BYOD beyond the device: Information management is essential

Employees work anywhere, any time, on almost any device, so IT needs a new model for managing and securing information

Page 2 of 2

Once you've determined your information access policies and figured out the baseline management tools, it's time to decide how to provision that information. Email attachments are by far the most widely used data dissemination medium in companies today, which is convenient and multiplatform, but can lead to inconsistent documents and possible illicit forwarding. For sensitive data or data that must have a complete audit trail, you may need a different mechanism.

Many companies have used Microsoft SharePoint as the standard technology for managed project spaces, but the platform has poor support for non-Windows devices and is not a viable option for many companies today. Cloud storage services are a logical replacement, but few of the ones advertised as enterprise-class (meaning they typically provide just read-only access to data from mobile devices) work well on mobile devices, due to lack of support by common business apps.

Enter the cloud

If you want or need employees to do actual work on documents, not just monitor their status, you require a different type of technology. Of course, you should want them to work on actual documents -- a read-only approach basically means "don't even try to work when away from the office." The most viable cloud storage services are the enterprise versions of Box and Dropbox, which are widely supported by mobile apps and on the desktop by Windows, OS X, and Chrome OS, plus provide access management capabilities via policy management similar to what you would have in place in an Active Directory environment anyhow.

Finally, you must decide if you need access management and auditing capabilities baked into your internally developed apps, whether Web or mobile. Several vendors offer SDKs that let you bake in access permissions and auditing tools into homegrown apps, then manage those apps through a policy management tool -- some stand-alone, some part of a mobile device management (MDM) tool.

The decision to use such tools has long-term consequences, as it ties those apps to a specific management tool for several years at least and will require a rewrite of the apps if you change tools or if Apple or Microsoft develops a standard API for such access and auditing management along the lines of Microsoft's Exchange ActiveSync protocol for device management. This approach also requires parallel development of desktop and mobile versions of the apps, and it may entail parallel development even across mobile environments.

The Web app alternative

An alternative approach is to opt for Web apps that keep the data and its auditing and management all on the back end, using the mobile device or PC -- this approach works for PCs, not just mobile devices -- essentially as a portal. An effectively designed Web app can also be used across devices, reducing the development and maintenance effort compared to developing multiple dedicated apps for various platforms. But the Web app approach requires a reliable Internet connection and adaptive design for different types of devices. Persistent cellular connectivity is often unreliable, and it can be expensive. Also, adaptive design is not easy to accomplish well. Failures in either can interfere with the user experience and the app's usage.

As you can see, the key strategic decision is to treat information through policies regardless of devices -- that's about access and trust. With the strategic decisions made, IT can move onto the tactical technology decisions. Working this way is perhaps the most important decision of all.

This article, "BYOD beyond the device: Information management is essential," was originally published at Read more of Galen Gruman's Smart User blog. For the latest business technology news, follow on Twitter.

| 1 2 Page 2