You see a lot of employees bringing their own devices into the enterprise. This can be both good and bad. Ken Dulaney and Leslie Fiering talk about what you need to address if you allow employee owned devices in.
Prediction: Although 80% of enterprises will have employee owned devices connected to compamy networks by 2015, less than 50% will have up to date formal support policies.
Key Issues with employee owned technology
1. Why are you planning a Bring your own computer (BYOC) program
It’s about user demand. Let me bring the iphone in. Let me bring the ipad in. I am your boss……..
The next reason relates to the age of computers. Many companies scaled back their refresh cycles and companies now have older computers than what employees have at home.
Finally, users who are in demand won’t want to user your older computer so you may be forced to let them BYOC.
If you are going to do a BYOC program, then ask some questions:
- First, determine if you are in a cautionary environment. High security, legal and compliance, potential for PR fiasco, chaotic environments, no employee demand
- Will the program meet business goals
- Is your security and app infrastructure ready to support employee owned deviced. Is you network prepared. This is key. If you are ready, then you have gotten past the first critical juncture.
- Will the program help employee satisfaction
Plan
Use a managed diversity strategy to determine media tablet support levels. Define your device classes with trusted, tolerated, and unsanctioned. Then figure out what platform services, appliance services, and concierge service you will provide.
Platform support: if it’s a trusted device then provide full support.
Appliance Services: if it’s tolerated then give them access to the systems that are hardened. Email is a prime example of this. e.g. bring your hardware but we will only give you access to a subset of applications.
Concierge Services. track how much time and money you spend on all these items. Get the businesses to pay for your time spent supporting unsanctioned devices.
Best Practice: Implement dynamic access controls
Based it on your levels of support. Let trusted device reach a wide range of applications and networks. Scale back from there. You can start with email like MSFT ActiveSync. Go up from there. Remember that if you have to pass a security audit, these key steps from email to network access control to intelligent segmenting will be addressed.
Best Practice: Protect your data
You need to think about a way to prevent data leakage. a BYOC device will have personal data that could corrupt company data.
Best Practice: Manage your licensing
Can you pass an audit for the software your employees are using on their devices?
Best Practice: Use common sense enforcement
Figure out if users will have to wipe their devices on termination for example.
Tax and Accounting Ramifications
Think of tax implications. Do you need to provide funds and then gross it up to cover the extra taxes the employee must cover. If you provide a stipend, the same applies. If they are taxed 33% then you need to provide that much more to the employee. This will change in every country and state within the country. You must include HR, finance, and tax departments in setting this policy.
Great site. Lots of useful info here. I’m sending it to some friends ans also sharing in delicious. And certainly, thanks for your sweat!
It’s actually a great and helpful piece of info. I am glad that you shared this helpful information with us. Please keep us informed like this. Thanks for sharing.