Bring your own device or bring your own disruption?
As the concept of bring your own device (BYOD) becomes commonplace in organizations everywhere, implementation and quality remain inconsistent at best and disruptive more often than not. With the promise of reduced operational cost and improved employee satisfaction, an ever-increasing number of IT leaders are turning to BYOD strategies with widely varying degrees of success.
Healthcare is no exception, facing unique challenges that may leave organizations vulnerable to security and regulatory impact if not handled properly. The quality of these programs can range from the denial approach, wherein leadership and IT allow personal devices with no control, to broad and deep control mechanisms that significantly impact end-user experience. Given the continued adoption of mobile devices and consumerization trends that increasingly drive priorities in IT, the BYOD issue will continue to influence IT priorities.
Recently, most organizations were concerned primarily with mobile device management (MDM), but unlike MDM the BYOD puzzle and associated solutions continue to expand. Mobile device management deals primarily with control and automated provisioning. However, the needs of the end user coupled with pressure from security and compliance have driven the need for Windows application delivery, enterprise file sync & share, increasingly sophisticated security & compliance mechanisms, and enterprise-grade productivity tools. Users now expect their corporate IT experience to be as intuitive and end-user friendly as their personal applications, while IT requires stringent security, control and visibility. These two perspectives traditionally clash, rarely resulting in both end users and IT feeling that their goals have been accomplished.
What are the common challenges associated with BYOD?
The challenges associated with BYOD initiatives are plentiful, and in healthcare they bring additional complications and risk. Many hospitals spend significant time and money securing their systems and data in traditional computer systems, but they struggle to apply the same rigor to personal and mobile technology. As hospital staff bring personal devices into networks without appropriate security and control measures, the organizations are introducing undue risk and weakening their overall security and compliance posture.
The blending of personal and corporate data makes it nearly impossible to maintain possession, privacy and control of regulated data. Additionally, IT support staff may find themselves with an increased burden as multiple device types are introduced. This causes a once-standardized environment to become a disruptive tangle of challenges that stretches support departments to the breaking point. Add to that the risk of damaging or exposing personal data, an issue traditionally avoided, and the promises of BYOD quickly evaporate. Finally, the architecture and engineering teams, already burdened with multiple projects, find themselves challenged with complicated efforts to provide secure networks and resources in support of personal and mobile devices.
At a high level what does a successful approach to BYOD look like?
As the technology and understanding around BYOD matures, the capabilities are maturing with them. Lessons learned from a wide array of deployments continue to provide effective guidance for what works and what does not. As such, the following guidelines have emerged as critical ingredients in a successful BYOD strategy that not only brings the desired operational benefit, but increases productivity and workflow.
Before reviewing the key components of such a strategy, we must first look beyond simple MDM (specifically considering the compliance-burdened healthcare environment) to a more holistic approach. This tack takes traditional Windows applications, enterprise file sync and share, enterprise productivity tools, enterprise-grade security capabilities and robust audit capabilities into account to ensure that a broad-spectrum solution is put in place to meet the organizational needs. Understanding and incorporating end-user experience, needs and workflow considerations into the solution remains the most critical component of a successful BYOD program.
The most successful deployments begin not with technology but with end-user experience. Without a fantastic user experience, the solutions will be avoided – thereby increasing the likelihood that the program as a whole will fail. End-user experience planning includes thoroughly understanding workflow and establishing a complete solution, while maintaining stringent levels of security and compliance. This typically includes a strategy and technology that enables separation of personal and work applications, data and security. This critical strategy allows the end user to maintain their personal environment as they choose alongside a highly secured and contained work environment in parallel.
That said, MDM is an obvious and logical starting point. Leveraging MDM for all compatible devices simplifies securing and provisioning devices, while providing a consistent foundation on which to build enterprise file sync & share, enterprise productivity tools and application delivery. With device manufacturers such as Apple and Google determining what control capabilities are available to MDM products, the strategy for choosing an MDM suite should be influenced by looking at the entire design of the BYOD program. Successful enrollment of all applicable devices into MDM provides the control and visibility necessary to begin to allow secure personal device use.
Next, successful organizations introduce enterprise productivity applications such as email, line-of-business applications such as EMRs, and file sync & share applications. Noting that this may be a mix of Windows-based applications, native device applications, SaaS-based applications and more, implementing a platform to deliver all with an exceptional user experience requires extreme care and diligence from IT. Because of the disparity between applications and delivery methods, it is imperative that IT minimizes the number of products and different vendors involved in delivering the solution. Reducing the various delivery methods under the umbrella of a single product suite has been shown to provide exceptional user experience with sustainable back-end and operational cost of ownership.
It is worth noting that a critical area of both end-user experience and security must include a file sync & share application to ensure that end users have the data when and where they need it, regardless of the device they connect with, while IT maintains the ability to remove data from any device, at any time, if deemed necessary.
Conclusion
In conclusion, BYOD continues to be an essential and continually expanding area within IT, and it has gained significant traction in healthcare. If properly implemented, a BYOD program can successfully reduce operational costs, improve end-user satisfaction and even enhance workflow. In contrast, a poorly designed implementation can have the opposite effect and introduce undue risk to the organization. A thoughtful, diligent approach must be used to ensure success, and one of the key components is paying special attention to creating an exceptional end-user experience that is both secure and flexible.
Competing priorities distract IT from creating a holistic solution and covering all required areas of end-user experience, security and auditing. Additionally, without careful architecture support, organizations can be overburdened by manually supporting multiple devices and may be at risk to damaging or disrupting personal devices as well as data.
A successful approach to BYOD takes user experience into account first and foremost. This commonly overlooked component, when done right, ensures high adoption rates, reduces attempts to work around or disable security controls, and minimizes use of unauthorized applications when interacting with hospital infrastructure.
Successful organizations lay a solid groundwork with MDM and similar control mechanisms, and they layer it with enterprise Windows application delivery, native application delivery and containerization for enterprise file sync & share. This allows personal and controlled hospital apps and data to reside on the same device without compromising security and flexibility.
Finally, a key strategy is to ensure that the number of solution suites and vendors is kept to a minimum and ideally delivered out of a single software suite.
When these principles are followed, a healthcare organization can ensure a successful bring-your-own-device program and avoid deploying a bring-your-own-disruption program. This approach results in end users who are delighted with their experience, IT maintaining or even increasing their security and auditing posture, and the organization achieving a high level of flexibility.