1st Edition

Bring Your Own Devices (BYOD) Survival Guide

By Jessica Keyes Copyright 2013
    451 Pages 29 B/W Illustrations
    by Auerbach Publications

    Where end-users once queued up to ask the IT department for permission to buy a new computer or a new version of software, they are now bypassing IT altogether and buying it on their own. From laptops and smartphones to iPads and virtually unlimited software apps, end-users have tasted their freedom and love it. IT will simply never be the same.

    Bring Your Own Devices (BYOD) Survival Guide explains the psycho-techno phenomenon also known as bring your own technology (BYOT). Providing the guidance necessary for living in this new world, it describes the new end-users (Millennials) and their demands, as well as the strategic and tactical ramifications of these demands.

    Examining the business aspects of BYOD—selection, purchasing, and corporate culture—the book covers the broad range of technical considerations including selection, connectivity, training, support, and security. It also includes an extensive set of best practices.

    The book is geared for the small- to medium-size enterprise that needs to integrate BYOD into their environment. It addresses topics such as content and data management, risk assessment, performance measurement, management, and even configuration management.

    The text includes a set of Quick Start guides that provide tips for such things as assessing costs, cloud integration, and even legal issues. There is also a full set of appendices that supply helpful information on everything from security settings for Apple iOS devices to a sample employee mobile device agreement.

    The BYOD Revolution
    What’s in It for the Organization?
    So, What Can Go Wrong?
    Mobile Device Management
    Consumerization of IT
    Business as Usual

    Making a Financial Case for BYOD
    Supporting BYOD
    Cost-Benefit Analysis
    Break-Even Analysis
    Estimating ROI for an IT Project
    Earned-Value Management
    Rapid Economic Justification
    Value Measuring Methodology
         Step 1: Develop a Decision Framework 
              Task 1—Identify and Define Value Structure 
              Task 2—Identify and Define Risk Structure 
              Task 3—Identify and Define Cost Structure 
              Task 4—Begin Documentation 
         Step 2: Alternative Analysis—Estimate Value, Costs, and Risk 
              Task 1—Identify and Define Alternatives 
              Task 2—Estimate Value and Cost 
              Task 3—Conduct Risk Analysis 
              Task 4—Ongoing Documentation 
         Step 3: Pull Together the Information 
              Task 1—Aggregate the Cost Estimate 
              Task 2—Calculate the Return on Investment 
              Task 3—Calculate the Value Score
              Task 4—Calculate the Risk Scores
              Task 5—Compare Value, Cost, and Risk
         Step 4: Communicate and Document
              Task 1—Communicate Value to Customers and Stakeholders
              Task 2—Prepare Budget Justification Documents
              Task 3—Satisfy Ad Hoc Reporting Requirements
              Task 4—Use Lessons Learned to Improve Processes
         Uncertainty Analysis
         Sensitivity Analysis
    Glossary
    Reference

    Integrating BYOD into Performance Measurement and Management Systems
    Why Measure?
    Understanding Performance Management
         Define Organizational Vision, Mission, and Strategy
         Develop Performance Objectives, Measures, and Goals
         Give Measures Time to Evolve
    Attributes of Successful Performance Measurement Systems
    Developing Benchmarks
         Plan
         Collect
         Analyze
         Adapt
    Using Balanced Scorecard to Measure BYOD Effectiveness
    Representative IT Balanced Scorecard Value Metrics
    Keeping Track of What’s Going On
    Validation and Verification
    References

    Assessment and Mitigation of Risks in a BYOD Environment
    Initiating the Risk Assessment
    A Typical Organization’s Computer System
    System Architecture
    System Operational Authority/Ownership
    Threats to A Typical Organization’s Assets
    Current Security Measures
    COG Contingency Planning
    Divisional Contingency Planning
    Protection against Network-Related Threats
    Vulnerabilities Reported by the Risk Assessment Team
    Recommendations for Mitigating the Identified Vulnerabilities
    Summary
    Reference

    Guidelines for Managing and Securing Mobile Devices in the Enterprise
    Mobile Device Overview
    High-Level Threats and Vulnerabilities
    Use of Untrusted Mobile Devices and Networks
    Use of Applications Created by Unknown Parties
    Interaction with Other Systems
    Use of Untrusted Content
    Use of Location Services
    Technologies for Mobile Device Management
         Components and Architectures
    Capabilities
         General Policy
         Data Communication and Storage
         User and Device Authentication
         Applications
    Security for the Enterprise Mobile Device Solution Life Cycle
         Initiation
         Development
         Implementation
         Operations and Maintenance
         Disposal
    Case Study

    Cloud Best Practices
    Selecting a Cloud Service
    CSP and End-User Agreements
         Terms of Service Agreements
         Non-Disclosure Agreements
         Service Level Agreements
         Terms and Definitions
         Measuring SLA Performance
         SLA Enforcement Mechanisms
    CSP, Organization, and Integrator Roles and Responsibilities
         Contracting with Integrators
         Clearly Defined Roles and Responsibilities
    Standards
    Security
         Continuous Monitoring
         Incident Response
         Key Escrow
         Forensics
         Audit Logs
         Privacy Impact Assessments (PIA)
         Data Location
         Breach Response
    Reference

    Configuration Management in a BYOD Environment
    CM and Process Improvement
    Measurement and Metrics
    Benefits of BYOD CM
    CM Components
    Configuration Identification
    Configuration Change Control
    Configuration Status Accounting
    Configuration Auditing
    Implementing CM in the Organization
    Manage the Risks of CM
    Configuration Management and Data Management
         Document Identification
         Data Status Level Management
         Data and Product Configuration Relationships
         Data Version Control
         Digital Data Transmittal
         Data Access Control

    Content Management, Mobile, and Otherwise
    Content Management System (CMS)
    Document Management Systems/Electronic Document Management Systems (DMS/EDMS)
    Records Management Systems (RMS)
         Reliability
         Authenticity
         Integrity
         Usability
         What Are the Records Management Risks Associated with Websites?
    Digital Asset Management (DAM)
    Mobile Device Management and Mobile Content Management (MDM/MCM)

    Integrating BYOD into Resource Management
    Data Management Roles
         Data Sponsor
         Data Steward
         Data Administration
         Database Administration
         System Administration and System Support
    Data Management Responsibilities
         Development and Management Requirements
         Identification and Enforcement Standards, Design, and Implementation
         Data and Mapping Standards
         Quality Control, Data Integrity, and Backup/Recovery
         Data Sharing
         Change Management and Impact Analysis
         Connectivity
         Input and Update
         Security
         Metadata
         Training
    Guidelines
         Guideline 1
         Guideline 2
         Guideline 3
         Guideline 4
         Guideline 5
         Guideline 6
         Guideline 7
         Guideline 8
         Guideline 9
         Guideline 10
         Guideline 11
         Guideline 12
         Guideline 13
         Guideline 14
         Guideline 15
         Guideline 16
         Guideline 17
    Glossary of Data Management Terms

    BYOD Means Social Networking
         Tools That Provide Networking Capabilities
         Wikis in Action
         Meaning-Based Computing
         Semantic Web
         Virtual Worlds
         Knowledge Management Tools
         Mashups
         References
    Quick Start 1: Software-Based Authentication
         Procedures/Issues/Policies
         Bibliography
    Quick Start 2: BYOD: Making It Work for Your Firm
         Procedures/Issues/Policies
         Bibliography
    Quick Start 3: Software Selection from Multiple Packages
         Procedures/Issues/Policies
         Bibliography
    Quick Start 4: The Make-Buy Decision
         Procedures/Issues/Policies
         Bibliography
    Quick Start 5: Balanced Scorecard Metrics
    Quick Start 6: Common BYOD Mistakes
         Procedures/Issues/Policies
         Bibliography
    Quick Start 7: BYOD Corporate Policy
         Procedures/Issues/Policies
         Bibliography
    Quick Start 8: Mobile Device Management Functionality Guide
         Procedures/Issues/Policies
         Bibliography
    Quick Start 9: Legal Issues with BYOD
         Procedures/Issues/Policies
         The Fixes: How to Inoculate Your Company against Potential Legal Trouble
         Bibliography
    Quick Start 10: Managing Online Content Checklist
         Procedures/Issues/Policies
              General
              Content Management Issues
    Bibliography
    Quick Start 11: Selecting a Content Management System Checklist
         Procedures/Issues/Policies
         Before You Start
         Determining Project Goals and Targets
         Determining and Documenting Business Requirements
         Producing Documentation
         Evaluating and Selecting a CMS
    Bibliography
    Quick Start 12: BYOD Lessons Learned
         Procedures/Issues/Policies
         Each Unique
         Survey…Survey…Survey
         Clarity
         Each and Every Platform Should Be IT’s BFF
         The App Store Problem
         Virtualization: Might It Be a Temporary Savior?
    Bibliography
    Quick Start 13: BYOD Risks
         Procedures/Issues/Policies
         Bibliography
    Quick Start 14: Getting Started with BYOD
         Procedures/Issues/Policies
         Bibliography
    Quick Start 15: BYOD Security Tips
         Procedures/Issues/Policies
         Bibliography
    Quick Start 16: Cloud Migration Tips
         Procedures/Issues/Policies
         Bibliography
    Quick Start 17: Hitching Your Network to BYOD
         Procedures/Issues/Policies
         Bibliography
    Appendix A: Security Glossary
    Appendix B: Employee Mobile Device Agreement
    Appendix C: Mobile Device Security Checklist
    Appendix D: Security Configuration Recommendations for Apple iOS 5 Devices
    Appendix E: Traditional IT Metrics Reference
    Appendix F: Cloud Procurement Questions
    Appendix G: Computer Use Policy
    Acknowledgment
    Appendix H: Benchmarking Data Collection Methods
    Appendix I: Wireless Device Agreement
    Appendix J: Mobile Device Management Vendors
    Appendix K: Best Practices Security Checklist
    Index

    Biography

    Jessica Keyes is president of New Art Technologies, Inc., a high technology and management consultancy and development firm started in New York in 1989. She has given seminars for such prestigious universities as Carnegie Mellon, Boston University, University of Illinois, James Madison University and San Francisco State University.

    Keyes is a frequent keynote speaker on the topics of competitive strategy and productivity and quality. She is former advisor for DataPro, McGraw-Hill's computer research arm, as well as a member of the Sprint Business Council. Keyes is also a founding Board of Director member of the New York Software Industry Association. She has recently completed a two-year term on the Mayor of New York City's Small Business Advisory Council. She is currently a professor of computer science at Fairleigh Dickinson University's graduate center as well as the University of Phoenix, where she is the Area Chair for Programming and Operating Systems, and Virginia Tech. She is the former editor-in-chief of CRC Press' Information Management and Systems Development Management.

    Prior to founding New Art, Keyes was Managing Director of R&D for the New York Stock Exchange and has been an officer with Swiss Bank Co. and Banker's Trust, both in New York City. She holds a Masters of Business Administration from New York University, and a doctorate in Management. She is a member of the Kappa Delta Pi, Beta Gamma Sigma and Delta Mu Delta honorary societies.

    A noted columnist and correspondent with over 200 articles published, Keyes is the author of the following books:

    The New Intelligence: AI in Financial Services, HarperBusiness, 1990
    The Handbook of Expert Systems in Manufacturing, McGraw-Hill, 1991
    Infotrends: The Competitive Use of Information, McGraw-Hill, 1992
    The Software Engineering Productivity Handbook, McGraw-Hill, 1993
    The Handbook of Multimedia, McGraw-Hill, 1994
    The Productivity Paradox, McGraw-Hill, 1994
    Technology Trendlines, Van Nostrand Reinhold 1995
    How to be a Successful Internet Consultant, McGraw-Hill 1997
    Webcasting, McGraw-Hill 1997Datacasting, McGraw-Hill, 1997
    The Handbook of Technology in Financial Services, Auerbach, 1998
    The Handbook of Internet Management , Auerbach, 1999
    The Handbook of eBusiness, Warren, Gorham & Lamont, 2000
    The Ultimate Internet Sourcebook, Amacom, 2001
    How to be a successful Internet consultant, 2nd Ed, Amacom, 2002
    Software Engineering Handbook, Auerbach 2002
    Real World Configuration Management, Auerbach 2003
    Balanced Scorecard, Auerbach, 2005
    Knowledge Management, Business Intelligence, and Content Management: The IT Practitioner's Guide, Auerbach 2006
    X Internet: The Executable and Extendable Internet, Auerbach 2007
    Leading IT Projects: The IT Manager's Guide, Auerbach 2008
    Marketing IT Products and Services, Auerbach, 2009
    Balanced Scorecard and the Project Manager, Auerbach 2010
    Social Software Engineering: Development and Collaboration with Social Networking, Auerbach 2011