Support Operations

Matt Neigh
Mobile Device Governance: What’s Your Strategy?
Written by Matt Neigh Feb 17, 2012

As a longtime HDI member, I am passionate about sharing best practices and lessons learned. So with that in mind, I felt compelled to blog about another passion of mine: mobile device management.

I think it is important to break down this topic into three categories:

  • BYOD (Bring Your Own Device): I’ll address the governance and policies as they relate to employees using their personal devices at work.
  • Mobile device support: The integration with a service portfolio/service catalog and how IT supports the mobile devices whether they are personal or company-owned.
  • Business applications that promote mobility: How to streamline support services and reduce costs by utilizing powerful applications combined with mobile devices to support customers and end-users.

I’d like to specifically address the BYOD revolution in this post.

I firmly believe that the demand from employees to use their personal devices for anytime, anywhere access to critical business information will continue to grow, and that we, as support professionals, need to quickly establish a game plan to address the demand. Next week, I join Jason Rosenfeld (Cask, LLC) for a presentation on Winning the BYOD Game: How to Create a Supportable Governance Strategy. I’m anxious to learn from Jason what he sees happening within our industry regarding the BYOD challenge many organizations are facing, and what strategies they are incorporating for support.

I’m also asking you to share!

  1. If you have a successful strategy, share it with us.
  2. Have you tried and failed? Post your lessons learned.
  3. Got documentation that you can share? Provide a link to it. (Or email me the docs and I will post in a forum to share!)

ISACA advocates that the following issues be considered when designing a mobile device strategy:

  • Define allowable device types (enterprise-issued only vs. personal devices).
  • Define the nature of services accessible through the devices.
  • Identify the way employees use the devices, taking into account the organization’s corporate culture, as well as human factors.
  • Integrate all enterprise-issued devices into an asset management program.
  • Describe the type of authentication and encryption that must be present on devices.
  • Clarify how data should be securely stored and transmitted.

This is great, in theory, but actual examples might help us all tackle this often-daunting task one step at a time. I, for one, would like to learn how smaller organizations might differ from enterprise companies regarding their policies regarding personal devices. Share your thoughts in the comments below.

Follow me on Twitter (@Survive_for_7).

Leave a Comment
We value your feedback. To leave a comment, please log in or create an account.