David Abbou

Well folks, it’s that exhilarating time of the year where we toast our favorite gadgets, those productivity-aiding, efficiency-inducing, BYOD-enhancing starlets! Oh who are we kidding. Choosing the best device for work may not quite match the Oscars in the glamor department but hey, don’t tell that to your IT administrator.

Getting the most out of BYOD today means knowing the form factor and specs that are most important to your particular role and tasks you need to accomplish. 2014 ushered in a slew of innovative devices that garnered love and adoration from the tech paparazzi.

Without further ado, here are 2014’s cream of the BYOD crop:

Best Smartwatch


Pebble Steel

Moto 360

Samsung Gear 2

Sony Smartwatch

Winner: Pebble Steel

This category could look very differently once their potential impact on the enterprisecomes to the surface. But based on wear smartwatch technology currently resides, it’s hard to argue against the Pebble Steel’s diversity of apps and productivity tools available (over 1000), innovative design and elegant look. It’s low-resolution screen is more focused on efficiency than replicating the display of a smartphone, but it does help stretch the battery life for up to a week per charge. Looking to the New Year, future the jury is still out on how wearables will be able to collect and transfer corporate data securely while simultaneously protecting user privacy, but it will be fascinating to see if 2015 is the year that their BYOD value blossoms. With the imminent release of the Apple Watch, they’ll definitely be making headlines.

Best Smartphone


iPhone 6

Moto X

Samsung Galaxy S5

OnePlus One

HTC One M8

Winner: HTC One M8

Surprised? The HTC One M8 has managed to beat out very impressive competition from the iPhone 6 and Samsung Galaxy S5. Motion launch display on a stunning screen, a quad-core processor that surpasses the Galaxy S5 in speed, and classy yet sleek design on a metallic body which rivals the iPhone 6 are a BYOD user’s dream. It contains built-in encryption and MDM features as well, which help when combined with a holistic enterprise mobility security solution.

Best Phablet


Samsung Galaxy Note 4

Sony Xperia Z Ultra


iPhone 6 Plus

Nexus 7

Winner: iPhone 6 Plus

With the early criticisms of bending phones seemingly in the rear-view mirror, the much-anticipated impact of this product is now coming to the surface. Perhaps no phablet or smartphone for that matter has ever blended hardware and software features into a form-factor so reliable and user-friendly for the BYOD employee. Users have overwhelming praised a battery life that can handle a full day of heavy mobile computing on just one charge, a true rarity. Add a full HD display to the mix and working on enterprise apps has never looked so good.

Best Tablet


iPad Air 2

Samsung Galaxy Tab S

Nexus 9

Sony Xperia Z2

iPad mini 3

Winner: iPad Air 2

Apple’s retains its dominance in this vertical with the iPad Air 2. A thinner and lighter frame, higher resolution display and new features such as Touch ID and Apple Pay have allowed this new version to top its predecessor, and the battery life is just as reliable.

Best Ultrabook


MacBook Air

HP Spectre 13

Samsung ATIV Book 9 Plus

Toshiba Chromebook

Dell Latitude 6430

Winner: Samsung ATIV Book 9 Plus

With a top-class battery life (11 hours) a frame nearly as light as the Macbook Air and just 13.6mm at it’s thickest point. The Samsung Ativ pips its Apple rival as this year’s top Ultrabook for business. Where it edges out the Macbook Pro is its incredible LED display with full HD resolution (3200 x 1800 pixels), allowing it to deliver a user experience that has yet to be matched. Its built-in SideSync lets you work on your Android phone on-screen concurrently with the ultrabook.

Best Laptop


Apple MacBook Pro with Retina Display

Lenovo ThinkPad T440s

Dell XPS 15


Toshiba Tecra Z40

Winner: Apple MacBook Pro

This one was a true dog fight between the Apple MacBook Pro and Lenovo ThinkPad T440s. The latter boasts impressive battery life, a powerful display and fast hard drive. You’d be hard-pressed to find a non-Mac OS laptop that is better suited for productivity. But that’s where iOS’s superiority tips the scales. The MacBook Pro’s 4th generation core processor that surpasses the ThinkPad’s capabilities. When it comes to display, the Macbook offers a sharper resolution at 2560 x 1600. You’d have to get an upgraded Lenovo ThinkPad for it even rival the specs on the MacBook Pro, and that would run you on average an extra $100. The ThinkPad is an impressive laptop, but the MacBook Pro takes it.

David Abbou

In Part I of How to Build a BYOD Policy, we took you through the steps you can take to determine your BYOD policy and define your company’s BYOD objectives, your users, the apps and data they need to fulfill these objectives, and the security bases you need to cover form the foundation of a BYOD policy tailored for your business.

Now comes the challenging part – How to secure the apps and data required without compromising your business goals. Any policy which fails to strike this balance will effectively fail in realizing the true goal of BYOD.

Once you identify the complexity and sensitivity of the data and apps that require mobile access, you need to determine which security approach can best satisfy all of your BYOD requirements. There are a variety of platforms in the market, but they can mainly be defined as solutions that manage data security on devices and those that manage it off of devices. Here are the pros and cons that accompany the paths you can take towards turning your BYOD policy into a reality:

1. Rely on your existing platforms

Think business-as-usual is an option for your company? Perhaps your research shows that your employees only need to access email, calendar and contacts to be productive away from the office. Most Microsoft Exchange platforms include built-in device management features for their email solution. Relying solely on this security might be an option to consider for some small or medium-sized businesses (SMBs). Some companies in this situation simply choose not to implement a BYOD-focused security solution and rely on those features instead for their security.

Pros: This approach requires both minimal licensing costs and configuration from your IT management.

Cons: The moment your organization wants to use workplace apps that contain more data, this approach becomes unsustainable. You will not be able to support enterprise or consumer apps which contain sensitive data. Another drawback to this minimalist approach is that your users will need to configure themselves and set up their own security. All organizations have employees that are less tech-savvy than others, and this opens up user-error scenarios that can be very problematic. We’ve seen how this movie has played out in the past, and it could end up giving your IT an ongoing headache.

2. Mobile Device Management (MDM)

All you need to know about how mainstream MDM has become is to do a Google search of BYOD solutions. This approach involves installing MDM agent/provisioning within the employee’s mobile device and securing these apps with encryption.

Pros: MDM has been the most popular route for organizations in recent years. If your organization is looking to secure relatively “light data” apps such as email, calendar and contacts, MDM has proven to deliver an adequate level of security and data control for IT management. IT is able to block rooted and jailbroken devices, for example, as well as perform remote wiping of the employee devices which have been hacked, lost or stolen. MDM also automatically configures apps for the user – removing at least part of the learning curve and reducing user authentication risks.

Cons: As MDM implementation within the organization has matured, there are concrete limitations that have become clearer, and they exist on both sides of the management-employee spectrum. For management, the nature of MDM being an on-device security solution requires constant application of patches and other security measures to combat attackers and security gaps. Because encryption keys are locate on the device, they are prone to being breached by outside intruders. Your corporate data is what’s at stake here. Because this data is stored within the employee device, MDM security is compelled to do a remote wipe of a lost/stolen or compromised device. This resonates negatively with employees, who fear that they will lose some or all of their personal files and lose their privacy. There are several studies including a recent one by Ovum which show that this issue alone detracts employees from following BYOD policies such as reporting their lost/stolen device right away.

Lately, MDM solutions have also offered Mobile Application Management (MAM) tools to help guard against mobile app security threats. However, these tools are less mature in the field, and not as recognized for providing sufficient security. MAM tools also face problematic challenges in deploying apps effectively across different devices, OSs and versions.

Another major issue you should consider when evaluating MDM as a solution is how robust your data needs are. If your defined BYOD data goes beyond email tools and requires access to apps which store a significant amount of sensitive client information (i.e. CRM and ERP software), then enforcing security on BYOD devices becomes much more difficult to maintain, and will add significant work resources and security burden on your IT.

3. Virtual Mobile Infrastructure

Often referred to as “Mobile VDI”, VMI has been garnering a lot of attention over the past two years. This approach is unique from the other solutions in the market because, at its core, it involves managing all corporate apps and data away from devices and on a remote and secured cloud-based server. This philosophy involves running a mobile operating system compatible with all major OSs on a server and transferring apps and data onto devices as a display using as thin client.

Pros: The advantages of implementing VMI extend to both security management as well as BYOD employees. From a security perspective, it’s much easier to manage critical enterprise data from a secured datacenter than it is to apply patches and combat malicious apps that attack the myriad of different mobile device models. Consequently, your IT overhead will decrease significantly and free up resources for other projects which can aid your organization. No data on the device means that remote wiping becomes completely unnecessary. When an employee leaves the company or loses their device, IT can simply block access from the server to the affected device, removing employee fears and encouraging them to report lost or stolen devices right away. IT gains peace of mind knowing that there aren’t compromised devices in your network that have simply not been reported.

If your employees are demanding apps that help improve productivity, efficiency and collaboration when working remotely, they will want to work with apps that are made for a mobile interface, just like the consumer apps they’ve grown accustomed to. VMI’s mobile platform was developed for a mobile interface and is compatible with iOS and HTML5 apps as well.

Cons: Because data is located remotely, offline users who are unable to connect to a WiFi network or device data plan cannot access their mobile apps in these circumstances. This scenario usually presents itself when an employee is traveling by air, sea, or underground areas which don’t support online access. Getting feedback from your employees as to how important offline access is and how often this scenario is relevant will help you determine if VMI is right for you.

4. Niche Mobility Tools

These tools can be implemented in addition to the security approaches above, but are not capable of running independently as a stand-alone solution:

Multi-persona platforms: A Multi-persona platform is implemented at the OS level in the mobile device to create separate and secured user personas on a smartphone. Some manufacturers such as Samsung Knox and the latest version of Android Lollipop offer this feature. For Enterprise Mobility, a work persona is installed to manage all corporate apps and data. Each persona is isolated from the other and exchanging data between them is prohibited by policy standards that are determined in advance.

HTML5 platform: Although Android and iOS continue to the dominant OSs, some organizations have turned to HTML5-based apps. This alternative to native apps allows your organization to use browser-based apps without relying on proprietary platforms.

Turning policy into reality

You now have the information to write your BYOD policy and choose the right platform that meets your business needs. But how will you be able to make the necessary changes to align business processes with your vision for the future? In Part III of this series, we’ll explain how you can put your BYOD policy into practice and ensure your processes give you the platform to gain from mobility benefits securely.

Israel Lifshitz

Enterprise Mobility continued to make the headlines in 2014, with more innovative mobile devices and security threats and vulnerabilities than ever before. The fallout from many of these events offer valuable lessons learned, and how BYOD organizations adapt their priorities accordingly will have a huge impact on the industry going forward. Here are five of the most significant developments you can expect to see play out in 2015.

1. Rise of the Phablets

Look for Phablets to become a disruptive technology and dominant force as BYOD devices of choice. The larger display size they offer will make these devices an attractive all-in-one solution for many smartphone and tablet users. They’re not an entirely new phenomenon, but the expected surge of the iPhone 6 Plus will launch them into the spotlight like never before. The buzz created by this device will almost certainly transcend their increased share of the retail market and as a result, Phablets are set to make a big splash on BYOD as the devices that can almost do it all. Expect their influence to trigger a notable decline in BYOD usage of Tablets especially in 2015 and beyond. BYOD employees will shift from using tablets to Phablets as a solution to their mobile needs. App developers will need to adapt quickly so that their apps run optimally for this new form factor.

2. Is the honeymoon over for MDM?

Many security vendors have added MAM (Mobile Application Management) and MIM (Mobile Information Management) tools to their existing Mobile Device Management (MDM) solution of choice. Together, these services are being packaged as EMM (Enterprise Mobility Management) and being promoted as an all-inclusive mobile security solution. There’s no doubt that together these approaches address several security concerns – but collectively they still do not add up to the comprehensive enterprise mobility solution that enterprises require. EMM implementation on the ground is still at a relatively early phase, so BYOD companies and EMM providers are still very much in the “honeymoon stage” with these services. Just like a young and developing romance, the security flaws will eventually be uncovered as EMM implementation becomes more mature. Since MDM is still the anchor steering this approach the limits to their effectiveness will become apparent as employee feedback will start cycling back to organizations. For IT, the costs of managing all of these on-device security requirements will also become an issue.

3. Mobile Apps – Security will Take Center Stage

In 2014 I said that mobile apps would graduate beyond standard apps and that we would see organizations investing in more robust and data-rich enterprise apps like CRMs and ERPs in order to enable employees in being more productive. With more complex apps and data being adopted into BYOD, securing these apps will be paramount. Many security tools such as MDM and MAM will be trialed but they require a lot of IT customization such as App Wrapping and Containerization. It will be interesting to see how successful they will be and whether they will be continue to be selected over time.

4. Vertical BYOD Solutions will become Bigger

Look for more vendors to target specific industries and tailor their security solutions for those that need higher-level security and are dealing with difficult challenges as a result of BYOD implementation. Healthcare for example sees doctors often working outside of the hospital or clinic, yet they need access to mobile apps more than ever before. Ensuring Protected Health Information (PHI) on these apps is an absolute must with the compliance and liability issues required under HIPAA (Health Insurance Portability and Accountability Act). Banks and financial institutions also have a heightened need to secure extremely sensitive customer and corporate information while putting BYOD into practice. Then you have both public and private defense agencies for which cybersecurity threats and their accompanying challenges are unique, and those stakes have never been higher. Their security specifications require them to use their own customized devices and adopt more of a COPE (Corporate Owned Personally Enabled) policy. These industries represent niche opportunities for vendors who will roll out mobile offerings in increasing numbers.

5. Virtualization Technology will Make a Splash

As organizations gather analytics and weigh the advantages and disadvantages of different ways to manage BYOD, the big picture will slowly but surely come into focus. Increasing reliance on mobile devices means mobile-first security solutions will take precedence. While we’ve heard the importance of “following the data” often in 2014, more organizations will shift philosophies on the best way to achieve that, with more CIOs looking to manage data security away from personal devices entirely. Both on-device (Multi-Persona) and off-device virtualization such as VMI (Virtual Mobile Infrastructure) will become a larger part of the BYOD landscape as a result.