Gary Hensley, IT Director, Clif Bar
" What's on the horizon: While a base MDM platform and standardization on Apple iOS have served the company well, Hensley is aware that users may demand support for additional devices. To prepare for such requests, Clif Bar is evaluating more-robust MDM platforms that could more easily handle myriad devices and provide more granular wipe capabilities.
"We're bringing in test devices, figuring out how to integrate them into the environment and listening to users to determine what their needs and wants are," Hensley says. "It's a constantly evolving challenge."
Keeping BYOD Simple
" Organization: Novation, Irving, Texas. Provides healthcare supply chain expertise, sourcing services and information and data services to more than 65,000 members of leading national healthcare alliances, including VHA and UHC.
" Key numbers: 2,000 employees; 1,500 mobile users.
" Devices supported: Novation doesn't officially issue smartphones or tablets to employees, but it has adopted a new mobile policy under which workers are allowed to use any device on the job as long as they follow proper security protocols. As a result, employees are bringing in a variety of gadgets, including iOS and Android phones and tablets, to access corporate email and calendars, even though Novation's IT group doesn't provide formal help desk support for personal devices.
" How BYOD happened: On the day of the first iPhone release, Novation's CIO issued a memo advocating caution in allowing the devices into the enterprise. "The memo went out at 10:30 in the morning, and we had to answer back that it was too late -- users had already bought them, hooked them up to Exchange and were accessing corporate email," says Guillermo Ramas, vice president of commercial solutions, part of Novation's information data services function. "Two months later, the CIO had his own iPhone."
" How it's coping: Employees who legitimately need to use a smartphone for work simply buy devices and sign up for service on their own and then bill some or all of their expenses to the company; the amount is subject to the approval of their managers.
Novation needs a formal strategy governing what corporate resources can be made available to employee-owned devices and how that can be done securely. Currently, mobile users can connect to corporate email and calendars via Microsoft Exchange Server ActiveSync, but that setup doesn't give IT the ability to carry out remote wipes, deploy password protection tools or take other steps to enforce security protocols.
" What's on the horizon: Novation is prototyping an MDM strategy using the AirWatch platform, which will provide important security controls, including the ability to identify devices, block jail-broken equipment and perform remote wipes. Eventually, Novation would like to move to "agentless" MDM, which doesn't reside on the client device, Ramas says. This option would still provide critical controls like passcode enforcement but would be slightly less onerous from the user's point of view, because it would allow IT to perform selective wipes but wouldn't leave users feeling as though IT is policing their personal data. "We're looking for a happy medium," says Ramas, noting that use of mobile devices would decline if IT was too strict about security.
Sign up for Computerworld eNewsletters.