Clients      Employees

September 30, 2015

No Comments


Why CYOD Is Picking Up Steam

Many organizations first resisted the bring-your-own-device (BYOD) model in which employees use their personal laptops, smartphones, tablets and other devices in the workplace. IT managers were concerned about device and data security, supporting and managing a wide variety of devices and applications, and a general lack of IT control in a BYOD environment.

However, as employees have continued to push to use their own devices at work, many IT managers have relented and even embraced the BYOD model. Proponents say BYOD boosts productivity and employee satisfaction, enables greater flexibility, and reduces technology costs. In fact, Gartner predicts that nearly four in 10 organizations will stop issuing company devices and rely exclusively upon BYOD by 2016. By 2020, 85 percent of companies will have a BYOD policy of some kind.

While BYOD has garnered much of the attention, the choose-your-own-device (CYOD) model has experienced slow, stealth-like growth. Somewhat of a compromise between BYOD and the traditional model, CYOD requires employees to choose from a group of company-approved devices. The desire to corral BYOD, eliminate management and security complexity, and create a more standard corporate IT environment led IDC to predict in 2013 that CYOD would render BYOD obsolete.

That hasn’t happened. BYOD is doing just fine. Cloud services have become more widely used, and employees can access cloud resources from their own devices without going through the corporate network. Organizations are relying more upon temporary and contract workers, and it doesn’t make sense to supply each of these individuals with a company-owned device. In some cases, BYOD is used on a limited basis for certain departments. For example, a simple change in phone number could affect a salesperson’s relationships with industry contacts.

But CYOD is growing, too. As data breaches continue to occur at an alarming rate, organizations and employees are becoming more sensitive to the issue of cybersecurity. CYOD enables IT to simplify device management and control how devices are used. Devices are preconfigured and security software is preinstalled. Also, concerns about employee satisfaction are overblown at times, as employees will typically end up with a device that makes them happy when CYOD is properly implemented.

Many organizations turn to CYOD because of the legal complications of BYOD. How do you differentiate work time from personal time and compensate employees accordingly? Where do you draw the privacy line between personal data and company data? Does your BYOD policy hold water with various state, federal and industry regulations?

When deciding between BYOD, CYOD and a hybrid approach, start by analyzing how employees use their mobile devices. Find out what applications are most popular with your employees and how these tools help them perform their job functions. If you don’t have employee buy-in, your model won’t work.

Once you choose a model, make sure you develop a security strategy that will protect your data inside and outside of the workplace, and create an incident response plan to minimize the impact of a breach. All of these decisions involve more than IT, so include legal, human resources and finance from the planning phase through implementation.

ICG understands pros and cons of CYOD and BYOD as they relate to the unique needs of small businesses and their employees. Let us help you devise a plan that prioritizes security and strikes the right balance between productivity, cost efficiency and employee satisfaction.

September 23, 2015

No Comments


Focusing on the App instead of the Device

The Bring Your Own Device (BYOD) phenomenon has spawned an array of new product categories that promise to help IT cope with the onslaught of user-owned devices. In our last post we talked about mobile device management (MDM), which focuses on provisioning, supporting, securing and controlling the mobile devices themselves.


Mobile application management (MAM) provides a somewhat different set of functions, including enterprise application delivery, security, configuration, licensing and maintenance, along with usage tracking, reporting and policy enforcement. MAM enables IT to control which applications are provisioned to which devices, based upon device type, user, role and other criteria.


There is some overlap in functionality between MDM and MAM but the viewpoint is different. Instead of deciding which devices can access which corporate resources, IT is deciding which applications can be pushed out or downloaded to each device and securing those applications.


MAM also reflects the shift in how enterprise applications are provisioned and used. Traditionally, IT supplied and managed both the endpoint device and a set of enterprise applications the employee was allowed to use. The user experience was limited to those devices and apps. Today, end-users bring not only their own devices but their own apps, including apps downloaded from public app stores. Because IT does not have complete control over the device or app, a new application management strategy is needed.


Locking down the entire device does not address the security concerns associated with third-party apps. Changing usage patterns warrant a more granular approach to security in which authentication, encryption and remote wipe take place selectively, at the application level.


So-called “app wrapping” forces third-party apps to use multifactor authentication or a VPN, and ”geofencing” limits app usage based upon the user’s location or the time of day. IT should enforce passcode policy compliance across all app types and maintain control over organizational data. MAM enables IT to do all that instead of tinkering with the user’s device.


MAM also facilitates a transition toward a device-agnostic paradigm. This is increasingly important as mobile technology evolves. Organizations are beginning to manage tablets as well as smartphones and each has its own application management requirements. The number and type of devices is only going to escalate, making device-agnostic management imperative.


Google just announced that its MAM solution is now supported on iOS as well as Android. The solution allows Apple device users to separate personal and business apps, gain single sign-on capabilities across Google Apps for Business, and download and install approved iOS apps from Google’s Device Policy.


As BYOD continues to grow and evolve, a number of experts have debated whether it makes more sense to manage the applications accessed by mobile devices or the devices themselves. Some contend that MDM is still needed to provide end-to-end enterprise mobility management. However, end-users often balk at giving IT controller over their personally owned devices. MAM shifts the focus from managing devices to securing the applications and data the devices access.


If your employees are using their own devices for work, you need to take steps to protect sensitive applications and data. Contact ICG to discuss the best approach for your mobile device strategy.

September 10, 2015

No Comments


How Mobile Device Management Overcomes the Mobile Security Conundrum

In our previous post, we discussed that small-to-midsize businesses (SMBs) are turning to the cloud to take advantage of “anytime, anywhere” access to applications, data and infrastructure through mobile devices. These capabilities give employees the flexibility to work remotely while maintaining the highest levels of productivity, collaboration and customer service. As a result, small businesses are investing in mobile-friendly, cloud-ready infrastructure.


Once considered a nice-to-have luxury, mobility has become essential for day-to-day SMB operations. According to Manta’s SMB Wellness Index, four in five small business owners use their mobile phones for business purposes every day. One in four use mobile phones at least every hour, and 78 percent use them while sitting in front of a desktop computer. Some of the most common tasks include scheduling, customer communication, creating to-do lists and banking.


While mobility delivers obvious business benefits and makes employees happy, it also creates a number of risks. Are employees using applications or software that could drag down network performance, increase the risk of compliance violations, or open the door for cyber criminals? Is data being stored securely? Are company data and applications getting mixed up with personal data and applications? How do you keep them separate? What happens if a mobile device is lost or stolen? These and other questions need to be answered before diving headfirst into the mobility pool.


Mobile device management (MDM) software can help SMBs address these concerns by enabling IT to centrally deploy, manage, monitor and secure both company-owned and employee-owned devices. Security and compliance policies, antimalware, access controls, passwords, encryption, and applications are updated and managed remotely. Data can be remotely wiped from a lost or stolen device, and jailbroken devices can be automatically detected and flagged. MDM not only protects company data and applications, but also ensures optimal performance and functionality for employees.


MDM software can be licensed to a single device or to a single user who utilizes multiple devices. One license per device is ideal for small companies in which each employee uses a single mobile device. For companies with employees who use smartphones, tablets and laptops, a per-user license is typically the more cost-effective approach.


This is the model most SMBs use with Microsoft Windows Intune, which provides MDM capabilities for Office 365 products. In addition to Windows, Intune can be used to monitor, secure and optimize Outlook clients on Android and iOS devices. Intune is capable of defining and enforcing policies and access controls at the device level. If a device is lost or stolen, Intune uses selective wipe functionality to remotely delete company data and applications without touching personal data.


Of course, Intune is just one example of an MDM solution for SMBs. There are a number of other products available, as well as free software and apps built into the devices themselves. Some enterprise-class MDM platforms are now available in a cloud model, making them more affordable for small businesses.


Although MDM helps SMBs reduce many of the risks associated with mobility, it is rather complex to implement and manage. Let us help you deploy, configure and remotely manage your MDM software and keep your mobile environment secure.

September 1, 2015

No Comments


Why SMBs are Using the Cloud to Leverage Mobility

One of the core drivers behind the emergence of cloud-based services for small-to-midsize businesses (SMBs) is flexibility. Having the flexibility to access applications, data and infrastructure anytime, from anywhere, leads to faster decision-making, improved customer service and responsiveness, greater productivity, more collaboration and more innovation.


In fact, a recent study found that 91 percent of organizations using the cloud have at least one employee working remotely. Nearly one in five companies say the majority of their workforce works remotely.


SMBs are increasingly turning to an Infrastructure-as-a-Service model in which applications, hardware, software, storage and other tools and services are hosted by a third-party service provider and accessed on virtually any Internet-connected device. These resources can be scaled on demand and shift the financial burden of IT procurement, management and maintenance to the provider.


Of course, another big reason for the popularity of the cloud is the popularity of smartphones and tablets. Mobility and the cloud are speeding forward side by side as employees demand the highest levels of performance and reliability when accessing the corporate network from their favorite mobile devices. To meet this demand, organizations are making investments in mobile-friendly infrastructure and ensuring that devices, applications and data are running in the cloud.


The cloud fills a very basic need for the mobile workforce – the ability to remotely access files and applications. Documents can be reviewed, edited, stored and sent from any device. Manager approvals no longer require a trip back to the office.


Unified communications and collaboration tools allow employees to use a variety of channels to seamlessly communicate with colleagues and customers. Videoconferencing no longer requires high-tech conference rooms and complex planning. All an employee needs is a smartphone or tablet and login information.


The key advantage of the cloud – anytime, anywhere access to network resources – also creates a downside. Organizations that rely upon the cloud to support mobility are also relying upon mobile employees to establish and manage their own Internet connectivity. This can lead to service degradation, which prevents users from taking full advantage of a flexible working arrangement. The cost of access to cloud resources, if not monitored and controlled, can quickly wipe out any financial gains of cloud computing. Finally, security can be compromised by users who visit questionable websites, download malicious software, utilize unsecure networks, or fall prey to phishing scams.


Mobile policy management (MPM) can overcome these issues by establishing and automatically enforcing policies that provide greater control over how the cloud is used. Networks used to connect to the Internet are prioritized and selection is controlled by policy. This can significantly reduce support costs and optimize data usage while simplifying the user process for accessing cloud resources. From a security standpoint, MPM protects corporate data and applications by preventing the use of rogue networks that are often labeled as “free Wi-Fi.” It also allows users to roam between networks without security or compliance issues.


ICG’s IT-as-a-Service (ITaaS) solution is focused on making businesses more flexible and agile. It includes virtualized server infrastructure, hosted email, automated and managed backup, Microsoft Office licensing, remote desktops, and a comprehensive suite of security tools. Let ICG show you how our cloud services can help you take full advantage of mobility and flexible working.