Is Bring Your Own Device (BYOD) the next Cloud?

We have been researching a lot of technologies that support BYOD – thin client / VDI, network security and connectivity, mobility management and policy implementation just to name a few, on the back of our Citrix seminar at the fabulous MCA.  Researching is hard – every single vendor is trying to hook their product to the BYOD bandwagon, widely considered the next ‘cloud’, in that it is more a marketing phenomenon than an IT discipline.

The key finding was obvious; first state what you are trying to achieve.

Lots of the BYOD noise is simply an attempt by vendors and our friends in the technology journalism community to work with the hoopla around the simple reality of people bringing their own IT stuff to the office.  Yes, there are considerations around attaching these devices to the network without letting in the bad guys, letting critical data escape and without running up the mother of all support bills.  This is important stuff.  At the same time, if there is a clear statement of what a business is trying to achieve we can develop something that can work and set up a roadmap for success.

Some of the issues are:

What technology do we support? Do we limit the BYOD policy to smartphones or are Macbooks, personal laptops, slates and tablets and anything else that can be plugged into the network OK?  Who pays for the support, whether that is from IT or the employee spending time interfacing with your systems?

How do we manage security? If this device can log onto your network, how do we manage security?  Considerations include malware the device might introduce as well as information or network access that might be on or enabled by the device, if it falls into the wrong hands.  What happens if the next Facebook for iPhone has a security hole in it, which is used to access your network?

Who owns the data? It is pretty clear that a business owns its data.  It is clear that the employee owns their data.  What is not clear is what happens when the employee has your data on their property, how to get it back or what to do if corporate apps affect personal data.

How to police acceptable use on a personal device? Employers cannot police what employees do on their own assets in their own time, but the lines are blurred in BOYD.  Are there issues arising from someone accessing porn, gambling, controversial web resources or even looking for alternative employment on a work-related device?  If yes, how will this be managed?

Managing data. How is data transferred from corporate systems to personal systems?  How are changes and business critical or confidential information managed?  What happens when someone leaves your business?  What rights do you have to remove data from a personal device?

All this can be solved.  Most of this is solved by various vendor solutions; we have had multiple reps claim that a single vendor solution will be the ‘one ring to rule them all’.  We don’t believe that.

But if you want to get moving on some steps:

Aruba – we are confident that the best way to securely get devices on your network wirelessly, with good manageability and low maintenance is through Aruba Wireless. Amigopod can provide a web portal to allow zero IT involvement and ClearPass might be a rational way to manage access.  (and, enterprise wireless has a major advantage over the cheaper stuff – the hardware actually works all the time!).

Citrix – Citrix is the leader in virtualising applications and desktops.  Virtual sessions don’t leave any data behind, solving half the issues above, and make much of the policy development simple.  We hear an upcoming version will even allow “Apple gesture goodness” (thanks Phil, for that excellent description) on a virtualised app.

In any case our recommended first step: develop a plan – let’s call it a BYOD policy as well as updates to acceptable use policies and other relevant documents.


Let me know what you think. Is BYOD hype or reality? What are the aspects of this that trouble you?

Sean Murphy

Leave a Reply Text

Your email address will not be published. Required fields are marked *