LAS VEGAS -- Network administrators may never fully embrace the infamous bring your own device (BYOD) trend, but ignorance won't be bliss for any IT organization turning a blind eye to the so-called "new way of working." Implementing the right user policies and addressing security pitfalls can help ease the BYOD management burden for IT, according to a vendor keynote panel and at Interop 2014 in Las Vegas.
Representatives from Citrix, HP and Microsoft shared their own real-world experiences in coping with BYOD and new security controls within their own enterprises.
BYOD policies are not just about technology
BYOD is challenging IT pros universally because it is introducing the need for new policies in addition to technology changes, said panel moderator Susan Nunziata, director of editorial for UBM Tech. A major pain point for many enterprise IT teams is the disconnect between where IT stands with "BYOD acceptance" and what employees might be using -- without giving security a second thought.
We can't treat smartphones and tablets like they are different devices anymore -- they are just another part [of the] IT story now.
Brian Robison, principal technology evangelist of XenMobile for Citrix
End users are typically more advanced in the BYOD and consumerization "journeys" than their IT teams, said Mike Schutz, general manager of Windows server and management for Microsoft. That's not just limited to devices -- employees will use cloud-based tools and applications to help them get their jobs done faster.
"There is a huge discrepancy between what IT thinks is happening and what users will admit to doing," Schutz said.
Even though IT teams may still be slightly in the dark, it's no secret that employees will find ways to get their work done using whatever tool necessary. Businesses are now being tasked with the "human components" of BYOD, said Brian Robison, principal technology evangelist of XenMobile for Citrix.
"Our customers are having a lot of problems -- especially as it relates to HR," Robison said. Companies aren't sure where their rights as a company end and where their users' rights begin when personal devices are being used to access corporate data, he said.
But companies are pressed to figure this out since many are now providing stipends for personal devices, rather than buying and provisioning corporate phones and laptops for employees.
Enterprises must embrace the fact that BYOD is lowering equipment costs, while allowing their employees to be more reachable, said Brian Helman, director of IT for Salem State University in Massachusetts during his Bring-your-own-Everything session. "When [employees] go out, think about which phone they leave at home -- it's not their personal one," he said.
At Citrix, new employees are offered either a corporate-issued device or a fixed amount of money on their first paycheck to buy their own device and set up their office the way they'd like, Robison said.
"It's a really interesting program and is leading to a lot of user satisfaction because it's allowing us to live the work style we want," he said.
Microsoft doesn't buy user-selected technology for its employees yet. Instead, the company still issues corporate-owned devices and also has classes of "trusted devices" -- personal devices from certain users that are lightly managed and allow specific levels of access using mobile device management (MDM), Schutz said.
"The key was embracing the [BYOD] trend. IT gets really tired of saying no all the time, but it's really all about protecting the data and these containers allow us to make sure confidential data isn't going where it shouldn't," he said.
Corporate BYOD management: Actionable items for IT pros
IT may not need more "things" to manage, but there are tools that can help create single policies for users, as well as automate onboarding and the management of new devices across the enterprise wired and wireless network, said Steve Brar, manager of global product marketing for HP. "These tools can help keep costs down and ensure the experience for users," he said.
Simplification should be a critical part of many IT strategies going forward, while BYOD may prompt the need for additional IT training within some organizations, personal devices are just another endpoint and should be treated as such -- to some extent, Citrix's Robison said.
"We can't treat smartphones and tablets like they are different devices anymore -- they are just another part [of the] IT story now," he said. "We need to tie that management into our existing IT operations."
IT might have their work cut out for them, but users can help lessen the BYOD burden, Robison added.
"I've seen this done wrong hundreds of times -- involve your user community," he said. "If you don't involve them and show them what is available, they are going to do it anyway, so it's better to offer the solutions you have under control."