31 Replies Latest reply on Jun 1, 2014 7:46 PM by derekschauland

    BYOD, how does your company handle it ?

    recklessop

      Everywhere you look it seems as though people are seeing two things... "Cloud" and "BYOD". So lets talk about BYOD... or Buy Your Own Device or Bring Your Own Dollars... however you look at it my question is this...

       

      Does your company allow people to bring their own device yet ? If not do you plan to? And if you do... how do you present your corporate image to those people ?

       

      I think that a lot of companies are avoiding BYOD just because of all the possible headaches that could come with it, after all would your internal IT department support these devices ? And if not would your end users be smart enough to call the manufacturer for support ?

       

      And finally my last question is .... does your organization ever plan to make bringing your own device mandatory? Almost like asking a potential pizza delivery guy if he has his own car ?

       

      Personally I like the idea of bring your own device because i consider myself a "device snob".... which i guess i would equate to a beer or wine snob, in the sense that I like to have what I think is the best. So far however I have never had to use my own money for these devices as I have been lucky enough to request a certain model of laptop and then get it, but if it ever came down to accepting an inferior piece of hardware or spending my own money i think i would rather fork over the dough.

       

      I would love to hear your thoughts on the subject!

        • Re: BYOD, how does your company handle it ?
          matt.matheus

          Right now, we don't allow much BYOD.  Senior employees such as managers and directors are allowed to get their email on their personal phone, and a few have tablets that we've allowed to connect via VPN.  Many people have laptops that they use to connect from home, but nobody uses their own device while at work.  I think sometime in the near future, BYOD will become more prevalent, but there are still several things to be worked out.  We are still in the phase of deciding on a MDM solution, so perhaps within the next 2-3 years we'll have wider use of personal devices. 

           

          I can't ever imagine requiring someone to bring their own device.  It just feels wrong to require an employee to purchase something that is going to be used for business purposes.  I'm sure that there will be users who want to have their own devices, but for the rest of the users, company owned devices will do just fine.

          • Re: BYOD, how does your company handle it ?
            mikegrocket

            No. At the moment, I am a contractor for the Department of Defense, working in a secure area. There are absolutely no BYODs allowed and no plan for the future.

            • Re: BYOD, how does your company handle it ?
              Aforsythe

              I can't say that I'm much of a techn-junkie or "device snob" as recklessop put it, but if I had the time and money to put towards it, maybe I would be.

               

              I know that every company I've worked for has provided these devices as I mentioned in the on-call post a month or so ago, I've never owned a personal cell phone because I've always had a company provided phone and now they are company provided smart phones.

               

              I will say that as a privately owned company, some employees do work from home, on personal devices and in some cases our IT team is required to support those devices and sometimes it is challenging.

              Our employees are also required to keep their smart phones and other personal computing devices out of certain areas for security reasons, so they will never be "globally" allowed.

               

              I'll agree with Matt too, that I don't agree with requiring employees to purchase a specific device or type of device (IE: Smart phone or even a cell phone).

               

              But not too long ago, an argument that was put to me, was this:

               

              For many entry level positions, transportation to and from work is a key requirement that you need to agree to have. While termination for the lack thereof doesn't always happen directly, it does happen indirectly as a result of attendance issues in many cases when you fail to posess that transportation. Take it a step futher for a pizza delivery job and now you are requiring in many cases that the employee provides a relatively expensive device required for business purposes. The justification is that the device you are requiring (a vehicle) is common enough that most people will have one. Cell phones are no different and smart phones are becomming just as common.

               

              Again, I don't really agree to that mentality. I've remoted in on my own devices quite a bit over the years, but would not want to be required to do so. I beleive I permanently sold my current employer on that concept when he called me on a Saturday while I was on the road over 800 miles from the office with an e-mail problem over VPN and I had his problem resolved within 15 minutes remoting in via iPhone. Had I only been required to posess a cell phone and not a smart phone which was the original proposition, that scenario would have gone completely different.

              • Re: BYOD, how does your company handle it ?
                Webbster

                My employer does allow people to BYOD but they are limited to connecting to our guest WAP and allowed to check personal e-mail, surf during lunch and breaks and to stream music. No company business is conducted on a BYOD and no personal business is conducted on company equipment.

                • Re: BYOD, how does your company handle it ?
                  mdriskell

                  BYOD is handled by one of two methods.  Citrix Reciever access only on your mobile device so no actual data is stored.  Or your phone/tablet must be registered to our security software which installs a custom email app that encrypts the data and then provides the ability to do a remote wipe of that data.

                   

                  I choose to utilize a work provided smartphone and just carry two devices as I like to keep their data separate from my personal equipment.

                    • Re: BYOD, how does your company handle it ?
                      Aforsythe

                      Mike brings up a good point, I'm not sure about every company, but so far the rules have always been: "You may use this device for personal business, but there should be no expectation of privacy".

                       

                      I've also seen colleagues lose their device due to "abuse", IE data overage charges, international calls, etc..

                       


                    • Re: BYOD, how does your company handle it ?
                      superfly99

                      We allow people to bring in their own tablets and smart phones. They can connect to the internal wireless. They use them to surf the web and read their work emails. But these devices are not (officially) supported by IT.

                       

                      I'm not a "device snob". I've been working in IT since 1989 and have always been given the tools I need to do my job. So nowadays I have a work supplied desktop, laptop and iPhone. I'm not really interested in the latest gadgets etc as long as what they give me, will allow me to do my job.

                       

                      I finally bought my first computer ever late last year! It was an old one from work for $50. I have always had a home machine but it was company supplied. They've now pulled the pin on the home machine (cause I have a laptop) so I bought a second hand one for my wife. Kids are still youngish but I will buy something second hand from work for them soon.

                      • Re: BYOD, how does your company handle it ?
                        byrona

                        Our company supports limited BYOD which are only allowed to access our network via our public wireless network.  I think I would prefer to purchase the device of my choice as well because the devices provided to us by the company are rather low quality and low power.  Fortnately I am able to purchase my own keyboard and mouse which is probably what I am most picky about.

                         

                        It seems reasonable that a company could easily support a BYOD model so long as they laid out a set of standards that a device would need to meet such as Anti-virus, etc and made all devices connect through a firewall with some of the more advanced security features.

                        • Re: BYOD, how does your company handle it ?
                          avnishb

                          Our company does allow BYOD to a limited scope. We do have a guest wireless SSID where all the BYOD devices can connect and get corporate email and other general web browsing but other access to the corporate resources is not allowed. We are planning to deploy Citrix for all the BYOD devices to access corporate resources and in the next couple of years we would deploy a much more elaborate self sign-on platform that will allows both employees and guests access to the network resources using BYOD.

                          • Re: BYOD, how does your company handle it ?
                            jswiss8608

                            We currently have all BYOD here for phones.  Everyone uses their own devices, so I have a broad range of devices to support.  We have different flavors of android, iPhone, and Blackberry right now.  May even have a few windows phones coming into the landscape soon.  I manage the phones through our Office 365 portal right now, but I am waiting for Spicework's MDM to test that out.  I require everyone to carry a password on their mobile devices, or at the very least a long pin code.  It has worked out well for us so far (knock on wood).

                            • Re: BYOD, how does your company handle it ?
                              planglois

                              Most of my clients did not embrace the "Bring Your Own Danger" wave, except for the internet guest access...

                              • Re: BYOD, how does your company handle it ?
                                UKTonyK

                                We are in the process of implementing this in a small way. By allowing certain pre-approved devices to be able to access Email and the Intranet via a secured application running on the device. Ultimately we are looking at having dedicated mobile applications that our remote workers can use as part of their job, which will also reside in the secured part of the phone. We make the user sign all sorts of disclaimers regarding the company having access to delete stuff from their phone, it not allowed to be rooted, it having to be up to date OS wise etc.

                                • Re: BYOD, how does your company handle it ?
                                  dougeria

                                  My  company is walking a thin line.  There is little security preventing something catastrophic from happening.  It is all unsettling.  We were hit with a virus late last year.  When will the next one hit?

                                  • Re: BYOD, how does your company handle it ?
                                    Aaron Denning

                                    the most we do right now is you can have company email on your personal smartphone.

                                    • Re: BYOD, how does your company handle it ?
                                      michael2907

                                      We do have a few various users with limited network access from their devices. Beyond that, most of our users just get on a limited guest network that we can control. I've also explored certain management systems like Meraki's free utility, but we don't really have any true need for that much control....yet. With that said, in time I'm sure that we'll have to do some more in-depth exploration of solutions.

                                      • Re: BYOD, how does your company handle it ?
                                        jspanitz

                                        Personal opinion - BYOD is a nightmare and a major waste of time and resources.

                                         

                                        That said, we currently allow very limited BYOD.  We are just in the beginning stages of allowing more via Forescout CounterACT and an as yet undecided MDM (MaaS 360 or Tivoli Endpoint Manager).

                                        • Re: BYOD, how does your company handle it ?
                                          mark88

                                          Working for a national charity - we allow BYOD for email (Activesync/OWA) and Citrix (XenApp/XenDesktop) which works well.  Think we'll see more of this going forward.

                                          • Re: BYOD, how does your company handle it ?
                                            citp

                                            At the moment, we allow small BYOD (mobiles, tablets, etc) to connect to our e-mail server and currently investigating VDI for larger BYOD (laptops, etc...) for the standard work desktop.

                                            • Re: BYOD, how does your company handle it ?
                                              ElevenB2003

                                              At my previous organization I was the lead on a very large wireless project that was really driven by BYOD (K-12 School District).  We utilized a Cisco 5508 WLAN controllers and 3602 AP's to provide coverage for just over 7,000 students and their devices (Some with 3 or more). We designed a "Guest" and "Student" network that would allow access to the web, would pass through a required content filter, and the devices could not communicate with one another.  This network was also designed to be used by the public and community members who utilized these public school buildings for many community events and school events (Sports, theater, ect).  As part of the design, we decided not to require any "Guest" software or "Guest" passcodes and left the networks unsecured (Since the clients didn't touch any internal resources and couldn't talk to each other, if a device came on infected or got infected while it was on the web, it wasn't going to affect anyone else's device). This eliminated a huge management issue for us - is a "Guest" network really usable and open if you always need a password to connect anyway?

                                               

                                              Our biggest issue was access to internal resources, but since all students were utilizing Google Apps (Gmail, Drive, ect), required access to internal or intranet resources was very limited.  For staff, they had organization owned and controlled equipment and were allowed on the secure network to gain access to internal resources and allowed to use their personal devices for Google Apps as well.  Also, we provided VMWare View desktops to select users who only wished to use their personal devices.

                                              • Re: BYOD, how does your company handle it ?
                                                nivin.js

                                                According to me BYOD is an excellent idea. From the company's perspective, it reduced the maintenance cost considerably. It also reduced the work stress of professionals. But we must consider one thing that it is not a good idea for non technical users.

                                                • Re: BYOD, how does your company handle it ?
                                                  casolver

                                                  We hand out devices to most IT consultants that enter our environment, but for all other visitors they can hop on the guest wireless as most don't need access to the company network. It doesn't work that well, as some guests want to print sometimes and the guest wireless doesn't have that ability. Handing our device is also a tough as we still haven't got imaging a PC down yet. Reading other post here, I may take a few pointers away from this.

                                                  • Re: BYOD, how does your company handle it ?
                                                    sevier.toby

                                                    We allow all devices to connect to Guest Wireless only.  No plugs.  A small school district here locally bought some snazzy WAPs to identify devices carried by students to prove to management that every kid walking into the school building has a smartphone/tablet/laptop and that the district doesn't need to invest in devices since all students already have devices.  Using skill and trickery, he pushed this through management and implemented a full BYOD in the classrooms.  Effectively eliminating the entire data center except for a DC to run AD and a bunch of Google Chromebooks.  every roadblock presented he found a solution in the Google App store.  This is full on balls out BYOD.  Not my cup of tea though, not a fan of MDM and would rather assign devices so I can control them.

                                                    • Re: BYOD, how does your company handle it ?
                                                      quinn

                                                      We allow all BYOD's to connect to Guest Wireless only. We throttle the WiFi for the Guest_BYOD to 5mb and do not allow access to web based email, video streaming etc.. We do not allow users to have personal laptops or tablets, only smartphones in the building..

                                                      • Re: BYOD, how does your company handle it ?
                                                        esther

                                                        We do allow all staff BYOD with the necessary restrictions....

                                                        • Re: BYOD, how does your company handle it ?
                                                          familyofcrowes

                                                          We use separate SSID'd to handle these devices, but they still need to VPN in to get all the resources....  Hence, the product needs to be evaluated before it just hops on the production network...

                                                          Thank God for UDT!!!!

                                                          • Re: BYOD, how does your company handle it ?
                                                            familyofcrowes

                                                            I do not see anyone talking about NAC as thier solution to BYOD....  Remember when that was the panacea? (at least the marketing said it was)

                                                            • Re: BYOD, how does your company handle it ?
                                                              phoneman7

                                                              Does your company allow people to bring their own device yet ? If not do you plan to? And if you do... how do you present your corporate image to those people ?

                                                               

                                                              Currently my company does not allow BYOD, they do however allow corporately purchased iPhones and iPads.  There are currently no plans to allow any other type of device.  That being said, we do broadcast a guest wireless network as well and it can be utilized by true guests, vendors, etc. it has web authentication with credentials that are created by our help desk that they create per user and expire at a maximum of 8 hours later.  We ended up using lightweight access points, wireless LAN controllers and  identity services engines.  We have one corporate SSID boradcast and based on what device you connect with, that determines whether you get onto the corporate network or switched out locally to DSL or a cable modem (depends on what that site has).  Other devices are kept out based on what they get profiled as and then credentials are run against an active directory group or an internal store.

                                                               

                                                              I think that a lot of companies are avoiding BYOD just because of all the possible headaches that could come with it, after all would your internal IT department support these devices ? And if not would your end users be smart enough to call the manufacturer for support ?


                                                              The headaches are tremendous with users.  Our help desk and PC techs support the devices to an extent and then refer them to a 3rd party company that we have our cell contract through for anything they can't solve.


                                                              And finally my last question is .... does your organization ever plan to make bringing your own device mandatory?


                                                              No, they don't allow  the majority of devices as it is.  We do have the equipment and network to support it, everyone could be authenticated through an active directory group, etc. to make sure it is secure, but they are afraid that users will be doing more online socializing than work and that plant worked will be hiding out and playing games.  I have even been approached by plants that want to see if they can get cell signal blockers installed into their locations to stop the current things people are doing over 3g and 4g.



                                                              • Re: BYOD, how does your company handle it ?
                                                                enzom

                                                                In our company we are only allowed to use our devices during break time or not working.

                                                                • Re: BYOD, how does your company handle it ?
                                                                  derekschauland

                                                                  Handle it?  Hmm... we put up a guest SSID and that pretty much does it.  The only services available to the general populous is mail and if they know how to use / operate the device (or sign pay checks) configuring the device to receive mail is about all that happens.  The biggest deterrent I suppose would be the leash of email once added to the personal phone.  So we don't really manage it in the BYOD sense, but they arent outlawed either.