Addressing the BYOD
Management Gap: the evolution
of enterprise mobility
Richard Absalom, Analyst, Consumer Impact Technology
richard.absalom@ovum.com
November 2012
1
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum’s consumerization practice: every employee is a
consumer
Consumer
as
Connected
Customer
Consumer
as
Protagonist
2
Consumer
as
Employee
The employee brings
consumer technology
into the workplace as a
preferred tool: “Bring
Your Own Device”
(BYOD) is a key trend
Consumer
as System
Component
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
What’s behind consumerization? Apple and Google’s
consumer market focus creates the “BYOD Gap”
Employee demographics
BYOD Gap
Actual point of
enterprise entry
Mobile device
adoption curve
Normal point of
enterprise entry
Early
adopters
3
Rate of adoption
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda

How big is BYOD, and what are employees really doing with
both personal and corporate-provisioned devices?
 Key findings from Ovum’s BYOD-focused multi-market
employee survey
4

Trends in BYOD management

Recommendations for corporate mobility policies

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD (smartphone and tablet) by country – 57.1% of Full
Time Employees use their personal smartphone or tablet
for work in some capacity (ex. SMS / calls)
% of survey respondents by country
% who BYOD (not including calls/SMS)
100%
90%
80%
70%
60%
50%
40%
30%
20%
Global
average
rate of
BYOD =
57.1%
10%
0%
We see here evidence of bifurcation between mature IT markets and high growth IT markets,
with employees in high growth markets demonstrating a strong trend to using their own
devices. As BRIC / high growth smartphone & tablet markets grow, BYOD needs managing.
This is far from just a Western European and North American challenge / opportunity
Source Ovum: Global BYOD Survey : N = 4038
5
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Encouragement vs. active and passive ignorance of
BYOD by IT – sizing the data security challenge
“What does your employer think about you accessing your
work email on your own smartphone or tablet?”
8.1%
17.7%
Don't know about it
Ignore that it's happening
Encourage it
Discourage it
45.8%
28.4%
Levels of passive ignorance by IT are at 17.7%, and active ignorance (don’t ask, don’t tell)
at 28.4%. If we start extrapolating out… The level of active encouragement however are
higher than anticipated at 45.8%
Source Ovum: Global BYOD Survey : N = 2805 from 4038
6
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
The BYOD management gap – the phenomenon is
largely un-managed
60%
57.1%
% of all respondents
50%
40%
Unmanaged
30%
20%
11.9%
10%
Managed
0%
Respondents who BYOD (not including calls/SMS)
Respondents who BYOD (not including calls/SMS) and
who have signed a corporate policy governing BYOD
If a signed agreement between employer and employee is a proxy for adequately managed
BYOD usage, 79% of all BYOD usage is still un-managed today.
Source Ovum: Global BYOD Survey : N = 4038
7
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Why is this a risk? Data security is always at risk at
three main points: the network, the endpoint, and the
application
Consumerization means that:

More (unsecured) networks are transferring corporate data

More (unsecured) endpoints are accessing corporate data

More (unsecured) applications are using corporate data
Consumerization multiplies the threats to data security
8
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda

How big is BYOD, and what are employees really doing with
both personal and corporate-provisioned devices?
 Key findings from Ovum’s BYOD-focused multi-market
employee survey
9

Trends in BYOD management

Recommendations for corporate mobility policies

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Brand / reputation strength
Trends in BYOD management: vendors from a range of
backgrounds are converging on the enterprise
mobility services space
ITSM /
enterprise
application
vendors
Device
OEMs
Telecoms expense
management vendors
IT security
vendors
Enterprise mobility /
MDM specialists
Enterprise mobility management capabilities
10
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Trends in BYOD management
Device management: market still growing
Mobile enterprise application management and provisioning: “lighter
touch” models taking off
Secure app-wrapping
Persona / identity management
11
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Addressing security concerns: common MDM
capabilities across major mobile OSs
Some common MDM capabilities across major mobile OSs:
12

Over-the-air discovery, quarantine, enrolment and configuration of
devices accessing the corporate network

Password policy enforcement, data encryption

Remote lock and wipe

Real time reporting and alerts, activity logging, GPS tracking

Content- and context-aware mobile data loss prevention software

Application management and distribution, document control e.g.
blocking copy / paste / local storage
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Mobile enterprise application platforms – addressing
the same issues as MDM but with a different approach
Managing the application, not the device:

Secure app wrapping technology – applying MDM capabilities to
a single app

Removes the need to intrude on personal activities
Corporate app stores
13

An easy way to push apps to the relevant users in the relevant
format

Including custom apps – designed specifically for line-of-business
users to maximize business value
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda

How big is BYOD, and what are employees really doing with
both personal and corporate-provisioned devices?
 Key findings from Ovum’s BYOD-focused multi-market
employee survey
14

Trends in BYOD management

Recommendations for corporate mobility policies

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum recommendations: consider the costs
15

Companies can save on device renewal cycles

But often devices (e.g. BlackBerry’s) come free with a corporate
airtime contract anyway

Will the company still need to maintain a “backup” fleet of
devices?

Will the company be providing a stipend for employees to buy
their own device?
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum recommendations: consider the costs
16

Paying for personal tariffs can be up to 5x more expensive than a
corporate tariff

Extra costs on the service desk, or;

Extra cost of a third party enterprise mobility solution, or;

Both!
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum recommendations: complying with data privacy
legislation
Organizations face a legal conundrum
17

Data being accessed on a personal device needs to be secured.
If it is lost, the organization is responsible – not the individual

However… the solutions that provide data security on a mobile
device involve a certain amount of monitoring and processing of
personal activities – which can be seen as a violation of data
privacy rights
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum recommendations: complying with data privacy
legislation
Employee consent is required

No matter which region you are operating in, the only way around
is to get employee consent. They must know the implications of
the solution and freely agree to it.
Regional and vertical regulation
18

Data privacy regulation has basic similarities from country to
country, but multinational organizations must consider it in every
country in which they operate

Organizations must also be aware of data regulations specific to
their industry, both internationally and regionally
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum recommendations: what should a consumerized
corporate mobility policy address?
Security
Employee privacy
Eligibility
Acceptable use and dealing with policy violations
Technical support
Reimbursement and total cost of ownership
19
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda

How big is BYOD, and what are employees really doing with
both personal and corporate-provisioned devices?
 Key findings from Ovum’s BYOD-focused multi-market
employee survey
20

Trends in BYOD management

Recommendations for corporate mobility policies

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Strategy
21

In the first year of its global BYOD implementation, managed services
provider Unisys deployed iPads and iPhones to customer-facing
employees, and set up the IT infrastructure to allow mobile devices to
securely connect to the Unisys intranet and other critical applications
for day-to-day business functions. Unisys also built the systems
needed to support personal Blackberrys and Windows Mobile.

The auto provisioning process (built in-house) to set up iPads and
iPhones (3GS) reduced help desk calls by ~1000 and saved ~
$50,000 in licensing cost over a year.

Unisys claims to have increased workforce productivity by connecting
employees on the move with critical internal corporate assets.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Security mechanisms

Strict authentication and encryption processes are in place, and cloud
based applications mitigate the risk of mobile data theft.

What applications employees can use depends on their device’s
security rating – some are more secure than others. No Android
devices are yet being allowed into the Unisys environment.
Mobility policy

22
Employees must sign up to an acceptable use policy, which informs
them in which circumstances their device may be wiped, and that their
device may be subpoenaed for litigation purposes (especially in the
US). The data security terms are globally applied; the policy for
reimbursement differs by region.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized BYOD case study
Council opens up to personal devices
23

Leeds City Council is allowing staff to choose their own phone,
including iPhones and Android devices. The council began work on
the implementation in early 2012, selecting MobileIron’s MDM solution
to enable the scheme.

Employee’s wanting to enrol in the BYOD scheme can only install the
MobileIron software after signing a text message disclaimer agreeing
to keep their phone updated with the latest OS, apply security
updates, and not to attempt to circumvent any of the security
measures. Having downloaded the MobileIron client app, work email,
documents, and data are encrypted when accessed on the
employee’s personal device.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized BYOD case study
Ensure that employees understand and sign up to a policy before
implementing any intrusive security measures
24

Make sure that employees are fully aware of what activities and data
on their personal devices will be monitored, and how. Ask employees
to sign up to a mobility policy before allowing them access to
corporate data on their personal device, outlining their responsibilities
in regards to protecting corporate data.

Implement adequate security steps, including a strong PIN policy and
AES-128 encryption as a minimum, to prevent the loss or leakage of
data through usage on personally owned devices. This may well
involve buying into a third party solution if such capability / expertise is
not available in-house.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Thank You –
any
questions?
Please get in touch:
Richard Absalom, Analyst, Consumer Impact Technology
richard.absalom@ovum.com
25
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.