BYOD: Short Term Fix or Long-term Value?
Driven by user demand, mobile devices are becoming an extension of our IT infrastructure and workplace. And, why not? They bolster productivity by enabling employees the flexibility to work anywhere, anytime, and in real time.
Organizations all across government are responding, from the White House releasing its Bring Your Own Device (BYOD) tool kit to many agencies kicking off their own pilot programs, there is no doubt that mobility is integral to nearly every agency’s IT plans.
Anil Karmel, Deputy CIO for the National Nuclear Security Administration (NNSA) under the Department of Energy (DoE) recently commented that BYOD is all about balancing security and functionality. He discusses his interests in using mobile solutions to enhance productivity in the workplace. Similarly, Kimberly Hancher, CIO of the Equal Employment Opportunity Commission (EEOC) launched a BYOD pilot program that is featured in the White House tool kit, but her goal was to address urgent IT budget challenges and leverage mobile solutions to achieve significant savings while enhancing employee productivity.
In a similar situation, Major General Robert E. Wheeler, Deputy Chief Information Officer for Command, Control, Communication and Computers and Information Infrastructure, at the U.S. Department of Defense (DoD), keynote for the Mobile Work Exchange event, stated there are more than 70 pilot programs in development to ensure that the DoD’s mobility efforts will be reliable, flexible and keep pace with the rapid evolution of new device technology and applications.
Mobility definitely ranks near the top of the Federal IT priority list. But, for many of our customers we are finding that demand is driving adoption before technical and operational considerations are completely thought through. This approach often leads to security issues, excess costs and lost opportunity to fully leverage mobility in a strategic mission-centric way.
Before you jump on the BYOD bandwagon, consider following these steps to ensure that your program will support secure mobility today as well as create a springboard for long-term value.
Set a strategic plan. Start by considering how mobility can help your employees do their jobs better and forward your mission. Determine how devices will be used, what type will be needed and who will use them. Once this is done, a strategic plan will naturally fall into place and drive decisions on everything from policies, to devices platforms and apps, to network needs and security tools.
Establish ownership and policies. To reign in the Wild West tendencies of BYOD, you will need to establish rules for users. The most important parameter — who will own the device and hold the responsibility for maintenance and usage costs? Policies should also be set for acceptable device platforms, required security protocols, data plans and apps.
Evaluate your current network. Each agency has a different structure. You must consider if yours can securely deliver the desired capabilities to all of the intended users. Will devices be voice enabled only, or will they transmit video? Will they be dual mode to handle both data and cellular? Will virtual desktops be an option? How will these factors impact the current network and security strategy as well as refresh plans?
Develop contextual awareness. In most cases by implementing network access control (NAC) solutions you can to see what device is connecting into the network, where are they connecting from, what are they connecting to and what vulnerabilities may be exploited. Additionally, for each device that is connected, what are the restrictions on access?
Develop a secure agency app store. Some public apps can bolster productivity, but also represent a security risk. By setting up your own private app store, your users can select from a variety of agency pre-approved public apps from a secure location. Legacy apps can also be ported over to the app store making mission-essential items for mobile users. It is even possible to virtualize devices and segregate personally downloaded apps from work apps.
Create a marriage. Once you have an understanding of how BYOD will empower your users, forward your mission and work within your infrastructure, you can successful outline a program that will marry together the right secure technologies to deliver long term value.