Preventing a BYOD Free-for-All
"You have to pull the needs and the demands of an IT organization together with what the users want. You definitely have to pull it together, try to satisfy the IT governance and the policies that we set up, and balance that against what the users are saying, 'I have to have this in order to get my job done,'" said Carol Fawcett, CIO of Quest Software.
The growing acceptance of bring-your-own-device use in the enterprise comes with promise and perils.
Allowing users to own and maintain and work on computing and mobile devices of their choosing is starting to make sense for more organizations. The experiences of one company, Quest Software, which has begun supporting BYOD with the full blessing of IT, serve as an example.
This strategy has had benefits far beyond just the users' sense of empowerment, in terms of meaningful IT advancements in centralized applications, control and support, virtual desktop infrastructure use, better disaster recovery practices, and better data protection. Quest has used a variety of tools to manage the risks as well.
Listen to a conversation about how BYOD is working at Quest Software, featuring Carol Fawcett, CIO of Dell Software and the former long-term CIO of Quest Software. Conducting the interview is Dana Gardner.
Download the podcast (29:54 minutes) or use the player:
Here are some excerpts:
Dana Gardner: I'm really intrigued with this BYOD thing. Just a year or two ago, people were saying, "What?" and scratching their heads, saying, "Are you kidding? You're going to let your users choose their device?" But as this has been put into place and some of the implications have been thought through, it seems to be an interesting possible benefit set.
So let me start with where you began. What were the challenges, or what were the forces or trends at work, too, that got you all at Dell Software involved with BYOD?
Carol Fawcett: I don't think that we actually necessarily started down the path of a BYOD project, because as many listening will know, this started years ago. We started a project where we said we wanted to enable our users to access applications and data on a select set of devices, which for us started with the obvious, the iPad. Then came the Android smartphones, and the list continued on.
This list will continue to grow as time goes on and new devices are brought in. The good news is that there are product offerings now in the marketplace that are helping with that demand and helping IT departments everywhere.
So instead of looking at it as BYOD, it's now turned into a BYO-x phenomena that the C-level started. And as everyone in an organization saw them bringing different devices into meetings, of course, they all wanted to jump on the bandwagon. Slowly but surely, the wave began, and that's how we got where we are today.
Gardner: This is interesting. There is a sort of direction from the user side, which is to say, they probably like the choice and they had some personal preferences, or they've been able to be more productive in their personal lives using certain technologies.
Then there has also been this direction from the enterprise, which is to say, they like the idea of centralizing, controlling apps and data. And then delivering those out to devices -- like with VDI -- can be a way of encouraging this control. It's almost like a confluence of two forces -- VDI and BYOD -- that make a whole greater than the sum of the parts. And we don't see that very often in IT.
Pull It Together
Fawcett: It's one where you have to pull the needs and the demands of an IT organization together with what the users want to go to, and that's just what we're seeing out there everywhere in the industry. You definitely have to pull it together, try to satisfy the IT governance and the policies that we set up, and balance that against what the users are saying, "I have to have this in order to get my job done."
Gardner: It sounds as if some of the basic principles and benefits of VDI come to play here. That is to say, the provisioning, the control, the access management. So is there a fortuitous intersection of where VDI was entering into more and more organizations -- particularly those that want to control for security or regulatory purposes or intellectual property control, that sort of thing -- with this idea of multiple devices, multiple panes of glass, full mobility.
Did that play a role there, too? Were you already going down a VDI track or trajectory and this helped you get to BYOD quicker and better?
Fawcett: We started down the VDI path. In fact, many companies did years ago, when we started to do more with offshore resources. We wanted to have offshore resources, we wanted to give them desktops, but we wanted to make sure they were secure. That was the first introduction of where VDI makes a lot of sense, where you want to secure data, have folks doing coding, but knowing they can't take code with them. That's the way it started.
But then you start to find other use cases for VDI that really start to benefit the rest of the user community. VDI is one of those things that started a while back and now has slowly grown into this BYOD solution.
Gardner: Did you know how much BYOD was going on there? How did you find out and how would it become something you could control?
Fawcett: That's the question of the hour. I'd love to be able to say that we knew exactly how many people were bringing in what kinds of devices, but the reality is, we are a technology company, so some of our policies may be more relaxed than the policies of companies outside our realm.
For example, in a bank or in the government, you can pretty much lock down an environment, and every employee coming in knows it's going to be locked down because of who they are and who they work for.
Our organization is made up of technologists located around the world. You know some of them are looking for ways around the fences. It's just built into their nature. It's almost like a competition for them, "Can I figure this out?" Now add in the remote and traveling users and you can see how this expands the challenge as time goes on.
Gardner: Was there anything in particular in the Quest Software portfolio that you think gave you an on-ramp, perhaps a better return on investment, and even overall better control and management, as you move toward this BYOD, support of many panes of glass, centralized IT management direction?
Fawcett: Yes, we are drinking our own champagne, and it all goes back to where you just asked me if I knew how much BYOD was actually in our environment. That's where we started using one of the first phenomenal tools that we have, which is called "MessageStats." This is a great tool that reaches out and helps us track the trending within the organization at a macro and micro level. We know which devices and OS versions are being used, by whom, and at what time.
In fact, I asked my team just recently, when we first started talking, "Can you pull a list on all the devices that I use, that are registered to me?" So I saw my own list of the devices and I was shocked to see how they actually are tracked, right down to the level of when was the first time I ever connected the device to the network, last successful sync, last policy update, what kind of device was it.
It was so granular, and quite frankly, it was so very Big Brother-like, it kind of scared me. But again, you can't make a solution for what you don't understand. So assessing with MessageStats is the only way to go.
Then once we understood it, we said, "Now that the process is moving, let's figure out what type of device is right for what type of user." And this is where we turned to vWorkspace, which enabled us to determine which of the users and scenarios are best suited for the virtual desktops in the data center.
In addition, it provided a critical insight as to which virtual desktop technologies provide the best fit for each user, based on their needs. So vWorkspace allows us to not only put a desktop in the data center, but it lets us do things like application streaming and publishing. It really enables us to have that broad spectrum of functionality with just that one tool.
Once we were up and running, we stepped into the management and governance aspect of the project. This can probably be one of the most problematic areas, when you think about the pure nature of BYOD. Multiple devices for a given user, each acting very differently, and if not managed, could destroy any governance policy put in place.