Causes and implications of mobile consumerization

Download Report

Transcript Causes and implications of mobile consumerization

Addressing “The BYOD Gap”
Richard Absalom, Analyst, Consumer Impact Technology
[email protected]
July 2012
1
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum IT Super Themes 2012
2
Big Data & Analytics
IT Modernization
Cloud Computing
IT-enabled Business
Innovation
Connected Society
Mobility
Consumerization of IT
Security, Identity &
Privacy
Global Sourcing
Sustainability
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Ovum’s consumerization practice: every employee is a
consumer
Consumer
as
Connected
Customer
Consumer
as
Protagonist
3
Consumer
as
Employee
The employee brings
consumer technology
into the workplace as a
preferred tool: “Bring
Your Own Device”
(BYOD) is a key trend
Consumer
as System
Component
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Consumerization of IT: Managing the Employee
Experience
Consumerization of IT
The adoption of new IT devices
and applications in the consumer
market is accelerating – fuelling
improvements in personal
productivity. Enterprise workplaces
move more slowly, creating a
divide between user expectations
and corporate IT realities. We
focus on the impact of the
proliferation of new devices, apps
and data sources on user
behaviors and IT management
practices in the enterprise.
4

Bring Your Own Computer/Device
strategies in enterprise IT

Enterprise Mobility Management
vendor strategy

Mobile application strategies for
the connected employee

Governance and policy:
managing employee data privacy
legislation
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
What’s behind consumerization? Apple and Google’s
consumer market focus creates the “BYOD Gap”
Employee demographics
BYOD Gap
Actual point of
enterprise entry
Mobile device
adoption curve
Normal point of
enterprise entry
Early
adopters
5
Rate of adoption
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
6

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Defining the business case for BYOD: balancing
tangible and intangible benefits, risks and costs
Intangible benefits
Managing an unstoppable
market trend?
Improved employee
engagement and satisfaction
Improved employee productivity –
yet to be demonstrated with hard
evidence
Tangible benefits
Less reliance on the service
desk, more self-help
Shifting the burden of shortened
replacement cycles on to the employee
New, specialized line of business
capabilities
Hardware costs – if paying
employees a stipend
Airtime costs – either on
corporate or personal tariffs
Costs and risks
Potential cost of a third party enterprise
mobility management solution
Potential Opex and Capex
increase on the IT service desk
Increased risk of data loss?
Risk of violating data
privacy regulation
7
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
The business case for BYOD: it is unavoidable
The benefits of BYOD have not yet been proven…

Improved productivity and engagement still needs to be demonstrated
with hard evidence
… The threats and challenges it poses cannot be ignored
8

The risk of data loss is real and must be addressed, whether BYOD is
officially sanctioned or not

Providing solutions to the security challenges generates further issues
around cost management and data privacy
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
9

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
What consumerization means for IT: moving towards a
multi-platform environment
+ BES
?
10
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Data security is always at risk at three main points:
the network, the endpoint, and the application
Consumerization means that:

More (unsecured) networks are transferring corporate data

More (unsecured) endpoints are accessing corporate data

More (unsecured) applications are using corporate data
Consumerization multiplies the threats to data security
11
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
12

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow
without loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
IT service desks are not necessarily equipped to deal
with this multi-platform environment
Potential lack of expertise and resource: investment required
13

Training required to fully understand intricacies of different
platforms

System administrators accustomed to working with a single
platform

Extra man hours (and therefore cost) required on the helpdesk /
service desk to deal with troubleshooting on multiple platforms
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
IT service desks: how does BYOD impact existing IT
service desk outsourcing arrangements?
Contracts may need to be renegotiated
14

Need to work with provider to establish what capabilities they
have, what can and can’t be supported

Outsourcing providers may need to train up staff – and charge
more as a result

If support for multiple OSs was not built into the original contract,
the likelihood is that they will need to be renegotiated

Enterprise mobility vendors provide workflow tools to manage
thousands of devices at once – would require roll out and training,
but designed to be “single pane of glass” easy
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
15

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD is about empowering employees – but they also
need to be aware of responsibilities
BYOD frees employees to do their job wherever they are…

The perfect storm of mobile, social and cloud – employees are able to
be connected 24/7, being productive when they’re away from the
office
… But its implementation needs to be closely managed
16

Employees need to understand the security risks and implications,
and who’s responsible for what – data, applications, cost, technical
support

Their consent is required to implement complete security solutions
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
The “complete” enterprise mobility solution should
offer:
Device management
Mobile enterprise application management and provisioning
Expense management
17
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Addressing security concerns: common MDM
capabilities across major mobile OSs
Some common MDM capabilities across major mobile OSs:
18

Over-the-air discovery, quarantine, enrolment and configuration of
devices accessing the corporate network

Password policy enforcement, data encryption

Remote lock and wipe

Real time reporting and alerts, activity logging, GPS tracking

Content- and context-aware mobile data loss prevention software

Application management and distribution, document control e.g.
blocking copy / paste / local storage
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Mobile enterprise application platforms – addressing
the same issues as MDM but with a different approach
Managing the application, not the device:

Secure app wrapping technology – applying MDM capabilities to
a single app

Removes the need to intrude on personal activities
Corporate app stores
19

An easy way to push apps to the relevant users in the relevant
format

Including custom apps – designed specifically for line-of-business
users to maximize business value
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
On-device multi-persona management: a third way
Providing separate work and personal “identities” on the same device
20

Solutions such as Enterproid Divide allow for one persona to be
managed and secured by the enterprise, and the other to remain
free for personal use

App-wrapping and persona management are a way around
privacy concerns – but are they as secure? Only allow for
monitoring select applications, no idea what corporate data might
be going through the unsecured consumer apps

These capabilities are only available on Android at the moment –
and BlackBerry to a certain extent with BlackBerry Balance
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD might make some savings on hardware…
21

Companies can save on device renewal cycles

But often devices (e.g. BlackBerry’s) come free with a corporate
airtime contract anyway

Will the company still need to maintain a “backup” fleet of
devices?

Will the company be providing a stipend for employees to buy
their own device?
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
… But it will add costs elsewhere
22

Paying for personal tariffs can be up to 5x more expensive than a
corporate tariff

Extra costs on the service desk, or;

Extra cost of a third party enterprise mobility solution, or;

Both!
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Telecoms expense management solutions and
corporate-provided SIMs help to manage costs
Keeping track of telecoms spending

Companies are not always aware of how much they are spending

Controls can be put in place to monitor spending while roaming,
for example: when a certain limit is reached, the user can be
prompted as to whether they want to keep on talking / using data
One option: corporate provisioned SIM, personally owned device
23

The best of both worlds? The user gets the device of their choice;
the enterprise gets to control the airtime contract and can keep
the number if the employee leaves…

But will employees go for that?
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Brand / reputation strength
Vendors from a range of backgrounds are converging
on the enterprise mobility services space
ITSM /
enterprise
application
vendors
Device
OEMs
Telecoms expense
management vendors
IT security
vendors
Enterprise mobility /
MDM specialists
Enterprise mobility management capabilities
24
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
25

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
The legal implications of BYOD – complying with data
privacy legislation
Organizations face a legal conundrum
26

Data being accessed on a personal device needs to be secured.
If it is lost, the organization is responsible – not the individual

However… the solutions that provide data security on a mobile
device involve a certain amount of monitoring and processing of
personal activities – which can be seen as a violation of data
privacy rights
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
The legal implications of BYOD – complying with data
privacy legislation
Employee consent is required

No matter which region you are operating in, the only way around
is to get employee consent. They must know the implications of
the solution and freely agree to it.
Regional and vertical regulation
27

Data privacy regulation has basic similarities from country to
country, but multinational organizations must consider it in every
country in which they operate

Organizations must also be aware of data regulations specific to
their industry, both internationally and regionally
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
28

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
What should a consumerized corporate mobility policy
address?
Security: Understand the steps required to secure corporate data
Employee privacy: Make employees aware of the security
implications and gain their consent to implement an MDM solution
Eligibility: Know exactly which employees the policy applies to
Acceptable use and dealing with policy violations: Make sure
employees understand the consequences of violating the policy
Technical support: Have a clear idea of who’s responsibility this is
Reimbursement and total cost of ownership: Understand the impact
of the policy on bottom-line costs and take steps to control them
29
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Agenda
30

Building and defining a business case & strategy

Data security

Introducing new platforms to IT Service Desk workflow without
loading into excess cost

Managing the implementation challenge

Dealing with cultural and geographic legal variance

Putting together a consumerized corporate mobility strategy

Case studies
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Consumerization case study
Strategy
31

UK-based multinational bank not running a full BYOD policy, but
replacing BlackBerrys by rolling out iPhones to its mobile employees
instead. Moving beyond only using email on the go: “wanted to move
from an email platform that does apps to an app platform that does
email”.

10,000 iPhones distributed by end 2011, and each of those users has
the option to bring in a personally owned iPad as well (2,000 actually
running on the corporate network).

12 internal apps available to relevant employees, covering functions
beyond email such as trading, customer management, customer
service, and exchange rates.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Consumerization case study
Security mechanisms
32

Everything provided in a secure environment: access to corporate
data on corporate network only, no local storage – no sensitive data
can be left on the device.

Single-tunnel VPN – when a user is connected to the corporate
network, all other access is blocked.

All managed in-house by Standard Chartered’s own IT department
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Strategy
33

Relationships with multiple mobile carriers in every country in which it
operates means that Cisco is in a great position to implement an
internal BYOD policy. The networking giant no longer pays for any
mobile devices, telling employees to bring their own into work. Cisco
leverages its relationships with carriers to provide very good Ciscoemployee-only mobile tariffs.

iPhone now the most popular device in the company, 41% share.
BlackBerry slipping back (24%), Android growing (10%).

Results: Mobile spend flat year on year (May 2010 – May 2011), even
with 32% increase in number of mobile users. Users also self-support
more effectively on personally owned devices, and mobile IT support
requests dropped 20% year on year.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Security mechanisms

Aims to support as many platforms and devices as possible and is
continually increasing its number of "trusted devices“. Trusted devices
must meet certain architectural principles around security,
authentication, authorization and storage, and execution elements
around policy enforcement and asset management.
Mobility policy

34
Cisco employees have to agree to a corporate mobility policy and
understand that their phone may be wiped if confidential corporate
data is “deemed likely to be compromised”. Violating the policy can
lead to disciplinary procedures including termination of employment.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Strategy
35

In the first year of its global BYOD implementation, managed services
provider Unisys deployed iPads and iPhones to customer-facing
employees, and set up the IT infrastructure to allow mobile devices to
securely connect to the Unisys intranet and other critical applications
for day-to-day business functions. Unisys also built the systems
needed to support personal Blackberrys and Windows Mobile.

The auto provisioning process (built in-house) to set up iPads and
iPhones (3GS) reduced help desk calls by ~1000 and saved ~
$50,000 in licensing cost over a year.

Unisys claims to have increased workforce productivity by connecting
employees on the move with critical internal corporate assets.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
BYOD case study
Security mechanisms

Strict authentication and encryption processes are in place, and cloud
based applications mitigate the risk of mobile data theft.

What applications employees can use depends on their device’s
security rating – some are more secure than others. No Android
devices are yet being allowed into the Unisys environment.
Mobility policy

36
Employees must sign up to an acceptable use policy, which informs
them in which circumstances their device may be wiped, and that their
device may be subpoenaed for litigation purposes (especially in the
US). The data security terms are globally applied; the policy for
reimbursement differs by region.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized consumerization case study
BlackBerry emails switched off at night in Germany

37
In December 2011, Volkswagen agreed to deactivate the email
function on its BlackBerry fleet at night for employees in Germany.
The move is a result of pressure from the company’s work council to
counter expectations that employees with a BlackBerry should be
reachable at all times. The works council reasons that such an
addiction to the “CrackBerry” corporate device heightens the risk of
burnout and stress, leading to increased numbers of sick days taken.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized consumerization case study
Consider local cultural factors when implementing any policy
38

Be aware that allowing a BYOD policy or provisioning employees with
consumer-focused devices does not automatically mean that they will
be reachable at all times.

In Germany, organizations implementing any enterprise mobility policy
must do so in cooperation and agreement with local work councils. If
any such policies do not conform to the employee’s contract of
employment (e.g. on required working hours), expect opposition from
the works council.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized BYOD case study
Council opens up to personal devices
39

Leeds City Council is allowing staff to choose their own phone,
including iPhones and Android devices. The council began work on
the implementation in early 2012, selecting MobileIron’s MDM solution
to enable the scheme.

Employee’s wanting to enrol in the BYOD scheme can only install the
MobileIron software after signing a text message disclaimer agreeing
to keep their phone updated with the latest OS, apply security
updates, and not to attempt to circumvent any of the security
measures. Having downloaded the MobileIron client app, work email,
documents, and data are encrypted when accessed on the
employee’s personal device.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.
Localized BYOD case study
Ensure that employees understand and sign up to a policy before
implementing any intrusive security measures
40

Make sure that employees are fully aware of what activities and data
on their personal devices will be monitored, and how. Ask employees
to sign up to a mobility policy before allowing them access to
corporate data on their personal device, outlining their responsibilities
in regards to protecting corporate data.

Implement adequate security steps, including a strong PIN policy and
AES-128 encryption as a minimum, to prevent the loss or leakage of
data through usage on personally owned devices. This may well
involve buying into a third party solution if such capability / expertise is
not available in-house.
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc.