The popularity of smartphone devices and tablets with employees is making a mark with more employees opting to use their own device at work. Bring-Your-Own-Device (BYOD) is an employee-driven movement that is transforming enterprise workspaces today. The use of these personal smartphones and tablets by employees at workplace is challenging organizations with the risk of data security. Organizations need to strike a balance between the benefits obtained by employees using their own mobile devices and the risks of data security.
A major driver for BYOD implementations in an organization is the increased productivity due to improved collaboration, which, in turn, results in increased employee satisfaction. The choice for the organization is to adopt BYOD right away, or get forced to adopt it over a period of time – it is not something that can be wished away and will hit every organization sooner or later.
For enterprises looking to set out on a journey towards BYOD, the following steps need to be taken systematically for successful rollout and high level of employee engagement:
1. Management Readiness Assessment: The foremost thing for a successful implementation of BYOD program is to get leadership support. Develop the business case and ensure that the CEO and his next line of leadership clearly understand the benefits of implementing the BYOD program. This leadership buy-in will ensure that the program is adopted without resistance and organization's resources are committed to the initiative. Calculate the ROI for supporting the BYOD program, this should include the cost associated with upgrading the existing infrastructure as required, to ensure that security is not compromised due to personal devices accessing company resources/ lost devices. Besides cost reduction the other strong drivers for the organization where BYOD delivers includes adoption of new technology for improved productivity with enhanced collaboration.
2. Define BYOD Program Charter: Clearly articulate a program charter including the desired goals and business values outcome expected from the program. A clear charter will ensure investments that are required from the business managers for a successful BYOD program. Develop a business justification with financial investments in network infrastructure, wireless services, mobile device management solutions, mobile application management software and security solutions that are required for implementing the program.
3. Create a BYOD Governing Council: The two main responsibilities of the council will be to articulate policies and ensure that the BYOD program is implemented smoothly. The council should clearly articulate policies governing the organization's BYOD program. It is important to include business unit heads, HR, legal and finance specialists as part of the council that develops the corporate BYOD policy.
Various aspects that the council must include in their recommendations include: Which employees are eligible and which ones are not, written agreements with employees for associated risks, which devices /OS/ OS version/ form factor, etc. shall be supported, appropriate usage of corporate data plans, method of reimbursement of cost of devices or cost of data plans, policies regarding wiping of personal/ corporate data in case of device loss, identification of features in tools to enforce these policies (e.g. Mobile Device Management –MDM, Mobile Application management - MAM platform), etc., separation of personal and corporate information on devices, guidelines on what actions to take in case of a security violation, helpdesk training. Ensure that the policies are country specific as it will have country specific tax implications for both organization and employees. Due to the rapid evolution of mobile technologies, the council must update these policies on a periodic basis and decide on the new ecosystems that need to be supported.
4. Create IT Process Group: The process groups must define the scope for implementation and action plan, a detailed project management plan must be developed to ensure smooth execution. The responsibilities for the group must include evaluating implementation requirements such as software upgrades, Wi-Fi access, MDM, MAM, license implications for mail access from employee-owned devices and other software tools etc. The team must negotiate price with the recommended network providers (carrier)/ device vendors to maximize the discounting of the device cost and data plans. Any tie-ups with providers (carrier)/ device vendors to reduce operational costs should also be widely publicized. Further, any hardware upgrades that may be necessitated due to the large number of additional devices that will access the organizational infrastructure must be evaluated as part of this program.
5. Assess, Choose and Ope-rationalize tools: BYOD program typically will require strong security solutions like network access control solutions, Wi-Fi routers, MDM solutions for organization wide personal devices management, MAM solution to provision apps on devices (like an app store within the enterprise) to and track which employees have got which apps on their respective devices. The operationalization will require adoption of thin clients, HTML5 for mobile application development and multiplatform application development environments. The help desk tools will also have to evolve. The helpdesk must be provided with diagnostics tools that are operating system independent. The helpdesk must maintain a list of manufacturers support phone numbers for quick reference to the employees. Tools to ensure containerization, i.e. separating enterprise data from personal data, need to be procured. Typically existing vendors offer three different containerization approaches like creating an encrypted space, secured app wrappers or mobile hypervisors.
6. Connecting Employee Devices: if the infrastructure is set in place, the employees can enter or exit the network using self-provisioning services. Some problems that may occur, which can be handled by the IT teams will need the installation and use of diagnostic tools to identify problems with network or devices. Guest management access must be provided without putting the network security at a risk for visitors.
7. Roll out Strategy for BYOD Program: The BYOD program must be implemented in a phased approach. Typically BYOD program should start with small groups of influencers where separation of personal data from corporate data is relatively easier and to determine the security concerns. Use these pilot programs to effectively put the appropriate mechanisms in place for an organization wide rollout. Working with smaller groups in the initial phases will limit the consequences of failed pilot projects. Also, if the pilot is successful, early momentum will help in organization-wide adoption by larger groups.
8. Effective Communication Plan and Post Deployment Support: The governing council should put a mechanism in place to motivate organization-wide participation for the program. Also in collaboration with the key stake holders, they need to develop and execute an effective communications plan. The organization should proactively communicate to the employees about the BYOD programs and recommend smart devices that will work effectively with the existing infrastructure to maximize the benefits with the existing systems. High quality help desk support is an absolute must requirement for a successful program.
Across organizations, management is under pressure to support and implement BYOD programs. The BYOD program carefully needs to balance the organization's requirements with the requirements of the employees. An effective BYOD program is about balancing employee satisfaction with the organization goals of keeping the business functioning effectively by managing the risks associated at an effective cost.
The article has been written by Dr. Prasad Ramanathan, Associate Vice President - Research & Innovation, iGATE and Ajit Mahajan, Senior Manager - Strategy and Research with Research & Innovation group of iGATE
No comments:
Post a Comment