igor - Fotolia

Get started Bring yourself up to speed with our introductory content.

Establish BYOD guidelines for every step of your mobile initiative

BYOD is becoming increasingly more complicated as more devices enter the enterprise. Establish policies that can manage the BYOD lifecycle from start to finish.

BYOD can’t just happen. It takes careful consideration of the policies that will define acceptable use for mobile employees.

Through bring your own device (BYOD) policies, IT has to manage every aspect of the BYOD lifecycle. That lifecycle is quickly becoming such a tangle of security, compliance and performance concerns that it can be difficult to know who should be involved with what. Establishing guidelines for each stage of BYOD deployment, management and monitoring can help you simplify the journey.

As procedures for supporting enterprise mobility have become more complex, the BYOD lifecycle has become more complicated as well. To get the most from mobile device management (MDM), mobile application management (MAM), mobile information management (MIM) and enterprise mobility management (EMM) systems, the policies you create should support as many aspects of the BYOD lifecycle as possible.

First steps in the BYOD lifecycle

The BYOD lifecycle has many stages and involves multiple business roles. It starts with defining acceptable use, security and management policies, which is the responsibility of business data and application owners working with systems administrators and security professionals. These policies should reflect known risks and security priorities.

Software developers must then wrap existing apps to meet those policies and ensure that new apps meet the company’s BYOD guidelines. After that, the developers should collaborate with the BYOD administrators responsible for maintaining the enterprise repository of approved apps.

The next step in the BYOD lifecycle is deploying the management software, server and console. Part of that implementation should involve employees registering their devices using a self-service portal. Employees are also usually responsible for unregistering devices that are no longer used to access enterprise data or applications.

On the IT side, admins must maintain a repository of applications for employee use and keep lists of applications and websites that are allowed and disallowed. They should also conduct reporting and compliance activities, such as generating inventory and software update reports, plus verifying user device registration and authorizations.

In enterprise environments, many of these stages occur frequently, at least after initial installation and deployment. Operations such as reporting and app repository management are ongoing. Employees will continually add and remove devices from use. It is not surprising that MDM is as dynamic a challenge as any in IT operations.

Going beyond BYOD

While mobility in the enterprise is often discussed in terms of MDM, MAM and MIM, BYOD is just one facet of the evolving IT infrastructure landscape. Endpoints now include a range of devices, from desktops and laptops to smartphones and tablets. Data follows devices. What might have been stored on an employee's physical desktop a decade ago is now synchronized and replicated across multiple devices as well as the cloud.

Management practices are evolving too. They are becoming less device-centric and more data-centric. Application security is still important, but any data that can be copied and pasted from one application to another is at risk. We count on individuals to consider the risks of using storage services in the cloud. Although few might expect employees to read and understand the legal ramifications of the agreements many of us readily accept, we all have to exercise caution when sharing documents in cloud-based services.

BYOD is here to stay. Fortunately, we have the tools and practices we need to balance the expectations of employees who use personal devices for work with the needs of enterprises to protect their information assets.

Next Steps

Pros and cons of a BYOD deployment

Maintain security with BYOD

Keys to building a BYOD program

This was last published in March 2015

Dig Deeper on Windows mobile device management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

6 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What do you think is the most important aspect of an effective BYOD policy?
Cancel
I think that the business also has to establish the scope of control that they expect to maintain over the device as part of the acceptable use, security, and management policies. If these expectations are not set at the start of the BYOD experience, then users can start to chafe a bit as they go from the “wild west” to a more controlled environment.
Cancel
For me, it all comes down to being specific on which devices can (and also cannot) be used with an organization's network/security system. If that's not clear from the beginning, a company will struggle with how to handle its BYOD policy. 
Cancel
Simplicity and consistency are important. Our organization only allows Android devices. Our IT department has established a strict security policy for all devices at work using double authentication having a mandatory password along with using an RSA security device. Our IT department also gives strict instructions to only download apps from trusted sites with access only to those website locations.
Cancel
If the employees are using a BYOD policy, there needs to be a clear line as to what is OK for company use and what is not, and what security requirements are to be followed. that has to be explained up front, and then an opt in/out in place. I personally don't like offering up my own device and then being told after the fact what I can or can't do with it.
Cancel
Even though mobile accessibility to enterprise is assured, I still worry about BYOV (Bring Your Own Virus) plus associated integration problems of app to organization!
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close