Model Citizen: How Companies Like ISI & Cisco Manage BYOD In The Enterprise
We’ve been talking recently about the frequency of unified communications (UC) and unsanctioned apps making their way into the enterprise via bring-your-own-device (BYOD). We use the term BYOD loosely because the propagation of BYOD is often just the ability of the user to access work related materials from their own devices, and not exactly with the blessing of the enterprise. Unless your company has set forth an actual BYOD policy, this is probably happening and affecting costs, productivity and security adversely. To be proactive in the management of your employees and their usage, content and related expenses, here are some tips from the pros at Cisco and ISI.
USE IT OR LOSE IT
Take advantage of solutions and technologies you do have in the network already. Your wired, wireless and virtual private networks (VPN) should be used to connect while employees are in or out of the office. ISI’s employees that telecommute log into the VPN and use the available unified communications and collaboration tools, such as taking voice calls through the Cisco IP phones and soft phone client, as well as instant messaging with Jabber IM, and video with WebEx to interact or present, just as they would in the workplace.
Accepting BYOD into the enterprise can be a real cost saving measure. Depending on your company’s size, the capital expenditure on mobile phone equipment alone can be a very hefty investment. With BYOD, the company allows the employee to keep and use their personal device of their choice, while the company simply manages the mobile plans that are approved for the program. Users that are not eligible for program participation finance their own service plans saving the enterprise money. There may be a number of carriers involved—Cisco reports that they deal with 100 global carriers for some 30,000 company-paid service plans—so to best negotiate contracts, employees’ features options, etc., source experts in Telecom Expense Management (TEM) and mobile device management (MDM) to consult with or manage your accounts.
Early on, employee application use in the enterprise was like the Wild West—unruly and dangerous. It put enterprise data at risk mainly because enterprise was slow on the draw to put controls in place. Questions about data ownership even arose from the user agreements employees often sign before downloading an app. Cisco admits to using the devices’ operating systems’ native encryption to secure resting data like email and contacts. However, they also employ a third-party MDM solution (an e-store for provisioning services) to register devices and approve and deliver applications for usage. Access can be denied to devices out of compliance with the company security policy. Further, access to the company intranet is controlled by Cisco AnyConnect Secure Mobile Client, which is downloaded to the mobile device where the user is authenticated before log on. Data is also encrypted to deter any possible breaches. Web security and Email Security Appliances are also used to keep out malware, block spam, and other threats. What you see is the same security architecture being used inside (wired and wireless) and outside (BYOD) the enterprise.
When you include IT in the management of BYOD, you have the opportunity to gain more transparency into usage, costs, security and more. By gathering and reviewing metrics, you can see adoption rates, help desk cases, end user satisfaction, and user requests, in order to make policies that are useful, scalable and flexible for your users. Enterprises can use self-service portals so employees can search for solutions and download them, as needed, using active controls. Requests for access to any website can be screened prior to downloading malicious programs that slows productivity. Eliminating spam emails means less tedium for the employee to handle. All of the measures employed together are meant to increase user satisfaction and have done so, not only at ISI but Cisco as well.