Bring Your Own Device

BYOD can work, with some challenges

BYOD (Bring Your Own Device) can work for your users if you keep in mind some support challenges.

I have to admit that it can sometimes be tough to come up with new topics week after week. This was one such week until I perused my Twitter feed and saw some posts related to the "new" concept of Bring Your Own Device (BYOD). I then realized that I had an article that I could sink my teeth into because we've been doing BYOD for a very long time.

If you're unfamiliar with the term, BYOD refers to a concept by which employees bring their personal equipment to work and expect to be able to use it to achieve work goals. The concept has gained traction as smartphones become smarter, tablets become the norm, and Internet access becomes ubiquitous. Today, (almost) no matter where you are, you can have a hot spot at your disposal, connect to work using your iPad, and get a few things done.

Besides redefining the concept of "vacation," BYOD is also redefining what IT means to those CIOs who want to strictly manage the kinds of devices allowed in their organizations. Like virtualization, BYOD is a sort of abstraction layer that forces IT to think more about services and applications over hardware.

But, regardless of what you read, BYOD is far from a new concept. In fact, if you look around the higher ed world, BYOD has been around for a very long time. I started working in higher education in 1998, and at the time, we spent a lot of time at the beginning of each new term installing network adapters in both desktops and laptops and getting our students connected to the campus network so that they could access campus resources.

Obviously, a whole lot has changed since then. We no longer have to deploy teams of people to do hardware work on hundreds of student computers, for example. However, the basic concept remains the same. When looking at the entire environment, most of the equipment connected to the campus network belongs to other people, and our role is to facilitate that connection so that the user -- in this case, our student -- can accomplish his or her goals, whether those goals are academic or otherwise.

At the same time, we've never limited this kind of support to just students. At each of the colleges at which I've worked, a number of faculty members have felt more comfortable using their own computers rather than hardware provided by the college. In these cases, we don't simply turn faculty away; we make every reasonable effort that we can to provide support for these devices.

But, there are challenges. Here are some:

  • Licensing. Some of our software licenses have terms that allow us to install the software to machines not owned by the college. Other vendors restrict this and allow us to install only to college-owned machines. People don't always want to hear this, but that's one of the trade-offs that they have to accept. I fully expect this to change as BYOD goes more mainstream, but for now, that's reality. We're in the process of deploying an application virtualization solution that will alleviate this issue to a point.
  • Security. All student desktops and laptops are run through a campus system that verifies their health and compliance with policy before they are allowed to access the Internet. These policies aren't terrible; we require students to have current antivirus and to maintain Windows patch levels to a reasonable point. The system also means that all students have to authenticate in some way before they can use institutional resources. We have not yet extended this requirement to personal faculty machines; that's a bit more politically sensitive. However, that is an area we're exploring.
  • Device support limitations. When it comes to supporting people's personal devices, we can't be all things to all people. Bear in mind that BYOD is a voluntary service for us; we don't require it. Sure, students will always bring laptops, but faculty who wish to bring their own devices assume additional levels of support than their counterparts. If the device requires repair, they need to get it fixed on their own. If it's out of warranty, that's a personal cost that has to be assumed. That said, whenever possible and necessary, we'll provide the user with a loaner device until his or hers is fixed.
  • Policies. Clear policies are necessary to make sure that the IT department isn't simply overwhelmed. At Westminster, when looking at smartphones, for example, we've drawn the line at Activesync. If a device supports Activesync, we'll support it and help the user set it up. If, however, it doesn't, we'll provide the user with general server information and may help set it up, but we do so on a best-effort basis that doesn't carry with it any guarantees of success.

There are certainly new challenges in supporting many more faculty and staff in BYOD-mode than there were when it was just students, but it's basically an extension of an overall concept that has been present in higher ed for a long time. Just bear in mind that you have to set limits (manage expectations) and have decent security requirements, reasonable policies, and the willingness and ability to say no if or when things get to a point where they simply can't be supported in a way that makes any sense.

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

5 comments
AG4IT
AG4IT

To facilitate BYOD businesses must give employees easy but secure access to the organization's applications from various devices (including iPads, iPhones, Android devices and Chromebooks), while minimizing the intervention required by IT staff. An ideal solution for such a scenario is Ericom AccessNow, a pure HTML5 RDP client that enables remote users to connect to any RDP host, including Terminal Server (RDS Session Host), physical desktops or VDI virtual desktops ??? and run their applications and desktops in a browser. AccessNow works natively with Chrome, Safari, Internet Explorer (with Chrome Frame plug-in), Firefox and any other browser with HTML5 and WebSockets support. Concerned about security? Ericom AccessNow also provides an optional Secure Gateway component. This Gateway enables external clients to securely connect to internal resources using AccessNow without requiring a VPN. For more info, and to download a demo, visit: http://www.ericom.com/html5_rdp_client.asp?URL_ID=708

jheffner331
jheffner331

Interesting article but when you let those personal devices connect to any of your internal systems that may enable their ability to access private and/or confidential information, I sure hope you think about how secure the actual device is that now has some of that info stored on it. This is what is making the RIM vs. everyone else battle so interesting, Blackberry is the only company that truly has a secure device and an ability to "wipe" critical data from the device should it get lost or stolen.

andrew.riley
andrew.riley

An interesting article, from what I read, educational institutions have been doing this for a while and now it is becoming more of a pressure from execs in the private sector with the desire for tablets and smart-phones of their own choice to be able to be used for work rather than carry multiple devices. The key to this however is almost certainly going to be the limits. Where do you draw the line? In enterprise this is a line that is probably not going to be drawn based on what can reasonably be done with existing infrastructure and staff, but what is mandated by the very executives demanding the service, and this is likely to be where the problems will begin........we shall see.

wlportwashington
wlportwashington

We allow only a few items that the user can bring in to use instead of what we issue. Items like keyboards, monitors, mice/trackballs. Laptops or PC's are not allowed due to security. We tell them that we will not support the device and it is their responsibility if something happens to it.

ruby.otero
ruby.otero

yes its true! these CEO/COO/CIO guys are also using this devices to access info within the organization, but we also know that they are also the one who are in charge in policy in securing this data! so if that is the case its always the technical staff or IT staff are now suffering

Editor's Picks