Clock IconFacebookLinkedInTwitteranalytics-iconBell LogoShapecollaboration-iconconsulting-iconcustomer-x-iconGplusHamilton Logo 2013 - white-trimmedPage 1ShapeIcon - Law Enforcement Copy 2e029support-iconsupporticontalent-icontraining-iconpath-1

BYOD and data security

Back to Case Studies

Overview

How do you put the right enterprise apps on the right BYOD devices without jeopardising data security?

You make them available in a way that makes sense.

Key points

In many large businesses, smartphones and tablets are ubiquitous. People like the flexibility they offer, not to mention that they can easily function as a dual-purpose work-and-personal device.

There are lots of reasons an organisation might want to embrace the world of bring-your-own-device (BYOD) – from flexible working practices that keep your most talented staff happy and productive, through to being able to dispense with costly hardware upgrade cycles on enormous PC and laptop estates.

But once that decision has been taken to allow people the dual-purpose flexibility of BYOD, other potential problems start to rear their heads.

Sometimes things can be too mobile

It is increasingly common for employees to use their smartphone to access corporate data, their business email and contacts. And when they do, there it sits on their phone. Your data. On their phone. Which they leave in the back of a taxi, or in a pub, or on a train.

Their phone is gone and with it, your data and whoever now has the handset has potentially just gained the means to access other parts of your corporate network or other data sets.

Breaking up is never easy

Employees leave – sometimes by choice, but not always.

When they do, you have a similar situation to the one above – they have your data on their device and once they leave (or are fired) your options are pretty limited in terms of getting that data back.

Experiences of a Portal customer

We have worked with one of the world’s largest industrial conglomerates to help crack some of these problems. Here was a business that wanted to actively encourage BYOD take-up but simply would not tolerate putting itself at increased risk because of it.

Separating out corporate and personal data is a relatively obvious thing to do. But presenting users, the employees of the business, with work-related apps they would want to use and that they would get value from, is not quite so straightforward.

Portal identified several methods for building the apps, which although technically demanding and rigorous was only the first part in creating a working solution. 

Using technology called DME (Dynamic Mobile Exchange) from Excitor we went on to create an app store for the customer, into which apps can be submitted and reviewed – just like in a consumer-facing app store environment that people are familiar with – all within a secure AppBox.

It is an HTML5 based system which runs across multiple device platforms, and is perfect for businesses who want to embrace the advantages of BYOD but who don’t want to have to put up with the ‘Wild West’ approach to security. Or lack of it.

The app store back-ends into IBM Domino applications and data-sources, but that is only because of this particular customer’s preference. It could just as easily be configured to work with, for example, Microsoft Sharepoint.

Five apps have been launched, including company news, competitor knowledgebase, and an internal contact directory. There is also a corporate bookstore which contains everything from reports and reviews through to video messages and podcasts.

Alongside the corporate app store, this particular client benefits from secure mail, calendar and contacts – using Excitor’s DME Email and PIM solution. It’s presented in an easy to use single sign-in manner. There are two key principles at play here; to deliver a consistent user-experience so the apps feel simple and easy to use, and to deliver it through a 'container' approach so it is instinctively apparent to the end user that there is a dividing line between the work and private domains on their device.

This 'containerised' approach to device management was the preferred choice of the client we have been discussing in this situation; other approaches, such as granular Mobile Application Management solutions may suit your organisation. Portal has the right credentials to work with you, and help make the right decision for your organisation.