BYOPC Strategy: Policies and Problem Solving

of 7 Sponsored by


Contents

Creating BYOPC Policies: A Win-Win for IT and Users

BYOPC Support: How to Troubleshoot Before Issues Emerge

When it comes to developing a Bring your own PC (BYOPC) strategy, the first and most important step is to implement BYOPC policies. Once these policies are set in place, it makes it easier to be proactive in troubleshooting issues. This expert E-Guide dives into the benefits of creating BYOPC policies and the tasks to consider before problems arise.

Creating BYOPC Policies: A Win-Win for IT and Users By: Dan Sullivan

The first step in developing a BYOPC strategy is to create BYOPC policies,

and for this you need to understand the scope of your strategy. Jumping into

implementation without knowing what you are implementing will likely waste

time. You should consider acceptable use, liability, privacy, governance and

enterprise-supported device policies.

Create and define BYOPC policies

When a company purchases, provisions and supports a computer, the

company understandably expects to have full control over how employees

use that computer. In a bring your own PC (BYOPC) environment, the lines

of responsibility around proper use are blurred.

For example, a business may decide that employees shouldn't use company-

owned desktops for personal tasks, such as tracking a family budget. This is

precisely the kind of thing many employees would do with their own PCs, and

they may not think that using a corporate device is any different.

Balancing the family budget with a company PC is unlikely to cause any

problems, but devices with inappropriate material, such as illegally

downloaded media or pornography, could become a human resources issue.

Your organization should also clearly state BYOPC policies governing topics

such as harassment with respect to personally owned devices.

of 7 Sponsored by


Contents



One of the most important BYOPC policies is an acceptable use policy,

which should specify the device owner's responsibility for protecting

corporate information. For instance, employees should take care to protect

personal devices that store sensitive data from loss or theft. If users install

unauthorized applications on the same PCs that access corporate systems,

IT must mitigate the risk of a user's PC eventually transmitting malware to

company computers or data leaking through an inadequately secured PC.

IT can implement security controls in various ways, including verifying that

anti-malware and personal firewall software are installed and up to date.

When an employee's device does not meet minimal BYOPC security

requirements, you can deny it access to the corporate network. Network

administrators can require virtual private network use to further protect

communications between business systems and the employee's PC.

IT professionals may determine that the best way to balance protecting the

business while allowing BYOPC is to use virtual desktops and applications.

With this approach, an employee connects to an access gateway to reach a

centrally managed virtualized application or desktop. This allows IT admins

to maintain control over corporate apps and data without implementing

substantial controls on employee-owned PCs. In such a scenario, you'd need

to define policies describing how to use the virtualized desktops, establish

access restrictions and describe how users would be grouped according to

their roles and responsibilities.

Comprehending the intricacies of liability will no doubt require legal advice.

Some instances that may raise liability questions include a private or

confidential data leak from a personal device and personal data loss because

of a business application error, or as a result of poor advice from technical

support.

User agreements can capture company policies, but employees should

understand the details of those policies. Having an employee click through

an end-user agreement may meet legal requirements for consent, but it does

not mean employees understand the scope of the policies.

of 7 Sponsored by


Contents



It's better for an employee to know up front that the business retains the right

to alter a device connected to the corporate network -- including erasing

personal data -- than to find out unexpectedly that the family photos are gone

for good. When you describe key provisions of end-user agreements, it is

also a good time to review best practices for protecting personal data, such

as performing regular backups.

Clearly state your BYOPC policies and your privacy policy. Will the business

download data from the employee's personal computer? For example, some

mobile device apps download contact lists from mobile devices after

installation. Users may have agreed to this by clicking through the end-user

agreement, but it was a surprise to many and created a public backlash in at

least one data-mining case. If you intend to perform operations on a

personally owned computer, such as scanning for malware or checking

security configurations, tell employees before you do it. Employees who do

not wish to have required operations performed on their devices should be

denied access to the corporate network.

About the author

Dan Sullivan, who holds a master's degree in computer science, is an author,

systems architect and consultant with over 20 years of IT experience, with

engagements in advanced analytics, systems architecture, database design,

enterprise security and business intelligence.

BYOPC Support: How to Troubleshoot Before Issues Emerge By: Dan Sullivan

Once your policies and security practices are in place and your employees

are working with enterprise applications, you'll start getting BYOPC support

requests.

Consider how IT administrators will troubleshoot problems with users'

personal devices. Ideally, the BYOPC support staff will have its own devices

running all company-supported platforms. IT support groups should test

of 7 Sponsored by


Contents



enterprise applications on various devices before announcing support for

them.

Establish guidelines that outline what types of BYOPC support advice you'll

offer -- for example, don't suggest wiping the device -- and set limits on the

time and resources that you'll dedicate to troubleshooting employee-owned

PCs and related devices. When using virtual desktop environments,

determine which clients you support and test for usability and performance.

As part of enterprise support of BYOPC policies, consider the following tasks:

Define acceptable use policy.

Understand liability and privacy issues (now would be a good time to

call your legal department).

Formulate a governance model and understand what role, if any, end

users will have in setting or changing policies.

Determine which enterprise applications will be accessible in BYOPC

and under what circumstances (e.g., Application X can only be used

when on a virtual private network or through a virtual desktop).

Specify BYOPC authentication and encryption requirements.

Determine how you will enforce policies. Will existing management

systems, such as Exchange ActiveSync, meet your needs, or will

you need mobile device management software?

Create a list of requirements for managing personally owned PCs.

Assess existing systems for meeting those requirements, and then

consider if additional functionality is needed.

Assess your ability to support multiple applications on multiple

platforms. What limits will you have to prevent undue burdens on IT

support staff?

of 7 Sponsored by


Contents



Determine which methods for delivering enterprise applications your

organization will support, and test enterprise applications for usability

and performance.

The success of a BYOPC strategy depends in large part on the ability of

desktop administrators to help executives and managers understand its risks

and benefits and to implement policies and enforcement mechanisms.

Administrators will be required to work on a wide range of BYOPC support

tasks, from specifying security controls and evaluating applications to

determining the best methods for enforcing policies. Implementing a BYOPC

or BYOD program is challenging because it requires you to keep in mind the

best interests of the business and employees while maximizing the benefits

to both.

About the author:

Dan Sullivan, who holds a master's degree in computer science, is an author,

systems architect and consultant with over 20 years of IT experience, with

engagements in advanced analytics, systems architecture, database design,

enterprise security and business intelligence.

of 7 Sponsored by


Contents



Free resources for technology professionals TechTarget publishes targeted technology media that address your need for

information and resources for researching products, developing strategy and

making cost-effective purchase decisions. Our network of technology-specific

Web sites gives you access to industry experts, independent content and

analysis and the Web’s largest library of vendor-provided white papers,

webcasts, podcasts, videos, virtual trade shows, research reports and more

—drawing on the rich R&D resources of technology providers to address

market trends, challenges and solutions. Our live events and virtual seminars

give you access to vendor neutral, expert commentary and advice on the

issues and challenges you face daily. Our social community IT Knowledge

Exchange allows you to share real world information in real time with peers

and experts.

What makes TechTarget unique? TechTarget is squarely focused on the enterprise IT space. Our team of

editors and network of industry experts provide the richest, most relevant

content to IT professionals and management. We leverage the immediacy of

the Web, the networking and face-to-face opportunities of events and virtual

events, and the ability to interact with peers—all to create compelling and

actionable information for enterprise IT professionals across all industries

and markets.

Related TechTarget Websites

BYOPC Strategy: Policies and Problem Solving

Documents

Transcript of BYOPC Strategy: Policies and Problem Solving