IT used to provide the only tools that end users needed, but now that workers buy smartphones, tablets and apps themselves, it affects corporate IT job roles.
Much has changed for the IT department. In the 1990s, administrators delivered business applications from servers that ran in their data centers. Nowadays, many of those applications have been moved to the cloud, and users walk into the building with their own smartphones and tablets, expecting to be able to use them to get their work done.
The knee-jerk reaction to the changing IT landscape is just to forbid all personal devices. This would work fairly well as long as users came into the office building and only did their work there. But employees are mobile, and they tend to do their work on the device that makes the most sense for the situation. So IT must adapt.
In some companies, administrators have to set up and manage a secure corporate network as well as a public Wi-Fi network for personal devices. Admins must also configure mobile device and application management tools, modify virtual private network (VPN) settings to only allow trusted applications, and make corporate apps and data available to users via Web interfaces.
Along with the introduction of consumer smartphones and tablets onto corporate networks came the increasing popularity of cloud computing, which makes it possible to access corporate data from almost any device in any location. In this new age for IT, security on Wi-Fi networks needs to be tightened and companies that allow personal devices need a strategy for providing access to corporate data on users' devices. There are two common approaches.
Some companies choose to make a public wireless network available for all users' devices but keep corporate hardware on a wired or strictly protected Wi-Fi network. In companies that choose this way of working, users may not be able to perform work-related tasks, depending on the availability of corporate data and apps on public networks.
Other companies choose to manage and control end user devices with mobile device management (MDM) software. Many MDM vendors have added facets of mobile application management (MAM) to allow IT to control only the business applications on the mobile device. This approach lets companies protect business data without disturbing users' privacy.
To implement this way of managing mobile devices, IT cannot just allow a mobile device to connect to the corporate network via a VPN connection. Once the VPN connection has been established, users can do whatever they want, and it is difficult for IT for to differentiate between a trusted application and a nontrusted application.
For that reason, some MDM and MAM vendors' tools allow only specific applications to connect to the corporate network. This approach is relatively successful in distinguishing between private components and apps that are important from a corporate perspective.
One simple question remains: Why not just ban personal devices in a corporate environment? The bring-your-own-device trend began with managers and executives who wanted to work from their personal devices. They asked IT to synchronize those smartphones and tablets with corporate resources such as the corporate email system and calendar, and IT couldn't really say no to the CEO. Now, there doesn't seem to be a way back to an environment where personal devices aren't allowed.
This was first published in September 2013