次の方法で共有


Simple model for approaching BYOD

For some time I’ve been trying to work out with colleagues how to articulate what I see as a solid model for dealing with consumerisation of IT in the workplace or even allowing people to bring their own devices.  It’s quite tough to find some mental model to help people to understand the kind of approaches that work.  I’m looking for a way to help you manage more than the standard IT desktop, to make more sense of productivity at work and with a view of IT security risks.

coit goodbetterbest

 

The key is balancing the approach: do more with less, more permissive access to less secure stuff.  Most of an organisations “stuff” tends to require less security than IT think.  Be a guide not a gate keeper.

Good, Better, Best, seems to be the most applicable that I’ve found.

GOOD is most open, your users being able to access your network, get IP addresses, get to some apps / services / data.  They probably have to keep entering credentials and they may be storing those credentials on their device.

BETTER is having some modicum of remediation over the device – the ability to remote wipe it for example.

BEST is having an authenticated connection with general purpose security (you could say domain joined PC)

N+1 is having the ability to ensure end to end security, encrypted device, encrypted communications, rights managed documents, remote wipe, policy based management, policy based enforcement.

Not all devices will fit into all categories, in-fact probably only Domain joined Windows PCs will be able to enter the N+1 category (that’s because all the things mentioned are built in from the ground up).  That said most people probably don’t need everything in the N+1 category.  Most organisations will also see their users adding GOOD and BETTER devices to their mobile worker armoury along with a BEST or N+1 devices.

A further note on N+1 is that this is where I see private cloud hosted apps and desktops and there is no reason that a GOOD, BETTER or BEST device can’t be used to access an N+1 hosted app or desktop.

*caveat: this is a simple model, there will be many exceptions, the key is mixture.

Comments

  • Anonymous
    January 01, 2003
    A very nice and simple overview.

  • Anonymous
    June 04, 2012
    Great information. Well, talking about the raising BYOD trend. We are now seeing more and more employees of enterprises willing to bring Macbooks to the office. But Windows with its amazing success is still pretty much predominant in 99% of all corporations around the world. This has started posing serious challenges for the management; How to manage these Macs, How to keep the business data safe and secure, etc. Luckily, the cloud technology is there to address these challenges. With hosted virtual desktops these organizations can integrate Macs in a Windows-centric world, their employees can run licensed Microsoft Windows, Office 2010 on their Mac, and these organizations can let their employees bring in their Mac, which they want to use, but at the same time provide security and protection of the corporate assets, intellectual property, and their reputation. Related article: www.dincloud.com/.../bring-your-own-device

  • Anonymous
    March 18, 2016
    The comment has been removed