3 steps to safely bringing your own devices (byod)

vdcresearch.com1© 2011 VDC Research Group, Inc.

Mobile & Wireless

3 Steps to Safe Bring Your Own Devices (BYOD)

Host and Moderator: David Krebs, VDC Research

Sponsors;

September 28, 2011

http://www.vdcresearch.com/



Mobile & Wireless

• Welcome

• Panelist Introductions

• BYOD market trends

• Motorola Solutions

• Cloudpath Networks

• Bradford Networks

• Question and Answers

• Wrap up

• Motorola XOOM and Apple iPad2 giveaway

Must be present to win!

Agenda




Mobile & Wireless

How many users are on your network?

<100 101-1000 1,001-10,000 >10,0000

50

100

150

200

250




Mobile & Wireless

How many different device types and OS do you expect to support?

5+ 3-4 1-20

50

100

150

200

250

300




Mobile & Wireless

How important is it to distinguish between corporate-owned and employee-owned devices?

Very Important Somewhat important Not important0

50

100

150

200

250

300

350




Mobile & Wireless

What are your concerns about supporting BYOD?

Device

sec

urity

(malw

are,

pat

ch, e

tc.)

Regist

ering

/Iden

tifyin

g de

vice

and

user

s

Device

con

figur

ation

for W

i-Fi s

ecur

ity

Downlo

ading

/sha

ring

illega

l/una

utho

rized

files

Role b

ased

acc

ess

0

50

100

150

200

250




Mobile & Wireless

• The population of mobile workers is rapidly increasing and has reached over 1 billion workers in 2011.

• Mobile workers demanding access to critical (corporate) information to enable real time distributed decision making and transaction processing.

• Consumerization driving shift in balance of power from corporate IT to the employee/consumer.

• Consequence is influx of personal devices and multiple OS platforms infiltrating enterprise environments.

• Large amounts of sensitive corporate data is and will be accessed on these mobile devices.

• With growing corporate support of personal devices critical to ensure key enterprise management and support policies that span the device lifecycle.

BYOD : Key Takeaways




Mobile & Wireless

Enterprise Mobility Challenges and OpportunitiesP

RIO

RIT

Y R

AN

KIN

G

Benefits & Business Drivers

1. Empower employees to be more productive

2. Improved customer service

3. Fast, reliable wireless communications

4. Improved decision making capabilities

5. Mobilization of business processes and line of business applications

1. Multiple platform support

2. Security and device management concerns

3. BYOD

4. Application and platform fragmentation

5. Lifecycle management

6. Applications deployment and management

Challenges




Mobile & Wireless

Employee purchased only: Any phone

Employee purchased only: Approved list

Both company and employee purchased: Any phone

Both company and employee purchased: Approved list

Company purchased only

0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 45.0% 50.0%

2.3%

3.2%

12.5%

36.3%

45.6%

Mobile Policy for Smartphones

Over 50% of organizations provide some level of support for personal/individual devices

Enterprises Introducing BYOD Policies

Source: 2011 VDC Research survey of 864 mobile decision makers




Mobile & Wireless

Mobile & Wireless Solution Requirements Will Differ by Worker Type

Road Warriors & Executives

(Knowledge Workers)

Mobile Office Professional

(Corridor Warrior)

Campus Mobile Worker

• Wireless Email

• Dashboards

• BI/CI

• Mobile CRM

• Approvals

• Expense Reporting

• Workflow Management

Mobile Worker

Target Applications

Preferred Device

Technical Requirements

Field Mobile Worker (Task/Line Worker)

• Wireless Email

• Time & Attendance

• Approvals


• Mobile browser

• 4G+ GPS

• Push email

• Image capture

• Device Management

• 3rd-Party Apps

• Security support

• Push Email

• Active Sync

• Application Partitioning

• WiFi

• Mobile Browser

• 3G+ GPS (4G emerging)

• Image Capture

• Device Management

• 3rd-Party Apps

• Durability/Ruggedness

• DECT Functionality

• WiFi

• 3rd-Party Apps

• Image Capture

• Wireless Email


• Approvals



• Dispatching


• Vertical Applications

Mobile Worker Population

28.2M

111.6M

370.5M

196.6M



http://images.google.com/imgres?imgurl=http://www.mobiletopsoft.com/images/news/htc_touch_Elf_front-celsius.jpg&imgrefurl=http://www.mobiletopsoft.com/board/tag/windows_mobile_6_professional/2/date&usg=__oiZxGLQz8OLQgyjqPDQaG0-rSJM=&h=2516&w=1539&sz=595&hl=en&start=2&tbnid=iy5DoCoyNefWWM:&tbnh=150&tbnw=92&prev=/images?q=HTC+Touch&gbv=2&hl=en


Mobile & Wireless

Organizations Are Moving Beyond Email to Enterprise Applications

Wireless email

Personalized contacts

Content/employee portal

Inventory management

Field service managament

Sales force management

Customer interation management

Logistics management

Workforce analytics and management

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%Fully deployed Rolling out or partial deployment Evaluating or pilotingNo plans Don't know

Source: 2011 VDC Research survey of 864 mobile decision makers




Mobile & Wireless

From on-boarding and policy management to end of life

Device and Application Management Critical to BYOD Success

Customer Issues

Deployment Complexity

Remote Management

Application Management

Security Management

LOWER TCO DATA SECURITY

OUT OF BOX EXPERIENCE EFFICIENT APP DEPLOYMENT

• OTA device provisioning• Software configuration

• Device diagnostics• OTA fixes• Validate settings

• OTA push of applications and updates

• Seamless version control

• Security• Remote lock and wipe



MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service

names are the property of their respective owners. © 2010 Motorola, Inc. All rights reserved.

B.Y.O.DBring Your Own DeviceConsiderations & Solution Components

Tajinder (TJ) MaanDirector Enterprise Networking & Communications (ENC)Motorola SolutionsSept 28th, 2011



WiFi Network Considerations

IT Strategy

WLAN Design

Authentication

DeviceOn-boarding

AccessControl

Captive Portal or EmailAuto device configuration

Existing Infrastructure: Corporate SSID + Guest SSIDBYOD – Secure Separate SSID / Corporate SSID?

802.1x – PEAP / TLS Pre Shared Key

Role Based FirewallAccess Control Policies

What Personal Computing devices today & in future?



ComplianceOn-BoardingInfrastructure

CONTROLLERS & ACCESS POINTS

PERFORMANCE & CAPACITY CONTROLS

WiNG5 ROLE BASED FIREWALL &

INTEGRATED WIPS

MSP AGENT

MOBILITY SERVICES PLATFORM

1. SmartRF2. AirTime Fairness3. Smart Band Control4. Smart Load Balance

CAPTIVE PORTAL

1. Hotspot Web Pages2. Built in Radius3. External LDAP

Express BYOD Solution

Motorola WiNG 5 Motorola MSP Motorola WiNG5



ComplianceOn-BoardingInfrastructure

CONTROLLERS & ACCESS POINTS

PERFORMANCE & CAPACITY CONTROLS

WiNG5 ROLE BASED FIREWALL &

INTEGRATED WIPS

XpressConnect ON-BOARDING

1. SmartRF2. AirTime Fairness3. Smart Band Control4. Smart Load Balance

Advanced BYOD Solution

Motorola Cloudpath Bradford

NEXT GENERATIONNAC

1. Hotspot Web Pages2. Built in Radius3. External LDAP

WiNG 5CAPTIVE PORTAL

Qu

ick

. E

as

y.

Se

cu

re.

Colorado.edu

Kevin KosterFounder, Technical Lead

Cloudpath Networks

Qu

ick

. E

as

y.

Se

cu

re.

Keys to On-Boarding

Provide Simple Connectivity

Self-Service & Intuitive

Multiple Platforms

Scalable & Sustainable

Protect Users

Protect The Network

Without Compromising Security

Qu

ick

. E

as

y.

Se

cu

re.

User/Device Authentication

Over-The-Air Encryption

Network Authentication

Open

No.

No.

Click to Join. Requires configuration

Security Considerations

Ease Of Initial Access

Usability Considerations

Ease of Ongoing Access Captive Portal Fatigue

Captive Portal Integrated

Integrated

Integrated

Standards-Based Policy No. Integrated

SSID SelectionWPA2-Enterprise

Automatic Reauthentication

Qu

ick

. E

as

y.

Se

cu

re.




Open

No.

No.

Click to Join. Requires configuration




Ease of Ongoing Access Automatic ReauthenticationCaptive Portal Fatigue

Captive Portal Integrated

Integrated

Integrated

Standards-Based Policy No. Integrated

WPA2-Enterprise

SSID Selection

Qu

ick

. E

as

y.

Se

cu

re.

SSID Selection




No.

No.

Requires configuration




Ease of Ongoing Access Captive Portal Fatigue

Captive Portal

Standards-Based Policy No.

Click to Join.

Integrated

Integrated

Integrated

Integrated

Automatic Reauthentication

Open WPA2-Enterprise

Qu

ick

. E

as

y.

Se

cu

re.

XpressConnect On-Boarding

New user connects to open (guest) SSID.

Captive portal provides link for secure network.

XpressConnect configures and moves user.

Qu

ick

. E

as

y.

Se

cu

re.

XpressConnect Capabilities

Install Client Certs & Trusted CAs

Interact with Microsoft CA & Others

Differentiate IT-Issued vs. BYOD

Millions of Users Worldwide

Credentials (PEAP) or Certs (TLS)

WPA2-Enterprise & PSK

Android, Apple iPad, iPhone, iPod

Windows, Mac OS X, Linux

Qu

ick

. E

as

y.

Se

cu

re.

Keys to On-Boarding

Provide Simple Connectivity

Self-Service & Intuitive

Multiple Platforms

Scalable & Sustainable

Protect Users

Protect The Network

Without Compromising Security

WPA2-Enterprise


BYOD and Your Business

ACCESSSECURITY

Striking a Balance

• Security vs. Accessibility• Enabling the business while protecting it

Visibility is Crucial

• Knowledge of who, what, where, when, how …• Network-wide, right out to point of access


Next-Generation NAC

An adaptive network security approach that leverages the entire network environment


Visibility and Automation


Mobile & Wireless

Stop by and see us at EDUCAUSE 2011Philadelphia, PA October 18-21

Booth #1739,1741 Booth #2007 Booth #701



3 steps to safely bringing your own devices (byod)

Technology

based policyusability

air encryptionnetwork

boardingprovide

intuitivemultiple

time amp

service amp

initial accessclick

requires configurationease