This is a guest blog post. Views expressed in this post are original thoughts posted by Toby Makepeace, Technical Director at Network Utilities. These views are his own and in no way do they represent the views of the company he works for.
Like us you’ve probably been asking questions and more questions about BYOD. To quote Stephen Fry ‘No sin in that. We grow wise by asking questions. The right questions.’ So, here our Technical Director, Toby Makepeace grapples with BYOD and answers some of the biggies.
BYOD – a threat or an opportunity?
We are all well aware of today’s business challenges brought by the proliferation of mobile devices, new styles of remote working and the associated challenges faced by IT managers in meeting the increased demands for network access from both staff and guests. Those challenges aside, this question is easy for me to answer - opportunity! In my view BYOD brings a massive opportunity to your business. Quite simply the possibility of the increase in productive man hours can only be viewed as a benefit to the business. So, next questions please!
Are businesses prepared? What’s the risk to the business? Are there cost savings to be made? What is the impact on the IT department?
To answer these let’s first cast our minds back to when BlackBerry’s were first being deployed. At the time many felt they were an unnecessary cost and a risk to the business, and would not increase productivity, yet nowadays you’d be hard pushed to find a member of staff who doesn’t feel their BlackBerry or mobile device is a critical part of their everyday business toolkit.
However, I also believe the risk factor still exists and in some cases has not been addressed for these corporate devices. As people move away from BlackBerry to other mobile email systems, a BYOD strategy might help tackle these risk factors by reviewing the corporate policy on mobile devices and re-addressing some of the failings around theft or lost devices and help you move towards a solid Mobile Device Management policy.
With mobile email being the killer application upon which we all rely, let’s take a look at each of these questions in a little more detail:
Are businesses prepared?
Unfortunately the answer here is generally no, but we were not prepared for mobile email either. At that time we needed to invest in the solution that worked for our businesses, so now we need to invest in a BYOD solution that works for our businesses too. It might be just one product that we need, but more likely a suite of products to build a robust BYOD solution.
What’s the risk to the business?
The answer here really comes down to how far you want to take BYOD, and the level of investment required to protect your business. The solution that you take on board should not be any different to a solution you should look to deploy to secure a corporately owned asset like a laptop. Consider if you can increase the level of protection you offer your business by using BYOD as a strategy to implement a solution to secure both BYOD and your corporate assets.
A full Network-Access-Control solution like “Juniper Networks UAC solution” can offer benefits to your business by minimising the risks from both BYOD and corporate devices. This solution can manage devices that are allowed to join the network and control the level of access that they gain based on the identity of the user and the state/health of the device the users are trying to connect with. This way you are able to increase your network security. Now you just need to develop a robust policy around which applications and systems on the network any personally owned devices are able to access.
Are there cost savings to be made?
You are going to need to, and you’d be wise to, invest in a solution to manage and protect your network. However, that aside protecting your network is essential regardless of BYOD. Your organisation could save money on the number of corporate assets like mobile phones and laptops you need to manage and deploy if you fully embrace BYOD. But to my mind the question is not so much about cost savings, but increased productivity.
So, back to our BlackBerry example, I imagine a high percentage of your staff read an email at lunchtime or on their journey home and in most cases will respond and deal with it in their own time. If we removed our corporate mobile email solution and offered a BYOD email solution based on the Juniper Networks’ PULSE Mobile Security Suite and Juniper’s SSL VPN could we save money? I think the answer is yes, and consider this, you might also increase productivity even further as a number of staff will have two devices, one personnel and one business. Which one gets left at home at the weekend or in the evening? Unless you are as sad as me, it is not your business one!
What is the impact on the IT department?
Without a shadow of doubt there will be an impact on the IT department as any solution needs to be deployed and managed. However, an effective integrated solution, based on Juniper’s products like the IC, SA and Junos Pulse make that experience a lot easier to manage. The threat to the network can be effectively managed by a strong policy dynamically enforced by the combination of these solutions, and where a greater level of threat prevention is required the Juniper SRX with IDP unit can be integrated with the whole solution, providing a granular policy control enforcer based on User ID and health of the asset accessing the network.
In my opinion the debate on BYOD should not be examined in isolation, but as an overall enhancement to your whole network security policy. Yes, there will be a cost for set up and deployment, however increased network protection, and minimising down time from virus and malware risks need to be taken into account irrelevant of BYOD. The increase in productivity in staff, will only really been seen over time, but like mobile email, BYOD may also prove to be a true and productive benefit to your business.
And finally … don’t be surprised if you go to your IT department and find a form of BYOD already in use, iPads, smart phones or tablets may already be connected to your network, which belong to your senior executives or the IT team themselves. So, why not ask the IT team if they feel the use of these devices has help them improve their productivity? I bet you’ll be pleasantly surprised by the answer!