Bring Your Own Device - Service Availability and Rollout - Case Study Example

MANAGEMENT REPORT By Name Course Instructor Institution City/State Date Table of Contents MANAGEMENT REPORT 1 Table of Contents 2 Introduction 3 BYOD Plan 4 Designing 6 Implementation and Administering 6 Permissible devices 7 Service Availability and Rollout 8 Cost sharing 9 Security and Compliance 10 Device support and maintenance 11 Conclusion 11 References 12 Management Report Introduction With mobility consumerisation, scores of business organisations are turning to programs such as Bring Your Own Device (BYOD), or a crossbreed approach that includes a BYOD program as well as deployed corporate-owned devices (Armando et al., 2014, p.48.). Therefore, by implementing a BYOD program, the Education Commission will permit staff access to organisational resources from anyplace; thus, heightening productivity as well as bringing about worker satisfaction. However, supporting diverse mobile platforms as well as securing staff-owned devices, can generate multifaceted issues for the information technology department. It is worth noting that organisations all over the world are persistently working towards boosting their workers’ flexibility, efficiency and productivity. For a number of IT executives, mobility has move up in the list of proprieties given that they are intensifying the commonness of mobility programs all through the organization. Still, they are challenged to acknowledge the considerable rise in the number of mobile devices utilised by the employees in the workplace (Rose, 2012, p.65). Workers are, on one hand, necessitating access from devices not just in the company, but as well further than the firewall with laptops, home PCs, tablets and smartphones. Risk management, on the other hand, posits that organisational information/data have to remain secured. The paper seeks to report on how BYOD should be designed, implemented and administered, and how BYOD should be best organized given comparable industry interest in this aspect of IT service delivery. BYOD Plan By and large, BYOD can be described as a strategy that permits persons to make use of their individual mobile devices, whether rarely, mostly or solely, for work (Leavitt, 2013, p.16). Presently, scores of organisations permit individuals to add-on their enterprise-owned system(s) with other devices such as laptops, home PCs, tablets and smartphones as required for best productivity, mobility and flexibility. Several have gone further and get rid of certain types of enterprise-owned device completely for qualified workers who rather desire to make use of their own devices; in a number of instances, a pay is offered to assist in settling the worker’s costs. Besides that, contractors are ever more needed to make use of their own devices instead of being offered with business-owned devices (Business-Backbon, 2014). Preferably, practices within the organisation that are rooted in BYOD have to be detailed in an official policy. The actuality as mentioned by Armando et al. (2014, p.52) is that scores of individuals have already brought their own mobile devices in the workplace, in spite of whether the corporation has an implemented BYOD policy. Statistically, the present average number of mobile devices that have connected to the corporate-owned network is five per skilled employee, four devices across all employees, and by 2020 this is projected to increase to roughly six devices. Partly, this reveals a change in the endpoint setting nature, given that the supremacy of conventional desktop computers offers a means to a broader scope of alternatives that allow people decide the appropriate combination of device size, performance, mobility, as well as weight for their individual reasons, regardless if it will be a Smartphone, tablet or laptop. So far, BYOD remains an unofficial practice for scores of organizations. Meanwhile, lack of a BYOD approach that is more rational has left the organisation vulnerable to risks from gaps created by security and compliance to increasing IT intricacy (White-House, 2012). Whereas consumerisation continues rising rapidly, the necessity for an inclusive BYOD strategy is clear, and the strategy must contain both technology as well as policy. In this case, from a technology point of view, the most palpable query will be how workers will manage to access business information and enterprise applications on their own mobile devices. Basically installing applications onto the device directly could elevate serious compliance, privacy, and security risks, support difficulties, issues with license management and limiting BYOD to devices that are Window-based; thus, leaving behind other customer devices from the plan. Scores of individuals have as well begun making use of unmanaged third-party application as well as Internet services for work; therefore, the IT department requires a way to manage and control this usage as well as stop these applications from bringing in security risks (White-House, 2012). For that reason, the perfect approach is to entirely allow device-independent computing by means of desktop virtualization as well as Windows applications, enterprise mobility management, as well as safe file sharing, affixed by remote support services as well as Internet collaboration (Citrix, 2012, p.4). By having this approach, the Commission’s IT department can offer most favourable freedom for workers while equally maintaining control and security. Workers will be able to securely access single-click to each of their mobile, SaaS, web, and Windows applications by means of an integrated application store through any network, on any mobile device, with one sign up and faultless session roving across devices, networks and locations. In this regard, IT department will gain quickly one control point to both de-provision and provision applications of any type, whether to offer novel resources or to discontinue access when it is no more required or suitable. Designing BYOD policies differ considerably in different organisations, and this relies on the organisation’s concerns as well as priorities, and so Education Commission BYOD policy should be designed in consultation with human resource, IT security, legal and finance teams. Besides that, the elements of a complete BYOD strategy should include: Technology and systems, whereby a self-service application store will offer integrated, protected access as well as single sign-on to Windows, custom, mobile, and web applications. Furthermore, enterprise mobility management will protect both the business information as well as mobile devices (Citrix, 2012, p.4). Another BYOD element should be Policies based on eligibility, permissible devices, availability of service, rollout, sharing of cost, security and compliance, as well as support in addition to maintenance. It is worth noting that a successful BYOD plan integrates simplicity for individuals with effectual security, management, as well as control for IT. Whereas the lure could be strong for the IT department to create certain policies for all imaginable scenarios, the actuality is that the majority of concerns may be solved through the use of only some uncomplicated, reliable principles (Citrix, 2012, p.5). The IT department must know how to provide workers with secure access to files, information, and applications equilibrated with role-established security, configuration and management of individually-owned devices so as to defend the corporation against non-compliant usage, data loss and threats. Implementation and Administering Notably, organizations have to give details about who within the organization are permitted to make use of personal devices so as to bolt-on the organisation’s endpoint, as a lasting substitution for the enterprise device. According to Business-Backbon (2014), this may be observed as an opportunity to be achieved, a reaction to worker’s claim, a necessity for certain forms of roles, an unwarranted threat for a number of use instances or, probably, a mixture of abovementioned things. In this case, to establish which employee is eligible for BYOD program, the organisation must employ a criterion like type of worker, travel frequency, productivity or if the person needs remote access to susceptible data. At the Commission, any person who is eligible to use laptop, tablet, or Smartphone should be allowed to take part and get the proper pay to substitute the organisation device, as longer as they have CEO’s and Director of the Information Systems Division approval. Still, eligibility should be defined broadly, and the CEO must at all times have last approval with regard to which members of the team are suitable candidates to use their own devices or integrate their device with that of organisation (Hayes & Kotwica, 2013, p.2). CEO must apply BYOD in the perspective of other departmental privileges, incentives, as well as punitive measures. Given that the organisation is planning to stop outsourcing, the Commission must allow employee to use their own devices, and but within the formulated BYOD policy. Permissible devices In a situation where applications are directly installed on endpoints, IT division must establish and order minimum operating system specifications as well as criteria specific for other devices. Basically, virtualization of desktop gets rid of such considerations by enabling full Windows applications and desktop operation on any type of device (Business-Backbon, 2014). Furthermore, with enterprise mobility management, the IT division will manage to manage as well as enrol any device, identify malicious devices as well as carry out a selective or full wiping of a device that is non-compliant, stolen, misplaced, or is owned by a departed worker actor. If the Commission approve BYOD approach, participants must be purchase their own devices by means of normal end user channels instead of Commission’s department .concerned with purchasing. This without doubt will assist in maintains clear ownership lines in addition to making sure those partakers have a direct connection with vendor of their hardware (Citrix, 2012, p.6). Even though, some organisation may desire to make discounts accessible for their workers, mainly for those covered under the organisation’s vendor-business relationships, a number of persons may desire to supplement their own mobile device. Service Availability and Rollout It is worth noting that, BYOD does not necessarily have to be nothing or all proposition, rather organisation must consider the exact services it desires to make accessible on individually-owned devices in addition to whether this strategy will be at variance with certain groups of work, types of device and user, as well as network used. For individuals desiring to directly install applications on their devices for their individual purpose, the Commission can consider providing discounts to the workers for Office Professional for PC and Mac by means of Microsoft Software Assurance (SA) (Citrix, 2012, p.6). In this way, licensing compliance will completely be responsibility of the employee and the organisation will for that reason steer clear of risk or legal responsibility for infringements. Immediately after designing the BYOD, the organisation must understand that communication is imperative to successfully implement the initiative. In this regard, workers will have to receive guidance so as to decide whether to take part and how to select the correct device. They must as well comprehend the liabilities that are associated with bringing their individual device, which includes how to access, use, and store data. Importantly, organisation and work data have to be strictly kept isolate on individually-owned device in order to support requirements for electronic-discovery as well as to support policies for data retention (He, 2013, p.382.). Correspondingly, work-based emails must by no means be sent from individual accounts. For that reason, policy for acceptable use must apply equally as they do on organisational; devices on individually-owned devices. Cost sharing BYOD will without doubt be beneficial to the Education Commission thanks to its cost reduction ability, whereby people are required to pay all or part of the expenditure of diverse devices utilised in the place of work. This is particularly factual in instances where an enterprise owned device will no more be offered. A survey conducted recently established that the most of organizations making use of BYOD approach compensate workers who utilize their personal devices for work-related undertakings, either in full or partly. Offering compensation may as well offer the Commission some power over consumerisation. Therefore, any BYOD policy, with or with no cost-sharing, must give details who must pay for access of network outside the organisational firewall, whether through home broadband, public Wi-Fi, or 3G. So if the organisation decides to offer a financial support, it must mirror the complete involvement duration of all individuals. Furthermore, financial supports have to be changed regularly, so as to make sure that individually-owned devices do not become old further than what could be anticipated for the corporate device. In case employees leave the organisation during the cycle of BYOD, they must repossess a percentage of the present stipend. At the Commission, workers who depart the program or organisation within 12 months of enrolling must be liable for paying back a pro-rated percentage of their stipend. Security and Compliance Scores of Chief Information Officers (CIOs) or Information Technology (IT) Directors are concerned that further IT consumerization will result in significantly heightened organisation risks. Basically, this is a logical worry, which has frequently been raised by customers looking for BYOD guidance. Whereas the direct applications’ installation on workers devices can heighten security risk, Citrix (2012, p.8) posits that BYOD program rooted in enterprise mobility management, will reduce any existing risk. Every organisation data should remain secure in the data-centre, existing only in the endpoint when completely essential. Therefore, in instances where information must dwell on the endpoint, it may be secured by means of remote wipe, encryption as well as isolation methods. Therefore, to stop ex-filtration, IT division should put policies into practice to stop printing or gaining access to customer-side storage space like USB storage and local drives. In this case, participants must as well make sure that anti-malware/antivirus software is properly updated or installed on their devices. The organisation must offer antivirus defence to workers taking part in the BYOD program for free of charge. Encryption as well as virtualization outside the firewall can alleviate the majority of the security vulnerabilities of 3G/4G, open wireless, Wired Equivalent Privacy (WEP) encryption, Wi-Fi, as well as other methods of consumer access. Capabilities of network security offer protection against and visibleness into external as well as internal mobile security threats such as non-compliant applications as well as blocking of rogue devices. In case a BYOD policy is infringed or BYOD partaker departs the company, IT division must have a means to end access instantaneously to apps and data. Device support and maintenance According to Rose (2012, p.67), a BYOD program time and again lessens the overall maintenance needed for all devices since the user is the owner also. Evidently, an individually-owned device is always taken care of more than the corporate-device. Having said that, the Commission’s BYOD policy will clearly clarify how different support and maintenance undertakings will be managed and funded. Therefore, when an individually-owned device has substituted an organisation system, there could be a high anticipation of IT support. However, this must be narrowly described to evade exposing IT division to significantly heightened workload as well as complexity. Consistent with the simplicity that will guide the Commission’s BYOD policy, the organisation should offer support also for anti-malware software, wireless connectivity, as well as the receiver client on individually-owned endpoints. Conclusion In conclusion, it has been argued that in the wake of consumerization, flexibility at place of work, cloud computing as well as mobility, BYOD will carry on changing the manner organizations’ as well as people work. The correct plan, facilitated through the delivery of on-demand information as well as applications to any mobile device, will: allow workers to decide their individual devices to enhance mobility, collaboration as well as productivity. When the Commission espouse BYOD, it will manage to shield vulnerable data from theft and loss whilst managing mandates for risk management, compliance and privacy. What’s more, BYOD will reduce costs as well as make management simpler by means of self-service provision as well as automated monitoring and management. Lastly, BYOD will make information technology simpler with one all-inclusive solution to protected devices, applications and data. References Armando, A., Costa, G., Verderame, L. & Merlo, A., 2014. Securing the "Bring Your Own Device" Paradigm. Computer, vol. 47, no. 6, pp.48 - 56. Business-Backbon, 2014. BYOD policies in the workplace: guidance for accountants. [Online] Available at: http://www.businessbackbone.co.uk/cloud-accounting-saas/byod-series-part-3-byod-policies [Accessed 19 September 2014]. Citrix, 2012. Best practices to make BYOD simple and secure: A guide to selecting technologies and developing policies for BYOD. White Paper. Fort Lauderdale, FL, USA: Citrix Citrix (NASDAQ:CTXS). Hayes, B. & Kotwica, K., 2013. Bring Your Own Device (BYOD) to Work: Trend Report. Boston: Newnes. He, W., 2013. A survey of security risks of mobile social media through blog mining and an extensive literature search. Information Management & Computer Security, vol. 21, no. 5, pp.381 - 400. Leavitt, N., 2013. Today's Mobile Security Requires a New Approach. Computer, vol. 46, no. 11, pp.16 - 19. Rose, C., 2012. BYOD: an examination of bring your own device in business. Review of business information systems, vol. 17, no. 2, pp.65 - 69. White-House, 2012. Bring Your Own Device. [Online] Available at: http://www.whitehouse.gov/digitalgov/bring-your-own-device [Accessed 19 September 2014]. Read More