BYOPC Strategy: Policies and Problem Solving

Page 1

BYOPC Strategy: Policies and Problem Solving


BYOPC Strategy: Policies and Problem Solving

When it comes to developing a Bring your own PC Contents Creating BYOPC Policies: A Win-Win for IT and Users BYOPC Support: How to Troubleshoot Before Issues Emerge

(BYOPC) strategy, the first and most important step is to implement BYOPC policies. Once these policies are set in place, it makes it easier to be proactive in troubleshooting issues. This expert E-Guide dives into the benefits of creating BYOPC policies and the tasks to consider before problems arise. Creating BYOPC Policies: A Win-Win for IT and Users By: Dan Sullivan The first step in developing a BYOPC strategy is to create BYOPC policies, and for this you need to understand the scope of your strategy. Jumping into implementation without knowing what you are implementing will likely waste time. You should consider acceptable use, liability, privacy, governance and enterprise-supported device policies. Create and define BYOPC policies When a company purchases, provisions and supports a computer, the company understandably expects to have full control over how employees use that computer. In a bring your own PC (BYOPC) environment, the lines of responsibility around proper use are blurred. For example, a business may decide that employees shouldn't use company owned desktops for personal tasks, such as tracking a family budget. This is precisely the kind of thing many employees would do with their own PCs, and they may not think that using a corporate device is any different. Balancing the family budget with a company PC is unlikely to cause any problems, but devices with inappropriate material, such as illegally downloaded media or pornography, could become a human resources issue. Your organization should also clearly state BYOPC policies governing topics such as harassment with respect to personally owned devices.

Page 2 of 7

Sponsored by


BYOPC Strategy: Policies and Problem Solving

One of the most important BYOPC policies is an acceptable use policy, which should specify the device owner's responsibility for protecting

Contents Creating BYOPC Policies: A Win-Win for IT and Users BYOPC Support: How to Troubleshoot Before Issues Emerge

corporate information. For instance, employees should take care to protect personal devices that store sensitive data from loss or theft. If users install unauthorized applications on the same PCs that access corporate systems, IT must mitigate the risk of a user's PC eventually transmitting malware to company computers or data leaking through an inadequately secured PC. IT can implement security controls in various ways, including verifying that anti-malware and personal firewall software are installed and up to date. When an employee's device does not meet minimal BYOPC security requirements, you can deny it access to the corporate network. Network administrators can require virtual private network use to further protect communications between business systems and the employee's P C. IT professionals may determine that the best way to balance protecting the business while allowing BYOPC is to use virtual desktops and applications. With this approach, an employee connects to an access gateway to reach a centrally managed virtualized application or desktop. This allows IT admins to maintain control over corporate apps and data without implementing substantial controls on employee-owned PCs. In such a scenario, you'd need to define policies describing how to use the virtualized desktops, establish access restrictions and describe how users would be grouped according to their roles and responsibilities. Comprehending the intricacies of liability will no doubt require legal advice. Some instances that may raise liability questions include a private or confidential data leak from a personal device and personal data loss because of a business application error, or as a result of poor advice from technical support. User agreements can capture company policies, but employees should understand the details of those policies. Having an employee click through an end-user agreement may meet legal requirements for consent, but it does not mean employees understand the scope of the policies.

Page 3 of 7

Sponsored by


BYOPC Strategy: Policies and Problem Solving

It's better for an employee to know up front that the business retains the right to alter a device connected to the corporate network -- including erasing

Contents Creating BYOPC Policies: A Win-Win for IT and Users BYOPC Support: How to Troubleshoot Before Issues Emerge

personal data -- than to find out unexpectedly that the family photos are gone for good. When you describe key provisions of end-user agreements, it is also a good time to review best practices for protecting personal data, such as performing regular backups. Clearly state your BYOPC policies and your privacy policy. Will the business download data from the employee's personal computer? For example, some mobile device apps download contact lists from mobile devices after installation. Users may have agreed to this by clicking through the end-user agreement, but it was a surprise to many and created a public backlash in at least one data-mining case. If you intend to perform operations on a personally owned computer, such as scanning for malware or checking security configurations, tell employees before you do it. Employees who do not wish to have required operations performed on their devices should be denied access to the corporate network. About the author Dan Sullivan, who holds a master's degree in computer science, is an author, systems architect and consultant with over 20 years of IT experience, with engagements in advanced analytics, systems architecture, database design, enterprise security and business intelligence.

BYOPC Support: How to Troubleshoot Before Issues Emerge By: Dan Sullivan Once your policies and security practices are in place and your employees are working with enterprise applications, you'll start getting BYOPC support requests. Consider how IT administrators will troubleshoot problems with users' personal devices. Ideally, the BYOPC support staff will have its own devices running all company-supported platforms. IT support groups should test

Page 4 of 7

Sponsored by


BYOPC Strategy: Policies and Problem Solving

enterprise applications on various devices before announcing support for them.

Contents Creating BYOPC Policies: A Win-Win for IT and Users BYOPC Support: How to Troubleshoot Before Issues Emerge

Establish guidelines that outline what types of BYOPC support advice you'll offer -- for example, don't suggest wiping the device -- and set limits on the time and resources that you'll dedicate to troubleshooting employee-owned PCs and related devices. When using virtual desktop environments, determine which clients you support and test for usability and performance. As part of enterprise support of BYOPC policies, consider the following tasks: 

Define acceptable use policy.

Understand liability and privacy issues (now would be a good time to call your legal department).

Formulate a governance model and understand what role, if any, end users will have in setting or changing policies.

Determine which enterprise applications will be accessible in BYOPC and under what circumstances (e.g., Application X can only be used when on a virtual private network or through a virtual desktop).

Specify BYOPC authentication and encryption requirements.

Determine how you will enforce policies. Will existing management systems, such as Exchange ActiveSync, meet your needs, or will you need mobile device management software?

Create a list of requirements for managing personally owned PCs. Assess existing systems for meeting those requirements, and then consider if additional functionality is needed.

Assess your ability to support multiple applications on multiple platforms. What limits will you have to prevent undue burdens on IT support staff?

Page 5 of 7

Sponsored by


BYOPC Strategy: Policies and Problem Solving



Determine which methods for delivering enterprise applications your organization will support, and test enterprise applications for usability and performance.

Contents Creating BYOPC Policies: A Win-Win for IT and Users BYOPC Support: How to Troubleshoot Before Issues Emerge

The success of a BYOPC strategy depends in large part on the ability of desktop administrators to help executives and managers understand its risks and benefits and to implement policies and enforcement mechanisms. Administrators will be required to work on a wide range of BYOPC support tasks, from specifying security controls and evaluating applications to determining the best methods for enforcing policies. Implementing a BYOPC or BYOD program is challenging because it requires you to keep in mind the best interests of the business and employees while maximizing the benefits to both. About the author: Dan Sullivan, who holds a master's degree in computer science, is an author, systems architect and consultant with over 20 years of IT experience, with engagements in advanced analytics, systems architecture, database design, enterprise security and business intelligence.

Page 6 of 7

Sponsored by


BYOPC Strategy: Policies and Problem Solving

Contents

Free resources for technology professionals TechTarget publishes targeted technology media that address your need for

Creating BYOPC Policies: A Win-Win for IT and Users

information and resources for researching products, developing strategy and

BYOPC Support: How to Troubleshoot Before Issues Emerge

analysis and the Web’s largest library of vendor-provided white papers,

making cost-effective purchase decisions. Our network of technology-specific Web sites gives you access to industry experts, independent content and webcasts, podcasts, videos, virtual trade shows, research reports and more —drawing on the rich R&D resources of technology providers to address market trends, challenges and solutions. Our live events and virtual seminars give you access to vendor neutral, expert commentary and advice on the issues and challenges you face daily. Our social community IT Knowledge Exchange allows you to share real world information in real time with peers and experts.

What makes TechTarget unique? TechTarget is squarely focused on the enterprise IT space. Our team of editors and network of industry experts provide the richest, most relevant content to IT professionals and management. We leverage the immediacy of the Web, the networking and face-to-face opportunities of events and virtual events, and the ability to interact with peers—all to create compelling and actionable information for enterprise IT professionals across all industries and markets.

Related TechTarget Websites

Page 7 of 7

Sponsored by


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.