaged, rendering other personalities to be disengaged or the device will be essentially "bricked" and allowed no access.

CXOs have a responsibility to shareholders, to employees, to customers and to themselves. A BYOD program is part of that area of responsibility. A BYOD that's implemented in haphazard fashion will fail. You must have a management policy and a management suite in place before you BYOD. Developing a BYOD program doesn't mean that you, as a CXO, are a spy or a "bad guy" because you want to save money. Nor should it mean that you allow user devices on your network without control because you might offend someone.

If you're unsure where to turn for more information, I'll have a post up next week that lists several management suites available to you. Stay tuned for that list.

What do you think--could a company successfully implement a BYOD program without a management suite? Talk back and let me know.

Topic: Mobility


Kenneth 'Ken' Hess is a full-time Windows and Linux system administrator with 20 years of experience with Mac, Linux, UNIX, and Windows systems in large multi-data center environments.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It's not just technology

    It's a culture thing. We have had a BYOD program for almost 2 years and to date we have 100ish employees using their own device (out of over 25k) It's not for everyone for many of the reasons you outline. It doesn't save money - our support costs have gone up, the hope for an "online community of support" is a pipe dream as you have the 90/10 rule where 90% of employees know how to play games, use facebook and send a txt but have no concept of how to configure their device for email, use Citrix etc.

    BYOD needs a considerable effort to market and educate employees. Who owns that and cares about that everyday? Is that added to someones job or a new position? Considering you have a low participation many companies just go the best effort support model which IMO just turns off employee interest even more as again the 90% want and need support.

    BYOD also almost requires a stipend or it doesn't make sense at all for the employee. I'm going to allow restrictions on my own device, pay for data that I'm using to respond to company email, remotely work all for what - the benefit of using my device of choice? I'll gladly take the company provided device if my job requires the use of a mobile device. I really don't know where the whole I like "this" to do my job started from, likely some Apple user but it's never been done for any other corporate technology. Small companies did BYOD laptops but most places still have firm control of not only the laptop but model and features. Perhaps it's due to mobile devices are now more "affordable" but it's not really cheaper after you add all you need to make any device corporate capable (CAL for MDM/MAM, Citrix etc).
  • We have BYOD

    Where I work we have BYOD in place. Support costs are very low as we are an IT company and we all can take care of our own machines.

    The company participates by paying for half the price of the laptop (no desktop allowed, we've got to be mobile) and finance the other half over two years by payroll deductions so in the end you don't even realize you're buying it (15-20$ per pay for a 1500$ laptop is nothing).

    The condition is that for that two years it's our work computer, if we quit before the two year is over we either pay the difference left to pay to keep it or give it back. After the two years it's ours to do what we want with it and we can enroll for another one.

    Works great and we always have up to date machines, but it wouldn't be that easy in companies with a large number of non-IT employees.
  • You couldn't be more off base....

    "If your paranoia or personal habits put you in an opposing position to your company???s goals, then don???t partake. Either that or take the stipend given to you by the company to purchase a second ???personal??? device to use on the corporate network. This option makes the most sense for those who subscribe to conspiracy theories."

    Wow ! No offense, but that sounds like the biggest 'corporate tool' in the world speaking. If I don't want the company taking control of my personal devices that I paid for, I'm either 'paranoid' or in 'an opposing position to the company???s goals' aka 'not in line with the company' ??? Those are the descriptive choices ?

    I'm 'subscribing to conspiracy theories' ??? Holy Stuff, Spy man !

    Or I can 'take the stipend...' and buy a services contract for a new phone, that bills to me at home, that I'm locked into for a year or two ? Even if I leave the company ?

    You couldn't be more off base....