the myIT blog

BYO"T"

That's right. T. You were expecting "B"? "T" for TECH. It's what is happening a lot these days. Your company might hand out basic cell phones, but you prefer your own "iPhone" or "Android".

There is a constant tug of war between IT shops and users. Users want everything and don't want to pay for it. They want to use MAC's but can't because the backend systems in the office don't fully support their needs (Windows applications). However, with a lot of stuff moving to application hosting companies, that really starts to change the environment.

We have come to conclude that this article is hogwash: http://articles.businessinsider.com/2011-10-28/tech/30331882_1_mac-users-windows-pcs-forrester

First it quotes Forrester saying "Only support windows desktop". We have NO customer that supports a single platform. OK, so your work PC is a Windows machine. Do you have a company issued smartphone. SMART bet it's not Windows. We have many customers who use tablets and MAC's in their business environment. One customer has dozens of Mac's that makes us feel cheap and ashamed when we walk in carrying a (gasp) winbook of some sort.  We have other customers who have MAC's in desktop publishing roles. Some where marketing and management who don't use the same applications as users also have a MAC. This same organization has marketing and devlopment folks who prefer PC's and want Sharepoint. My only point is that the workplace is becoming as diverse, technologically, as your staff is able to support.  If you don't train and help your staff support you on every platform your users want to bring in the door, be prepared to shell out the extra dollars for additional support.

However, on the mobile front, there is a growing trend to try to assimilate the end users device. So you are a tech support person and are working on someone's personal phone. They have company data on it, maybe email. You find "porn" on it. What do you do? Is your personnel policy able to address these sort of "what if's". Certainly, it opens a can of worms.

Fear not, there are ways to both support BYOT and not have to physically peek into email or storage folders and find the unsavory results.

Right now there are two trends -

1. A'la Juniper - 1,000 user software license at around 70.00 per user plus backend systems (30k-50k for any small business). SSL VPN and all sorts of stuff. Lacks application and actual device management.

2. Use a hosted platform with an app for the Operating System and be able to:

  • lets you monitor and configure these devices from web based Dashboard
  • Note that you can see where a device is,
  • what apps are installed on it.
  • you can lock a device in real time.
  • you can even remote wipe it, in case it gets stolen.
  • You'll see that admins can configure all kinds of capabilities for mobile devices as well.
I think we'll prefer option 2. We can do "some" of this with Google Apps (without email is a choice), but only "part of it".  We have no way to control the device if it is an Apple device without logging into the user's icloud/mobile me service. That's too much to ask of an IT department... "give me the username and password to your Apple Account..."
Now we just have to find a small SSL capable VPN client for these devices and a way to encrypt some data if the device doesn't support it.
Noone said BYOT would be easy.