The Challenge of Supporting BYOD
Do you ever see people carrying around more than one smartphone? Are you one of them? Sometimes this a temporary arrangement: the user is “between phones” as they switch models or provider. Sometimes the reason is even simpler, but very compelling: the camera on one phone is broken but the user still wants to take pictures (many people no longer own a “traditional camera”). In most cases, though, the user is choosing to, or being forced to, keep work and personal use separate.
But in recent years work and personal lives have been spilling over into one another. “Always-on” connectivity, which now even extends to airplanes in flight, means we have the flexibility, but maybe also the imperative, to work, sometimes outside of normal business hours, wherever we are. Combined with the “consumerization of IT”, where we expect to use the same familiar, snazzy and convenient devices and apps at the office as we use ‘at home.’ With more and more millennials entering the workforce, workers expect to bring and continue to use their smartphones on the job. This ‘Bring Your Own Device’ (BYOD) mentality poses a number of challenges for organizations, especially for those individuals in charge of information security.
Command and Control
In some heavily regulated industries the solution is in fact straight-forward: thou shalt only use company-issued devices for company business (where “company” may mean private sector enterprises, but also government entities, agencies and contractors, not-for-profit health care providers, and so on). In some cases, personal devices are banned altogether: leave your smartphone at home or in your car’s glove compartment. When done right, all of this is backed up by employee information security certification, routine awareness trainings and refreshers, and detailed auditing capabilities for when the inevitable does happen.
On the other hand, many organizations recognize (dare I say “embrace”?) the benefits of allowing users to bring and use their own device. There is the comfort and convenience factor for the employee, many of whom may have more recent devices than anything that might be offered by corporate IT or its designated, 3rd-party ‘mobile program management’ partner (who may be behind in terms of hardware spec). The employer saves money by not having to procure, issue, and manage an additional set of rapidly depreciating physical hardware (never mind the organizational challenges of determining who does, and who does not, qualify). Under the best circumstances, employers gain efficiencies and engagement, and thus help the bottom line, by leveraging a connected workforce, nearly all of whom have smartphones anyway.
Jargon Done Right
What, then, is the problem? In the world of BYOD, the two-way street analogy applies in regards to information security. How do organizations prevent unauthorized access, or even ‘infection’, via malware or viruses, from a user’s personal device? And how do we prevent and contain information leakage, whereby valuable intellectual property or otherwise private or sensitive information ends up where it is not supposed to be?
Video for BYOD
Video adds a separate dimension to this challenge. By its nature, video content is larger and poses the “performance and compatibility challenge.” Getting video to play back reliably across devices, operating systems, and network connections is a challenge in its own right.
There is no single technology that allows organizations to best support BYOD while limiting risk and costs. But there are several that make the job easier.
Building a video portal for your company is a good first step. This will allow you to consolidate all your video in one place, so you can ensure that it’s all stored and delivered optimally. Some important features to have in your video portal for BYOD:
- Make sure that it’s designed with mobile in mind. That means HTML5, responsive design, and adaptive bitrates for delivery. Ideally, there should be a mobile app for the portal, but you should make sure the site displays nicely on mobile as well.
- Combine with SSO provided via your enterprise directory service. No one wants yet another password to manage.
For those who need more, Mobile Device Management (MDM) solutions provide an additional layer of security and control, including:
- personal device onboarding workflows
- private app stores or catalogs
- secure web browsing
- ‘containerization’ to keep enterprise data separate from personal data and apps
- policy management and enforcement
- dynamic VPNs for certain services
- auditing
If you’re more inclined to do it themselves instead of looking for an out-of-the-box solution, look for native, mobile SDKs. These let you quickly build secure, scalable apps that include robust video management and delivery capabilities.
Although there is no single, technical quick-fix to address the BYOD challenge, building out a centralized, mobile-ready video portal can help reduce those technical headaches.
