Good Technology, Inc. Boyd Weinstein Adopting BYOD Strategy - Trends, Challenges and Solutions
advertisement
Adopting BYOD Strategy Trends, Challenges and Solutions Good Technology, Inc. April 17, 2012 Boyd Weinstein BYOD Mobile Security Evangelist 314.520.0133 boyd@good.com Agenda Today’s Agenda BYOD Trends, Challenges & Adoption Key Considerations, Policy, & Best Practices, Survey Results Security Risks Mobile Device Management & Mobile Data Management Strategies ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 2 “Coming to the Party?” Bring your own6 BYOB “Bring your own Beer” Personal device? Corporate device? 2 mobile devices? 3 mobile devices? BYOD “Bring your own Device” ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 3 Anyone talking BYOD? Google it6 Bring your own Device: 2,510,000 Hits Consumerization of IT: 1,700,000 Hits ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 4 IDC Report – March 29, 2012 “Nearly 1 Billion Smart Connected Devices Shipped in 2011. Shipments Expected to Double by 2016” ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 5 Changing Mobility Landscape From a homogeneous set of corporate-issued devices 6 A Changing Mobility Landscape The Consumerization of IT 6 To proliferation of personal devices with rich mobile OSs AND6. The IT-ization of the Consumer 6 and increasing demand for wide variety of Enterprise Apps ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 6 Forrester Study6 More than half of US information workers now pay for their smartphones and Monthly plans. Consumerization Drives Smartphone Proliferation Forrester Research Dec 2, 2011 ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 7 Mobility & Consumerization of devices State of the CIO Survey, CIO magazine, January 2012 Q: In your opinion, which of the following trends will have the most profound effect on the CIO role in the future? Mobility 28% Ubiquitous data (big data) 19% Technology as a service (cloud) Consumerization of desktop / devices 14% 30% Social Media/ Networking 10% 42% North America Central/South America Africa/ Middle East Europe Asia Pacific Technology as a service 30% 43% 46% 41% 37% Mobility 28% 14% 29% 14% 26% Ubiquitous data (big data) 19% 5% 17% 20% 14% Consumerization of desktop/devices 14% 5% 0% 15% 12% Social media 10% 33% 8% 10% 11% ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 8 Gartner’s Data Center Conference, São Paulo CIOs have to learn to lose control a little bit… and let it go. David Coyle, Research VP of IT operations, Gartner April 12, 2012 Survey Results: 88% of execs report BYOD happening 65% of C-Levels report that consumerization of IT is a top priority. 25% of IT budgets to manage IT consumerization. 60% of companies are now adapting IT infrastructure to accommodate employees’ personal technologies. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 9 CIO has a big responsibility6. To “Protect” & “Serve” The Balance: Allowing employees to use new expensive, small shiny objects for work Encourage flexibility & choice Great user experience. i.e. Don’t cripple device Don’t invade privacy - “avoid big brother approach” PROTECT CORPORATE DATA ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 10 End User Responsibility6 Users have to trust I.T. Only works if I.T. is not playing Big Brother Follow Policy Needs to be easy to do the right thing ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 11 Access to work data on personal devices ■ Users are used to ubiquitous access to personal data They are demanding the same ubiquitous access for work data ■ Users really want to access their work data on their own mobile devices They don’t want two devices They want to use the latest, cool, expensive mobile device ■ Potential win’s for all Save CapEx by not buying the devices Save OpEx by not paying for the data plans Make users productive & happy in the process ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 12 HOW to support BYOD vs. WHY support BYOD? “The How” - Tends to be immediate focus of I.T. What should our BYOD Policy be? What is our competition doing around BYOD? What are our peers doing around BYOD? “The Why” - Many reasons for BYOD adoption by companies Employee satisfaction Allow device choice Recruitment of young talent Increase of user mobile productivity Cost savings “The Why” – Drives the “How” ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 13 What are the mobility business objectives? At a Minimum: Maintain control over corporate data security Providing user experience that fosters happy & productive employees Examples of Key Business Objectives: 1. Reduce Mobile Spend Capitalize on passion for cool devices > no reimbursement 2. Boost productivity & worker mobility Recognize value of mobile connectivity > allows reimbursement 3. Device Choice Target company owned devices without having to pay for the “latest & greatest > Potential Reimbursement ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 14 Critical BYOD Considerations 1. 2. 3. Define Business Objectives Mobile Expansion Cost Reduction Define BYOD Program Elements Eligibility Enablement & Support Reimbursement (if any) Acceptable Use Privacy Policy Violations What devices should we support? What applications & data should be available? Should we reimburse, provide stipend? Should there be restrictions – data roaming? Do we reimburse even for after-hours? What’s our liability? What levels of support? Implement Supporting Solutions Device Management Self-Service Security, Data Loss, and Compliance ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 15 2011 Survey’s – Good’s largest 400 Customers Q4 2011 Survey Results: 72% already support BYOD model 19% are either considering or plan to support within next 6-12 months Only 9% had no plans to support Q1 2011 Survey Results: 60% already doing BYOD 30% planning to do it 6-12 months Already Support No definitive time-frame Plan to Support within Next 6-12 Months Considering, But No Specific Timeframe 10% not planning on it. No Plans to Support Source: Good Technology BYOD Surveys – Top 400 Customers ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 16 BYOD Support by Industry ■ Financial Services/Insurance, Healthcare & Professional Services leading BYOD ■ Local Government, Entertainment, Life Sciences – Slower to adopt ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 17 BYOD Company Size & Industry ■ The large Finance/Insurance and Healthcare companies dominate BYOD ■ Most info-driven orgs reap most benefit from BYOD ■ Good’s “containerization” approach addresses compliance & Security requirements ■ 77 percent modified their policies to support BYOD ■ 23 percent were able to accommodate BYOD without policy change ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 18 BYOD Support by Geography / Industry ■ Financial Services/Insurance, Legal, Manufacturing and Professional Services were the most likely to support BYOD in multiple countries. ■ Even with complex international privacy laws and the potential exposure to more variable roaming costs6 ■ 51.3 percent support BYOD programs in countries outside of the U.S. ■ 48.7% are limiting their programs to the U.S.. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 19 BYOD Costs for Employees 50% - employees cover all costs 25% - Stipend 20% - Expense 5% - Pay for Device only * Consistent with Forrester Study ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 20 Costs of Corp Devices – BYOD Savings Opportunity ■ $80/Month ($960/Year) Industry average cost for company device ■ Shifting costs to employees ■ 77% have been able to reduce company owned devices to 60% or less ■ 50% have been able to reduce company owned devices to 20% or less !! ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 21 Stipend Programs ■ Stipend = higher rates of mobile adoption ■ The majority = $61 a month or more ■ Next level = $41-50 a month.. ■ Variable stipend based on the user’s role and the company’s valuation of the mobile productivity benefit associated with that role. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 22 Expense Back Programs ■ Primary objective: Respond to user demand for more choice, but not necessarily to reduce costs or to increase overall mobility rates. ■ The majority = $61 a month or more ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 23 Good Technology BYOD Survey Report Key Findings Summary Highly Regulated Industries Embrace BYOD Big Companies Get BYOD Employees Are Willing to Pay for Personal Choice Offering BYOD Stipend, Increases Adoption BYOD Goes Global ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 24 Security is the primary concern I.T. responsibility: To Serve and Protect Tensions between: Security & Usability ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 25 Risks in today’s mobile environment Device Risk: Consumer-focused, limited security Inconsistent from one platform to next Explicitly designed to share & replicate data User-based Risk: Devices, apps used without IT knowledge They don’t comply with IT security policies For better or worse, “there’s an app for that!” Users purposely replicate data on device and in cloud (Dropbox, Evernote, etc.) Enterprise Risk: User passion for device choice and flexibility makes circumvention more likely Exposes organization to data breaches Prevents security policy consistency ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 26 Security Threats Grow Hacking / Cracking / External Exposure • Malicious Applications • Compromised (“Jailbroken”) devices • OS version vulnerability • AD credential vulnerability Spillage/Leakage • Home Backup • Published API’s • Cut/Copy/Paste • Dangers of VPN access • Backup to iCloud Google it! • iPhone Hack: 3M results • Android Hack: 17M results ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 27 Why is Risk Increasing? Securing Mobile Devices is re-defined MDM Device OS Device Consumer App Enterprise App Enterprise App 6 Enterprise App Tolerated Personal App Enterprise App 6 Today Controlled by IT Controlled by IT Enterprise App Less than 4 years agoI 6 MDM Device OS Device On-device data encryption and secure back-end connectivity remain essential$ but are not enough anymore to prevent data loss$ ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 28 Creates New Challenges Easy mobility combined with powerful consumer devices significantly increases the risk of unplanned exposure of company information. Four Architectural Approaches to Limit Business Risk on Consumer Smartphones and Tablets – Dec 2010, John Girard, Ken Dulaney Enterprises and government IT organizations are grappling with How do I secure non-Blackberry devices? How do I minimize data loss on consumer mobile devices? How do I support personally-owned and corporate issued devices costeffectively? How do I manage personally-owned devices while respecting employee privacy? ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 29 MDM Mobile Device Management vs. Mobile Data Management ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 30 April 2011 Magic Quadrant for Mobile DEVICE Management Source: Gartner Magic Quadrant for Mobile Device Management Software; Phillip Redman, John Girard, Leif-Olof Wallin; April 2011; G00211101 This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Good Technology. The Magic Quadrant is copyrighted 2011 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 31 Mobile DEVICE Management vs. Mobile DATA Management Corporate Liable Model BYOD or corp Liable Containerize and manage the application Manage the whole device Security and management policies can be restricted to the applications or applied to the entire device. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 32 Mobile DEVICE Mgt = Privacy challenges = Big Brother? MDM Profile Required Password required to open device Geo-location increase privacy issues Challenging for BYOD Not Required with Good ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 33 Mobile DEVICE Management = Wipe entire device Challenging for BYOD Not Required with Good ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 34 “Consumer based Devices” Smart Phones were created for consumers, not businesses!! But alsoI Address Book/ Calendar Cut/Copy/ Paste Corporate Data File App + More Consumer Apps Consumer and Prosumer Apps can consume/use data exposed in native and enterprise apps ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 35 Rise of Consumer Mobile Apps Increases Risk “There’s an app for that” Most popular business apps Document Handling Annotation/Notes/Memos Remote Desktop/Apps Remote Printing Web Conferencing Increases productivity, but also increases risk ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 36 Data Loss in 3 Easy Steps! 2 Random app ©2011 Good Technology, Inc. All Rights Reserved. 1 Company Confidential 3 37 Mobile Device Management to the Rescue? By nature, pure MDM solutions are not enough to prevent data loss. Turn off App Store / Marketplace? Not available on all platforms Intrusive for end users / personal devices Not practical for BYOD What about blacklisting or whitelisting? Not supported by all platforms No realistic way to maintain when 1,000s of new apps are developed every day Impossible to manage ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 38 Good respects user privacy with security Personal Area Secure Enterprise Container Email – Hotmail, Yahoo, Google Calendar – Personal, Google Travel Applications News Applications Navigation/Mapping Weather SMS/ MMS – Enabled Cut/Paste – Enabled between Apps Applications – Public App Store Security – Personal Control Web Browser – (Internet Only) Siri User Privacy is Paramount • Device Lock optional • Never wipe personal data • NO GPS required • No profile needed • No app store mgt needed • No Big Brother Watching ©2011 Good Technology, Inc. All Rights Reserved. Current Offering Email Calendar Contacts Intranet Access Enterprise App Store Secure & Managed Custom Apps In-line Security Controls 192-bit AES Encrypted Data Password protected Remote W ipe/Lock Jailbreak Detection OS Version Enforcement Connectivity Verification Good Version Check Application Trust Policy Diable Cut, Copy & Paste Disable Backup Recent Good customer comment: Future Secure Document Editing Instant Messaging “We are getting out of the phone management business” Company Confidential 39 User Experience: iOS, Android, Windows Phone 7 ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 40 Good for Enterprise – iPhone Personal subfolder access with ability to expand/collapse. Bulk move and delete email messages. Search email, sort email, message indicators, flag for follow-up. Sort/filter email by date, sender, subject, priority, unread and flag. Email signature, folder sync and Out of Office. Month view with agenda preview and busy meter. Calendar free/busy lookup, required/optional/resource. Add/edit recurring meetings. Show meeting as free / busy / tentative / out of office, mark meeting as private. Corporate Directory Lookup. ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 41 Good for Enterprise – iPad Landscape Mode Portrait Mode ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 42 Good for Enterprise – Android Personal subfolder access with ability to expand/collapse. Month view with agenda preview and busy meter Bulk move and delete email messages. Calendar free/busy lookup, required/optional/resource ©2011 Good Technology, Inc. All Rights Reserved. Search email, sort email, message indicators, flag for follow-up. Add/edit recurring meetings Sort/filter email by date, sender, subject, priority, unread and flag. Show meeting as free / busy / tentative / out of office, mark meeting as private Company Confidential Email signature, folder sync, Out of Office and more. Corporate Directory Lookup 43 Windows Phone 7 ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 44 3rd Party Applications Secured by Good Dynamics OK for Personal Use ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 45 Summary & Recommendations Embrace BYOD. The cat’s out of the bag. Employees happy to use personal device & willing to pay Focus on the “Why” BYOD, then “How” BYOD Company lowers mobility costs while increasing productivity Company ensures corporate data secure by separation No need to play “big brother” & manage (cripple) devices ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 46 More Information: Good Technology State of BYOD report http://www.good.com/resources/Good_Data_BYOD_2011.pdf Good Technology Policy Considerations report http://www.good.com/BYOD Good Technology Individual Liable Policy Report http://www.good.com/cut_costs/cut_costs.php ©2011 Good Technology, Inc. All Rights Reserved. Company Confidential 47 Thank you ! boyd@good.com
