BYOD - How to Manage a New Era of IT Support for Employee-Owned Mobile Devices (Q&A with Shahin Pirooz of CenterBeam, Inc.)

VSM: CenterBeam is a managed services provider that has been delivering cloud solutions for over a decade. One of your areas of specialty is endpoint management and security. How do you see the proliferation of mobile devices playing out in the enterprise?

SP: Bring Your Own Device (BYOD) is not a passing fad. It represents a distinct shift in the market and one that will continue to grow. There are two market factors in play that are accelerating the adoption of a BYOD strategy:

• Organizations want to encourage BYOD to reduce costs, and
• Employees want to use their preferred device(s) to improve productivity.

VSM: What are the implications for IT and end-user support?

SP: A BYOD strategy represents a huge challenge on multiple fronts. I would put them in three major categories:

1. Manageability – With the proliferation of different devices, operating system versions and features, a limited IT staff faces increased pressure to support and manage them in the enterprise. A complicating factor is that a majority of these devices are designed for consumers, and as a result, do not have enterprise requirements in mind. Therefore, IT must find ways to operate with a more limited degree of control over these devices than they have had in the past.
2. Security – There are significant security considerations, because, first and foremost, if the enterprise doesn’t own the device, its ability to manage and secure the device is limited. To prevent security breaches, the IT staff must define, deploy, socialize and maintain a security policy that protects business assets yet doesn’t alienate the user community. As an example, in 2010, according to Credant, 74.7 percent of the most commonly lost objects in airports were laptops, tablets and smartphones (37 percent were tablets and smartphones). There were over 11,000 devices lost while going through US airports. And compounding the issue: fifty-four percent of smartphones have no password protection. Because these types of devices are frequently lost, enterprise IT staff must be able to remotely manage them to protect sensitive corporate data.
3. Lifecycle Management – Technology is changing so quickly that keeping pace with new employee-owned mobile devices and their capabilities is a difficult task. The enterprise must stay on top of all of these changes and be able to integrate what is relevant into their BYOD strategy. And, from a tactical perspective, the enterprise must be able to contain corporate data on the mobile device, not only to secure it, but to ensure that when an employee leaves the company, pertinent enterprise data and applications can be effectively removed without impacting the individual’s personal information.

VSM: In your experience, what is the best approach to integrate mobile device management into the overall IT strategy?

SP: You need to take a holistic approach because, ultimately, a mobile device is just another type of end point – and you should treat it as such. Deploying any technology or strategy that treats them differently can be confusing and complicate end-point management. At the end of the day, these are all end points that must be secured and managed – and at any point, you should be able to see the security posture of a specific user, device or site, regardless of the technology being used.