While there is no single, concrete formula for creating a bring-your-own-device (BYOD) strategy, IT administrators should ensure the plan is note solely focused on ownership or cost, according to Cisco Systems IT manager, Evan Parthenis.
For Parthenis, a BYOD strategy should be concerned with driving choice for employees and finding the appropriate mix of device ownership across the organisation, while balancing security with user experience.
But why BYOD in the first place? Between 2003 and 2008 Cisco was a company which only gave employees a couple of choices when it came to smartphones; either Blackberry or Nokia. Once Apple introduced the iPhone, Cisco was not ready to adopt the device; it could have introduced it immediately, but it would cost far more than it was willing to spend in order to supply one per employee. At the same time, it knew it would have to allow the technology into its network as employee-owned devices were becoming, for the first time, more powerful and appealing than corporate-owned products.
Parthenis said Cisco also recognised employees would be more productive if they were allowed to use their favourite product as they know how to operate them and enjoy the experience.
The Cisco BYOD story
In 2009, Cisco introduced a mobile BYOD mandate as a result of not only the cost of a device like the iPhone, but the GFC. As such, it opened the gates to iOS and Android but only for calendars, email and Wi-Fi, organising a deal with its telecommunications partners so employees could access better deals as it was no longer taking care of all costs.
2011 saw the introduction of Cisco's corporate product, AnyConnect, allowing trusted mobile phones and tablets into the corporate network. This was followed by the launch of the Cisco eStore in 2012 which offered access to corporate hardware, software and services; users had a central location for downloading tools on both personal and corporate devices.
The vendor's BYOD future will be concerned with Cloud services so it no longer has to worry about installing software on employee devices, or permanently leaving data on them.
BYOD: to survive, do the five
According to Parthenis, creating a BYOD strategy should begin with workforce segmentation in order to determine the who, what, where, why, and how. Segmentation is necessary because not all users operate equally, and therefore no single solution will fit an entire workforce.
He said Cisco created five user 'work style' categories as part of its strategy: workstation anchored, offsite external, local collaboration, remote worker, and highly mobile. These differ depending on the organisation.
The second step involved creating a service strategy which addresses devices, security, apps, content, and Cloud services. Again, this is not the method, but resembles Cisco's approach. The service strategy should be followed by a business case.
Parthenis said that while BYOD should not only be formulated by cost guidelines, IT administrators must understand total cost of ownership (TCO) (including security, hardware, programs, and so on), and present this to executive management.
The fourth phase involved defining the policy, as well as establishing a set of rules and guidelines to which employees must agree in order to have access to the network. Examples of this include allowing the employer to wipe devices remotely, access timeouts, and reporting.
The last element is developing a user support structure which identifies the resources in place for employees to utilise, and how these can be accessed. Again, this is a balancing act which negotiates between crucial information relating directly to the network (supplied by the employer), and non-corporate functions (to be resolved by the user).