News Stay informed about the latest enterprise technology news and product updates.

Different approaches to BYOD policies are recipe for success

BYOD creates all kinds of issues for IT. But not every company can take the same approach, with different avenues on display at a customer panel.

ANAHEIM, Calif. – An ever-increasingly mobile world creates challenges IT couldn't have dreamed of years ago, but there are answers in different BYOD approaches.

There isn't one "best" approach to bring your own device (BYOD), however.-IT can go with a mobile device management (MDM) approach that locks down an employee device or use mobile application management (MAM) to secure the data used in enterprise applications.

Indeed, BYOD takes many forms, with several approaches on display during a customer panel at the Citrix Synergy conference here this week.

Sony Pictures' BYOD journey

Three years ago, Sony Pictures Entertainment rolled out a BYOD program with no MDM outside of Active Sync. However, Sony's security team put a stop to the program so it could review and analyze a new process for BYOD.

The result was a new nine-page policy that dropped the number of BYOD-enrolled users from several hundred to under 100, according to Laurie Elmore, director of IT mobile technologies and integration with Sony Pictures Entertainment.

"We're struggling to include more and more people because they don’t like the security language," Elmore said. "Security is saying, 'if you leave, I can take your device, I can copy your pictures and text messages.'"

It's really about the experience rather than the technology.

Michael McKieran, Citrix IT practices vice president

Sony Pictures Entertainment is looking at adding Citrix's XenMobile Enterprise Edition to separate personal and corporate sections on devices and then loosen up some of the BYOD policy language to entice more employees to join the program.

Different approaches must be taken in part because of different laws. For example,  Germany laws don't allow EnBW, an electrical utilities company there,  to lock onto a device with full MDM. Instead, the company started a BYOD approach focused solely on MAM, according to Boris Schroeder, team lead for IT mobile solutions for EnBW.

"We just want to take control of the applications we deliver and what the content of the applications is," said Schroeder.

As part of that approach, EnBW recently pushed out its first Citrix Worx Home application, Worx Mail, which connects to its Microsoft Outlook email. EnBW runs this on about 20 to 30 devices as part of an initial test and it hopes to add more applications over time including employee self-services and travel and expense, according to Schroeder.

Citrix "eats its own dog food" when it comes to BYOD, using XenMobile over the last year to manage around 12,500 BYOD devices that come onto its global network, according to Michael McKiernan, vice president of business technology solutions, IT practices, for Citrix.

Citrix started its BYOD program over six years ago with computers and has grown to include the wide array of mobile devices. The company also focused on MAM until XenMobile was introduced.

In Citrix's own experience, it's a powerful thing to allow users their freedom to use their own device to get work done, according to McKiernan.

More on BYOD

Worldwide shipments of smartphones to hit 1.9 billion in 2014, up nearly 5% from last year, according to Gartner research from March 2014.

"It's really about the experience rather than about the technology," he said.

Citrix also found an interesting trend regarding BYOD demographics that goes against the grain of conventional wisdom of what types of users want to choose their own devices. According to its internal statistics, users aged 30 to 39 use BYOD devices more than any other age group.

"The demographics are overstated, that the millennials expect and demand [BYOD]," said McKiernan. "It's just not true. The millennials just want a job."

Security risks of BYOD considered

Important issues around security have to be considered if implementing a BYOD program. At Sony, if a user brought in a laptop and wanted to connect it into the infrastructure there, it wouldn't be immediately possible, according to Sunil Dayal, technical services analyst at Sony Pictures Entertainment.

"So, why do we give free will to smart devices?" Dayal asked.

With plans to add XenMobile Enterprise Edition soon, the containerization piece will give IT the ability to push a certificate to users to connect to Sony's network through MDM. All other devices can access internal networks through Citrix NetScaler, mitigating risk factors, according to Dayal.

Citrix actually finds fewer security incidents with BYOD devices than corporate-owned devices. That's in part because of what McKiernan called "rental car syndrome," where people take better care of their own devices than ones owned by their company.

"They lose [BYOD devices] less frequently, they get run over by cars less frequently, they get dropped in the water less frequently when the new phone comes out," McKiernan said.

Sony purchased 13 devices in one year for an executive who kept losing them. In fact, he bought several on his own because he felt bad, according to Elmore.

While securing data inside a container like Worx Mail is key, of equal importance is ensuring that data doesn't get sent to places it shouldn't, according to Schroeder.

"We wouldn't want someone to open a mail attachment in Facebook or something and disclose some big plans we have," he said.

Dig Deeper on EMM tools | Enterprise mobility management technology

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What, if any, approach does your enterprise take with BYOD?
BYOD can now be a powerful tool to manage work forces and increase productivity. As pointed out, a good BYOD policy is critical, but it is really training that will make the policy successful. An example is our small healthcare facility put a BYOD policy in place to use Tigertext for HIPAA complient text messaging, but the doctors still used their unsecure regular SMS text messaging. Even though we had a good BYOD policy, it wasn't enough. SMB's need to be cost effective, and with new technologies, one of the best ways to reduce costs and increase ROI is training. For us, we had to bring each doctor in to admin for training and explaining the HIPAA issues and how to use theTigertext app correctly. Now we have the doctors in compliance which has significently lowered the cybersecurity risks and increased productivity for the doctors and the hospital. Here is an example of a BYOD policy template:
The BYOD concept can be intimidating for IT staff, but there are strategies to minimize security risks and device management headaches. HTML5 technologies can allow users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.

Since AccessNow doesn't require any software installation on the end user device IT staff end up with less support hassles. Any user that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.

Visit for more info.

Please note that I work for Ericom