Mobile productivity for your business. Freedom of choice for employees. Full security and control for IT.
Employee choice has become a cornerstone of modern IT strategy. By allowing people to choose the best devices for their needs, organizations can improve productivity, flexibility, and even job satisfaction. With the right strategy, IT can ensure the proper policies and technologies are in place to protect business information while reducing costs,providing a great user experience and secure device management.
Your strategy should enable your organization to:
- Empower people to choose their own devices to improve productivity, collaboration, and mobility.
- Protect sensitive information from loss and theft while addressing privacy, compliance, and risk-management mandates.
- Reduce costs and simplify management through self-service provisioning and automated management and monitoring.
- Simplify IT with a single comprehensive solution to manage and secure data, apps, and devices.
Here are 8 best practices for designing a strategy that combines simplicity for
employees with effective security, control, and secure device management for IT:
1. Choosing a policy
As mobility and consumerization continue to transform IT, there are several policies that combine freedom of choice with increased control for IT:
- Bring-your-own-device (BYOD): Lets people use personal devices for work.
- Choose-your-own-device (CYOD): Allows employees to choose a companyowned device from a small pool of devices to use for work purposes.
- Corporate-owned, personally enabled (COPE): Lets employees choose a company-owned device from an approved list and use their own apps as well as corporate apps on the device.
- Hybrid approach: A combination could be used to empower mobility in the right
way for different users and groups. For example, COPE could be used side-byside with CYOD or BYOD.
While the nuances of the policies can vary, they all share the most fundamental principles of unified endpoint management (UEM)—including their security implications. The main differences deal with cost and risk-management.
BYOD users pay for their own devices and data plans, sometimes with a partial or full stipend provided by the company. For COPE and CYOD, the company pays for the device and data usage. A BYOD policy may also need to address considerations beyond the scope of COPE and CYOD, such as whether employees should be paid overtime for checking email after hours or on weekends.
2. Eligibility and enrollment
Make it clear who is allowed to use personal devices, whether on an ad hoc basis to supplement a corporate endpoint, as a permanent replacement for a corporate device, or anything in between. This can be seen as a privilege to be earned, a response to employee demand, a requirement for certain types of roles, an excessive risk for some use cases, or most likely, a combination of these things.
One way to determine eligibility is to apply criteria, such as worker type, frequency of travel, performance, or the need for offline access to sensitive data. However eligibility is defined on a broad level, managers should always have final approval over which team members are appropriate candidates to receive a stipend.
Managers can also be advised to apply BYOD, COPE, or CYOD within the context of other departmental incentives, privileges, and disciplinary measures. Contractors are generally ideal candidates for BYOD. Many organizations already expect contractors to bring their own devices, and requiring them to do so aids independent contractor compliance.
3. Allowed devices
To avoid having an unmanageable diversity of devices, you can limit the type of mobile devices your company will support. The granularity of this policy will depend on your user requirements, security risks, and support resources. In general, the more granular your policy is in terms of device types, OS versions, and model numbers, the more resources you’ll need to adequately test and support the specified devices.
To maintain clear lines of ownership, BYOD participants should buy their personal devices through normal consumer channels rather than an organization’s purchasing department. You may want to make employee discounts available to them if covered under your corporate vendor relationships.
Some people may also want supplemental equipment, such as monitors or keyboards. Just be sure to specify who will procure and own each item.
Communication is vital to a successful implementation. Provide guidance to help people decide whether to participate and how to choose the right device for their needs. They should also understand how data can be accessed, used and stored, and the appropriate way to set up and use work-related accounts for unmanaged consumer apps and services.
Work and business data should be kept strictly segregated to support e-discovery requirements and data retention policies; similarly, work emails should never be sent from personal accounts. Acceptable use policies should apply the same way on BYO devices as they do on corporate devices.
It’s also important to provide a user adoption program to help participants get up and running. A welcome email with a link to a self-service portal can help people become more productive, more quickly.
5. Cost sharing
Reducing costs is one of the primary benefits of BYOD, in which people pay some or all the cost of various personal devices used for work. Companies that provide stipends typically offer in the range of 18 percent to 20 percent of the device’s cost.
Participants should be aware that any stipend is treated as income for tax purposes. In regions with higher personal income tax rates, you may want to increase the stipend accordingly to keep the net subsidy consistent for all participants.
If you choose to provide a subsidy, it should reflect the full participation lifespan of each individual. Subsidies should renew at a regular interval to ensure that personal devices don’t age beyond what would be expected for an enterprise device. If a participant leaves the company during a BYOD cycle, you may want to reclaim a portion of the stipend.
Keep in mind that cost sharing has implications when introducing your BYOD program to the organization. An all-at-once rollout can increase cost as people sign up—and claim their stipends—at all points in the endpoint refresh cycle.
Offering the program to people as they come to the end of their device lifecycle will spread out the impact. On the other hand, organizations that don’t offer a stipend can encourage full participation from day one.
Additionally, any BYOD policy, with or without cost-sharing, should be clear on who will pay for network access outside the corporate firewall, whether via a mobile network, public Wi-Fi, or home broadband.