There is a continuing trend toward employees wanting to use their personal smartphones, tablets, and other devices in their work environment, and senior IT managers who formerly ignored the trend are now finding they no longer can. As one person recently put it, “Almost every company is doing BYOD–it’s just that some of them don’t know it.”
Once the decision to develop a BYOD/Mobility plan is made, the question turns to designing the correct architecture. To get the architecture right, it helps to think of the necessary functions as a stack:
1. Infrastructure – Do I have all the necessary components for devices to connect to the network?
2. Access Control – How will I grant and deny access to the network? What criteria will be used? Do I integrate that with Active Directory, and if so, how?
3. Device Management – What degree of control should IT have over the employee’s device? How do we eliminate company data on the device once the employee is no longer with the company?
4. Provisioning – How do we register devices? How do we associate devices to the users who own them?
I am disappointed by the number of clients who think that an MDM like Airwatch is all they need for BYOD. That’s like saying bread is all you need for a sandwich; it’s essential, yes, but not all that is necessary. MDM’s are great for controlling the device (#3), but they affect very little when it comes to the network (#2). To get BYOD right the first time, all of the areas above need to be addressed.