BYOD Scenarios
The episode focuses on how safe are Android phones within the current BYOD technologies, what to do to make them safer and what to do about the Android apps.
Paula J.:
We’ve got a lot of stuff to talk about related with BYOD, bring your own device.
Alex de Jong:
Yes, indeed.
Paula J.:
Perfect. A couple of words about Alex. He is an international consultant, speaker, and trainer speaking at different kinds of conferences. Also, you do a lot of different types of work with Conflict Manager, and you do implementations for BYOD scenarios.
Alex de Jong:
Yes, I do.
BYOD and the involvement of Microsoft
Paula J.:
Perfect. That sounds really good. It must be very challenging because it’s a new subject, isn’t it?
Alex de Jong:
Well, it’s actually around for quite a while. It’s like two or three years that it’s really booming because Microsoft is now getting into this. Before you got like other companies that were busy doing the BYOD thing, all in their different ways. Now Microsoft is involved and, well, that makes it large immediately, of course.
Paula J.:
Yeah, absolutely. It makes it also more accessible, yeah?
Alex de Jong:
Yes, because people have their tools like Conflict Manager, and now Intune is always there.
Paula J.:
Oh, good. Before we start over, you got also the Twitter account, right?
Alex de Jong:
Yes. Yes. I am @alexdejongcom
Paula J.:
Cool.
Alex de Jong:
… which is based on my website name.
Paula J.:
Great. Good. So you guys definitely should check out. You post over there what kind of types of posts? BYOD-related?
Alex de Jong:
It’s very often on what airport I am, but, yeah, I try to post as many …
Are you ready for every hacking scenario? Test yourself against Paula Januszkiewicz.
Paula J.:
You do a little consulting?
Alex de Jong:
Yeah, where I’m going. No, very often I try to write stuff about the BYOD subject because it’s just so many different things to talk about in that area.
Paula J.:
That’s great. Awesome. So let’s start. I’ve got a couple of disturbing questions to you.
People lose their phones with data synchronized on them
Paula J.:
The first question is how do you see BYOD developing within the companies? Is this something that people start paying attention to? Are companies interested in managing different types of devices that people bring in?
Alex de Jong:
Well, one of the major challenges is that BYOD happened way before companies started to think about this. Because we all have email on our phone and that is basically BYOD. Because of exchange active sync where you could have your email synchronized through your phone, that’s the number one problem immediately occurs, and that is how are we going to protect the company data, which is on the phone, which could be lost in taxis, in bars.
Paula J.:
Which happens.
Alex de Jong:
Which happens a lot.
Paula J.:
A lot.
Alex de Jong:
A lot. I go to these customers and it happens a lot. People lose their phones.
Paula J.:
Like every day.
Alex de Jong:
Yes. Yes. BYOD, or actually the thing BYOD, it’s around forever since exchange started supporting phones. It’s actually just the last couple of years that people are actually starting thinking about this, companies, I mean. Users, they’re very much used to this. On your phone there’s everything. It’s not only corporate data – Microsoft now has SharePoint connections to the corporate SharePoint for the phone. There’s all these Office 365 applications you can just use using your phone, so, it’s going to be a problem as long as companies are not thinking about it.
Paula J.:
Yeah, sure. That’s something that it’s like a future recommendation that BYOD is out there?
Alex de Jong:
Yes.
Paula J.:
We should start becoming familiar with it because it’s going to hit us one day.
Alex de Jong:
It’s hitting us all day, every day, already for maybe the last 10 years. It’s just that we really now start to act on it because there’s a huge security issue if users are just left on their own, do whatever you want with your phone. Our data is on there, so good luck. You don’t do that.
How safe are Android phones within the current BYOD technologies?
Paula J.:
Absolutely. Since you mentioned mobile devices, we’ve got Android phones, which basically we can do a little bit more to them than is usual. Do you see the possibility of within that current BYOD technologies to make sure that Android phones are safe?
Alex de Jong:
The biggest problem here is that the BYOD solutions, they don’t own Android, so security has to come from within the operating system.
Paula J.:
The platform.
Alex de Jong:
We all know that Android, for that matter, is not the best, right? To be honest, for the BYOD perspective, there’s only one thing you can do to protect yourself. That is to disable Android. On the other hand, Android, of course, they know about this. Nowadays there’s Android for Work, where at least there is a little bit more of security in there, but it’s in progress. It has to be developed more and more.
The only solution to really have a secure Android phone might be not using it at all. On the other hand, we all know that Android is a cheaper phone. All the users want this. That is maybe the biggest problem. There is a difference in what companies like and what end users like. Users like Android. The majority of users have Android.
We as a company, we have to just adapt to that and make sure we at least can do the best job we can. There’s some technologies that can help us with this. Maybe it’s not by securing the phone itself, but at least we can secure the applications that run on them. Nowadays there’s this mobile application management feature in Intune that helps you protect the data which is in the application. That is a good thing, because then at least when a phone is lost and hacked, the company data is still encrypted and secured.
A company’s phone or personal phone?
Paula J.:
What about the perspective of people? What is their experience with this because I bring my own phone to the company and quite often we’ve got a possibility to decide if we want to use a company’s phone or your own personal phone. A lot of people actually choose their personal phone because this is something they are used to, but then here comes BYOD and says that “Oh, if you want to you use your phone, then we have to be on it in order to enforce some kind of policies to make things secure.”
How do people feel about it? What are your experiences how to deal with it correctly and how to explain to the end users that this is actually for their sake?
Alex de Jong:
Again, that’s the difference in the goal of using a phone. Companies like users to use a phone to do their jobs, but users have a phone for their personal life. There’s Facebook, LinkedIn. There’s Twitter. There’s Snapchat.
That’s what they buy the phone for, not so much for doing the job because in bring your own device, it’s your own device that actually matters. I see companies where users have two phones, one corporate phone, and one own device. But then again, who wants to walk around with two phones. That makes no sense.
Probably what we have to do managing those devices is accept that users bring their own device, that users can use their own device to at least to do whatever they want, take their pictures, take their Facebook, do everything they need. The only thing that we can do is make sure that the corporate data on the device is secured.
Paula J.:
Yeah, so things like Remote Pipe and so on, yeah?
Alex de Jong:
Yes. Let’s say the application management helps with this. Microsoft also has this RMS kind of feature, the information rights management where you have where you can protect your documents on the document level. Of course, that will not stop you from data leaking if a user on purpose wants to leak data. But if a phone is lost, at least there is protection there.
Paula J.:
Can you do something about it?
Alex de Jong:
Yes.
Paula J.:
The phone is gone, but then it’s just like a couple hundred dollars, but the data, it’s not gone.
Alex de Jong:
Yeah, but I think we have to lose the idea of being able to control the device, because as soon as a company starts to control the device itself, users will not be enthusiastic about this anymore, and the complete benefits of bring your own device scenarios, they will all vanish.
A piece of advice from Alex to people starting their adventure with BYOD Scenarios
Paula J.:
What if someone wants to start their adventure with BYOD? Someone has vision being a student, for example, at the university or having just a couple of years experience in IT and they see that as the future, what they are supposed to do?
Alex de Jong:
First, I would say pick or choose what side you’re on. That means do you want to be the person that controls everything, or do you want to be the person that will talk to the users and see what we can do on that side?
Then we could go and say, “Maybe we should start investigating what kind of software we can use for this, so where do we go?” It’s not only Intune, of course. There’s AirWatch. Blackberry actually has software for this. Just investigate what options we have with which kind of solutions. Then it’s a matter of testing a lot, listening to users a lot. That’s what I would do.
Paula J.:
That’s what you would do?
Alex de Jong:
Yeah. Absolutely.
What advanced guys should pay attention to?
Paula J.:
Okay, perfect. It’s a good advice. What about the advanced guys? They have already quite a big infrastructure, or they are working within the enterprise, and they want to implement BYOD solutions, so what they should pay attention to?
Alex de Jong:
I have a lot of customers that work with Conflict Manager. That’s large customers, and they have thousands of machines, work stations they manage. I see those companies struggle a lot with BYOD because if you’re in Conflict Manager for a long time, you are probably used to being the in-control guy.
Now, in Conflict Manager 2012, Microsoft started introducing the not-so-in-control kind of management where Conflict Manager actually switched from a computer centric to a user centric scenario. That is actually where it’s going. The user is important, and we just have to adapt with the user wants to do, where he wants to do this, and when. Those companies, they struggle a lot with BYOD scenarios. They have real issues in figuring out what to do there.
Now, for example, Conflict Manager integrates very nice with Intune, so that is something that I do a lot.
Paula J.:
These are the tools that could make BYOD comfortable for administrators.
Alex de Jong:
Yes, if you have everything in one console, that’s awesome. You can deploy an application once to a user, and it doesn’t really matter what device or operating system the user brings, but it’s still deployed to that single user, that is a really nice way to manage your application.
Paula J.:
For the couple of thousand computers enterprises, companies, probably Conflict Manager is already there?
Alex de Jong:
Oh, yes. I see it almost everywhere.
Paula J.:
Yeah, pretty much, so that’s just a matter of expanding the functionality to something that is already available, right?
Alex de Jong:
Yes, indeed. Microsoft is spending a lot of time and development and money on making that better and better every day.
Paula J.:
Yeah, because it’s one of their best products, yeah?
Alex de Jong:
Yes, to me it is at least.
Paula J.:
I guess to a lot of companies, because how else, if not like this, you manage all the software out there? There are also a couple of other features like end point protection, for example, which is more in my interest, where you are able to take care of the configuration of the machines, like different kinds of vulnerability scanning and so on and so forth. Conflict Manager can do a lot of things, including BYOD.
Alex de Jong:
Yes, absolutely.
Paula J.:
Perfect. Thank you so much. Just a couple of words for the summary. We have talked about BYOD scenarios, how important they are for companies, what kind of options, solutions and approach you should take in order to bring those technologies, to make sure that your BYOD scenario can be better or can be something at least from the absolutely no BYOD situation.