MF Bring Your Own Device
About The Module
The proliferation of mobile and wireless access has brought about a huge trend, which is BYOD. BYOD stands for Bring Your Own Device, a term created to describe the situation where people use their personal mobile tablets and devices in their workplace or their schools to access the company’s network or school’s network. BYOD is a global phenomenon, creating a need for companies to develop both policies and a support structure for the burgeoning number of employee-owned devices in workplaces today.
This module covers the following topics:
- Overview of BYOD and its benefits
- Challenges associated with BYOD
- Solution to address these challenges
- BYOD use cases in industries
This course contains the following pages:
- Presentations: Nine short recorded video presentations created by various presenters.
- Additional Resources: Links to additional resources are also provided as a convenience to learners. The appearance of external links does not constitute endorsement by Cisco, nor does Cisco exercise any editorial control over the information found at these external sites.
- Quiz: Brief quiz after each module to check your understanding of key concepts presented in each module.
Upon completion of this module, you will be able to:
- Understand what is BYOD, its benefits and challenges
- Understand BYOD adoption considerations
- Understand BYOD design and solutions
Overview of BYOD
Bring Your Own Device (BYOD) is one of the most influential trends reshaping the landscape of the mobile enterprise and the evolution of IT organizations. The influx of powerful mobile devices into the workplace is changing how users access and use enterprise resources.
In the past, it used to be that IT departments drove technology, but that has changed in recent years. The consumerization of IT revolution,sparked by the smartphone, has shifted the IT culture so that the users are the ones getting the latest, cutting edge technologies first. Tablets and smartphones are turning into general computing devices with faster components, better integration and support in connecting to enterprise systems. The demand for BYOD is largely driven by these users who want to choose the devices they use in their workplace.
Enterprises are beginning to see BYOD as an opportunity rather than a challenge. IT organizations are establishing policies with BYOD access. They are adapting to mobile devices (smartphones, tablets, laptops, etc.) in the corporate workplace to meet user expectations and leverage new technologies to boost worker productivity.
IT needs to balance productivity with security and coordinate business justification with the various line of business (LOB) owners to implement BYOD programs within an enterprise. On one hand, employees are demanding access from devices not only within the corporation, but also beyond the firewall. On the other hand, risk management dictates that corporate data must remain protected. With employees using personal devices for mission critical job functions, mobile device managers (MDM) are becoming increasingly important. Functions such as ensuring that a device can be locked and wiped remotely in case it gets lost or stolen or when the employee is terminated are becoming a necessity.
Benefits of BYOD
Let’s look at some benefits that BYOD offers.
First, BYOD generally shift costs to the user. With the employee paying for most, or all of the costs for the hardware, data services, and other associated expenses, companies save a lot of money.
Second benefit is employee satisfaction. Employees have the laptops and smartphones they have for a reason -– those are the devices they prefer. They like them so much that they do not mind paying for them. Employees may also prefer to reduce the number of devices they carry while traveling; before BYOD, traveling employees would carry their personal and company-provided devices (i.e. two mobile phones/smartphones, two laptops, for example).
Third, BYOD devices tend to be more cutting-edge, so the organization gets the benefit of the latest features and capabilities. Employees also upgrade to the latest hardware more frequently than the slower refresh cycles at most organizations.
As much as the BYOD trend has brought many benefits, it has brought many challenges as well. From a user perspective, there are requirements and challenges to address. The author details these requirements and challenges in the video.
IT Organization Requirements
On the surface, BYOD connectivity may look like a simple extension of enterprise mobile services, however user expectations and the diversity of devices create unique infrastructure demands and challenges for IT operations to support mobility. With the adoption of BYOD, the workspace needs to cater to the demand for increased consumerization, mobilization, and virtualization. It requires additional capabilities, and tools to further facilitate worker productivity and ease of use, while adhering to company policies and security guidelines.
Tip of the Iceberg
For any widespread adoption of BYOD, there are a number of factors that need to be considered. End users may look at BYOD very simply; they just want their devices to work on the network, to access applications. However, Is implementing BYOD that simple for an organization?
What If You Could Solve It?
What if all the different requirements from CEO, from the CIO, from the different functions and end-users can be met?
What if innovation can be speed up by opening the network and foster collaboration with customers and partners, while lowering IT cost and complexity of connecting devices?
What if organization can let the employees have greater freedom of choice while protecting intellectual property and without compromising security?
What if the employees can work flexibly without compromising the way the business run? This will motivate employees and increase morale.
New Workplace Trend
The shift in workplace trend is apparent with the BYOD trend. This is an important factor for consideration in adopting BYOD for the workplace.
A Company-Wide Project
In summary, BYOD is not just a IT project, it is a multi-technology, company-wide project that touches the corporate infrastructure, mobility, manageability, security, and policy control. The decision to invest in full BYOD deployment is increasingly shifting from IT alone to the various business owners. Both business and IT considerations need to be taken into account when implementing BYOD.
Solution Building Blocks
Now that we saw the various challenges of BYOD, an organization cannot use point solutions for BYOD, but needs to take an architectural approach by building layers to support all the devices.
Different businesses will approach BYOD with different expectations across a spectrum of adoption scenarios. An organization’s business policies will dictate the network access requirements which their BYOD solution must enforce. The following are examples of access requirements an organization may enforce:
- Limited Access
- Basic Access
- Enhanced Access
- Advanced Access
High-Level Solution Architecture
Cisco provides a comprehensive BYOD solution architecture, combining elements across the network for a unified approach to secure device access, visibility, and policy control. To solve the many challenges described earlier, a BYOD implementation is not a single product, but should be integrated into an intelligent network.
Some of the essential components supporting BYOD and their functions are briefly highlighted below:
Cisco Adaptive Security Appliance (ASA)
Cisco Adaptive Security Appliance provides traditional edge security functions, including firewall and Intrusion Prevention System (IPS), as well as providing the secure VPN (AnyConnect) termination point for mobile devices connecting over the Internet, including home offices, public WiFi hotspots, and 3G/4G mobile networks. The ASA delivers solutions to suit connectivity and mobility requirements for corporate-owned devices as well as employee-owned laptops, tablets, or mobile devices.
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE) is a core component of the Cisco BYOD solution architecture. It delivers the necessary services required by enterprise networks, such as Authentication, Authorization, and Accounting (AAA), profiling, posture, and guest management on a common platform. The ISE provides a unified policy platform that ties organizational security policies to business components.
The ISE also empowers the user to on-board their device through a self-registration portal in line with BYOD policies defined by IT. Users have the flexibility to bring their devices to their network with features such as sponsor-driven guest access, device classification, BYOD on-boarding, and device registration.
The ISE is able to integrate with third-party Mobile Device Managers (MDM) to enforce more granular policies based on device posture received from the MDM compliance rules.
Mobile Device Managers (MDM)
Mobile Device Manager is a software that is designed to secure, monitor, and manage mobile devices, including both corporate-owned devices as well as employee-owned BYOD devices. MDM functionality typically includes Over-the-Air (OTA) distribution of policies and profiles, digital certificates, applications, data and configuration settings for all types of devices, while considering relevant parameters such as various device types with diverse operating systems and user roles and locations in a BYOD implementation.
Cisco Prime Infrastructure
Cisco Prime Infrastructure (PI) manages wireless and wired network infrastructure while consolidating information from multiple components into one place. Prime Infrastructure gives a single point to discover who is on the network, what devices they are using, where they are, and when they accessed the network.
Cisco Prime Infrastructure interacts with many other components to be a central management and monitoring portal. Prime Infrastructure has integration directly with two other appliance-based Cisco products, the Cisco Mobility Services Engine (MSE) and Identity Services Engine (ISE) for information consolidation. Prime Infrastructure controls, configures, and monitors all Cisco Wireless LAN Controllers (WLCs), and by extension, all Cisco access points (APs) on the network. Prime Infrastructure also configures and monitors Cisco Catalyst switches and Cisco routers.
A Healthcare Example
Enterprises and some industries are embracing BYOD. Find out how BYOD is used in a healthcare environment, and the business potentials that it brings for some of the industries.
In summary, BYOD impacts all areas of IT, and the businesses, it is not about using your personal device at work, in school. BYOD is a multi-technology project that touches the corporate infrastructure, mobility, manageability, security, and policy control.