Network managers are quickly learning that implementing a bring-your-own-device (BYOD) policy is about a lot more than authorizing email on iPhones and creating an SSID for employee-owned gadgets to access the Internet.
An effective BYOD policy starts with on-boarding devices and administering policy, but also requires ensuring networks can scale for applications, which requires collaboration across IT silos. At Interop 2012, IT practitioners and vendors explored what's in store for network managers who have opened this BYOD Pandora's Box.
Why BYOD? Enterprises can't stifle productivity
Network managers must get one thing straight: BYOD isn't about making mobile-savvy employees happy, but making them more productive.
Over the last 10 years, IT has struggled to keep up with end users, who have become increasingly sophisticated in their technology use. Their tablets and smartphones have features that can't be found at the office, and consumers are accustomed to document-sharing services like DropBox, among other advanced apps.
"I have a gentleman on my team who builds PowerPoints all day long, and then he does video editing. He said that his most productive workplace is at home," Cisco Systems director of industry marketing Joel Conover said during an Interop panel. "Most of the time when he is in the office, he remote desktops back to his machine at home."
The Richland School District in Washington has had 100 iPads float in with staff, both personal and district-owned, over the last four or five months, said Michael Leseberg, director of IT for the district, and another Interop panelist. "We’re a PC shop, and Apple is new to us. We have to be able to support it. We have devices in our network that are five to nine years old. Why not let them use [their iPads]?"
BYOD policy: Start with security
Security and policy are important first steps in a BYOD environment. Thirty-nine percent of companies have experienced a security breach due to employees using unauthorized devices, according to a recent survey by British Telecom of 2,000 enterprises in 11 countries.
Many vendors are marketing older technologies --like network access control and mobile device management -- as BYOD solutions, and these technologies do, in fact, have an important role. Infrastructure vendors, like Cisco, Aruba Networks, Juniper Networks, Enterasys Networks and Avaya, have assembled broader solutions that allow enterprises to combine access control with device fingerprinting and policy and identity management tools to simplify the process of on-boarding BYOD devices and applying granular policies to them.
Consider scale as part of BYOD policy implementation
Once devices are allowed secured access, network managers have to get ready for the flood of users and their hefty applications.
"Let's say you've solved [on-boarding and securing BYOD]. Now people will say, 'Oh, can I run SalesForce?' You solve security, and then performance and scale comes into play," said Sudheer Matta, senior director of product management at Juniper, another Interop BYOD panelist. "A biomedical department comes in and says, 'Hey, I had 1,000 infusion pumps show up on the dock. It's all Wi-Fi. That should work, right?' The next expectation is reliability and resiliency."
When it comes to performance and scale, BYOD requires "digging inside the enterprise infrastructure," said panelist Bob Egan, vice president of mobile strategy at consultancy Mobiquity.
BYOD means reaching beyond silos
Extensive infrastructure change for BYOD will require network professionals to collaborate with others across IT silos.
"If you're a network guy, you're thinking, 'Yuck, I don’t want to deal with applications.' But that's the problem with BYOD," Cisco's Conover said.
Mobility "cuts across the entire enterprise: identity and privacy, security and risk management, application architecture and development, mobile device management and data mobility," said Gartner research vice president Paul DeBeasi, an Interop panel moderator. "Mobility requires a lot of [cooperation] across many parts of the IT organization, but most organizations are too siloed."
Bringing these silos together will not be easy.
"How do you create policies and organize people when it seems that half the problem is technology and the other half is people?" said Egan. "You have security architects talking to application developers and someone in marketing. They don't even speak the same language."
Michael Wiley, networking engineering and operations manager for Google, said the company has gone about hiring people that specifically have mobility skills to bridge the disparate groups. Google is also developing an internal app store with approved productivity applications that employees can download onto their BYOD devices.
Can you avoid a BYOD policy? Some issue their own devices
More on BYOD policy
How to create a BYOD policy
Mobile device management for BYOD risk mitigation
Some enterprises are taking steps to maintain control by buying their employees devices rather than opening up their networks to anything users may want to bring into the office.
"This is not a democracy," said Interop panelist Mike Nielsen, director of solutions marketing at HP Networking. "It's about getting employees productive, based on the access they need. BYOD is not 'bring any device.' One of our customers didn't want to deal with BYOD. It bought 7,000 iPads for its employees. For those who wanted a keyboard with it, it gave them one. For those who wanted a mouse, they have fingers. It was cheaper to spend $7 million on that than to support BYOD."
However, this pre-emptive approach won't work for everyone. The consumer device market moves quickly. Today's iPad can quickly turn into yesterday's Palm Pilot. An enterprise can spend a lot of money if it tries to keep pace with whatever Santa Claus leaves in employees' stockings each Christmas. Some organizations have no choice but to embrace BYOD completely.
“Water cooler chatter 15 years ago used to be about what happened on Seinfeld. Now it's 'Look at what I’m doing on the enterprise network with my mobile device,'" said Mobiquity's Egan.
"I've spent 30 years in technology," said the director of IT for a 30,000-student university who spoke up during an Interop session. "I spent the first 20 years pushing technology on students. Now they are driving us, and any notion of us telling them what device to use would be suicide."
Let us know what you think about the story; email: Shamus McGillicuddy, News Director