Charting Our Future
Device Independence - BYOD -
BYOD: Bring your own device to work day
What is BYOD? BYOD (Bring Your Own Device) As distinguished from BYOC (Bring Your Own Computer); or BYOT (Bring Your Own Technology) Users have their own personal devices and they want to use them for work Tablets Smartphones
Business Drivers Why are we doing this?
Why BYOD Now? According to the Cellular Telecommunications Industry Association (CTIA) report released in the fourth quarter of 2011, there were more mobile devices in the United States than people!* * CTIA s Semi-Annual Wireless Industry Survey, June 2011
Trends Work from home initiatives Work is no longer 9-5 Anywhere / Anytime access required Just want to work when and how I want Users are more savvy about technology Socials networks make it easy to share information
Reasons for Pushing for BYOD Users want to use their own device, or rather the latest, coolest device People work differently a single device does not support that There is comfort in familiar technology what I ve been using @ home Independence of being able to select own applications to supplement work habits
Is it really about BYOD? Users may not want their own device Cost, Support, Warranty but they want something better than a single offering corporate device Users @ home are outpacing corporate offerings Faster better ways to do things at home, expect to be able to do the same at work The modern workforce is changing
Firm Considerations Who owns the data? How do you manage / audit data access / download to a device? Accidental loss of data from missing/lost device is a firm risk Data is going to end up on the device All you can do is try and protect it Separate data from apps
IT Considerations Number and variety of devices to support Remote wiping/monitoring of devices and content Non-business uses of devices Ownership of devices and the content on them Security of data, devices from malicious software Permitted vs non-permitted, possibly intrusive apps Device specific challenges Is the device jailbroken? Does it have a keyboard logger?
Risk Considerations Used to be a single security model for everyone Belief that end to end control provided a secure environment Mobile device malware is a relatively new phenomenon Mobile malware rose 155 percent in 2011, according to a report by Juniper Networks
Strategies for Success
What should IT be doing? Provide guidance to consumers about the devices they are buying Do you allow any device? Even those without enterprise support? IT being bypassed resistance from IT is keeping them out of the loop on what people are doing Design for risk mitigation Find ways to say yes will address security
Mobile Device Management (MDM) MDM requires user acceptance of administrative device management / access In some cases may require application of restrictions on personal devices Virtualization for true BYOD security With virtualization, you keep the data off the device, no need to modify the device
Support Models for BYOD Own what you manage/manage what you own Need to manage the device? Own the device Consider giving users ipads BYOD keep it personal Don t try to manage the device Provide secure access methods (e.g. VDI, XenApp)
Strategies for Success Create a mobile computing policy Define a support infrastructure and plan Implement an MDM solution Implement VDI Be flexible No single approach will address all use cases Evaluate what users are trying to accomplish review use cases Security is not one size fits all Refocus on networking connectivity is key
MDM Solutions
Primary MDM Feature Sets Software Distribution Management and support for mobile application deploy, install, configure, update, delete / block Policy Management The development, control, operations and enforcement of enterprise mobile policy Inventory / Fleet Management From basic inventory controls and provisioning to support Security Control The enforcement of device security, authentication and encryption
Gartner Magic Quadrant for Mobile Device Management Software April 11
Company Info: Founded 2003 Atlanta, GA Company foundation in wireless network management market and ruggedized devices Supports Android, iphone, ipad, Blackberry models, Symbian, Windows Mobile and Windows 7 80% Revenue from domestic clients, 20% International Product / Service Cloud-Based Saas Model available Management console has effective dashboard and detailed reports Promotes policy management in non-microsoft email server environments: POP/IMAP/SPTP Mail server, Lotus Domino, GroupWise and GMail
Company Info: Company foundation in mobile applications Long history in legal vertical Thousands of clients globally Product / Service Supports Android, iphone, ipad, Blackberry models, Nokia S60, Windows Mobile and Windows 7 Its device independent application of FIPS-certified, on-device AES encryption of all files, thumbnails, and metadata - helps it as a viable solution for Apple device support (Good Client required) Can validate and authorize applications prior to them connecting to the corporate network Supports Microsoft Exchange and Lotus Domino
Company Info: Company based in Mountain View, CA product launched in 2009 Market Share has outpaced most MDM platforms this past year. Primary client base is North America and Western Europe Product / Service Supports Android, iphone, ipad, Blackberry models, Symbian, Windows Mobile and Windows 7 SaaS - MobileIron Connected Cloud Emphasizes life cycle management, includes usage monitoring, cost control, version control and application deployment. Strong support for corporate and personal devices Sleek UI, dashboard and robust reporting Lacks its own security model - Fully integrated with Cisco AnyConnect, which uses certificates for authentication and security.
Company Info: Company owns the longest established MDM platform Afaria was created in 1997 for laptops, released Palm/Windows support in 2000 SAP/Sybase have large global presence Supports Android, iphone, Blackberry, Palm, TabletPC, Windows Mobile and Windows 7 Product / Service Emphasizes full life cycle management; considered most comprehensive and mature MDM platform for managed software distribution Contains embedded VPN in its email client Offers sandbox application isolation from data and VPN connections Tends to be viewed as expensive (2X other offerings)
http://www.enterpriseios.com/wiki/comparison_mdm_providers
Source: http://www.enterpriseios.com/wiki/comparison_mdm_providers
VDI for BYOD
Consumer Behavior Three simple words are changing the world: Whatever, whenever, wherever. - Mark Templeton, CEO, Citrix "In three years more than 80% of the devices connecting to the Internet will not be Windowsbased personal computers. With that kind of scale, we're going to have to see new techniques and new approaches introduced into the world of IT. - Paul Maritz, CEO, VMware Inc
What is VDI? VDI: Virtualization Desktop Infrastructure The use of software to abstract the operating system, applications and associated data from the user s computer.
Standard Desktop & VDI Models
VDI Benefits Management Centralized Fast deployment Security Granular control over data and apps OS Migrations Rapid deployment of new OS to end users VDI images Multiple images for different user needs Snapshot technology Can roll back to previous desktop state
VDI for BYOD Users provide the device IT hosts enterprise data, and provides connectivity and security Applications delivered via the cloud
VDI for BYOD Mobile devices access the same VDI infrastructure as desktop/laptops No less secure than SSL Web Apps No data is stored on device; data still resides within firm s network perimeter No need to manage the device
VDI for BYOD Users are accessing native Windows apps on a mobile screen No learning curve; same as work computer Apps not optimized for touch interface Screen size may limit use
Current VDI Market
Citrix and VMware are Leaders in Desktop Virtualization CTXS and VMW each accounted for ~40% of virtual desktop users within existing deployments 68% of respondents use or plan to use VMware as their server virtualization vendor to support VDI
Citrix and VMware are Leaders in Desktop Virtualization Citrix has the most comprehensive set of technologies enabling customers to effectively deploy a virtualized desktop environment it will remain the leader in the desktop virtualization market. IDC MarketScape: Worldwide Desktop Virtualization 2011 Vendor Analysis (June 2011) Note: Citrix acquired Kaviza in 2011 and Virtual Computer in 2012
Citrix XenDesktop vs. VMware View High Definition User Experience (HDX) and PC Over IP (PCoIP) provide a great end-user experience, close enough to native to satisfy any user. There are only slight differences in the number and types of endpoint devices that Citrix and VMware support. View is best suited for IT shops already invested in vsphere and other VMware technologies. For those shops running Citrix or Microsoft hypervisors, XenDesktop will slide right in and work fine with whatever IT already has in place. VDI shoot-out: Citrix XenDesktop vs. VMware View InfoWorld, Dec 14, 2011
Citrix XenDesktop vs. VMware View Note: XenDesktop is now at version 5.6
Citrix XenDesktop vs. VMware View Note: XenDesktop is now at version 5.6
Application Virtualization
Application Virtualization XenApp, Remote Desktop (Terminal Services) Already present at most Firms Can provide an immediate transition point for BYOD support in advance of VDI Minimal learning curve for IT Similar delivery mechanism and benefits as VDI Downsides Users share server resources Difficult (if not impossible) to provide true personal (i.e. isolated) computing sessions Single app/user session can impact everyone else No personal apps
Discussion