Israel Lifshitz

When we’re looking for a device nowadays that meets both our personal and business needs it’s easy to forget how spoilt for choice our generation has become. Today keeping up with the torrid pace of mobile hardware and software aimed at making our lives easier can seem like a project in it of itself. But sometimes I remember a different time just before the consumerization of IT went mobile full throttle, when I decided that my laptop just wasn’t enough and shopped for my first portable computer…

I remember it like it was yesterday. The year was 2006, and I was eating, sleeping and breathing my first venture, SysAid Technologies. We were a much, much smaller company back then – 30 people all-in-all. Three years after starting the company, SysAid began to hit stride in its development. Our ideas were taking shape, and our customer traffic was picking up steam and taking off. All of our sales were online, so we needed to receive orders and turn around customer issues 24/7. It was an exhilarating time.

But personally, I was feeling a new kind of pressure and like many entrepreneurs can relate, my notion of what a work-around-the-clock lifestyle meant was redefining itself all the time. Connecting to my business from my home or office simply wasn’t enough anymore. I needed access to my work life no matter where I was. And I didn’t want to carry two devices, one for phone calls and the other for computing. Off I went on my quest for my first BYOD device…

I’d heard about the latest PDAs coming out at the time and how they combined GPS and internet capabilities, with all of the cellular calling and messaging features I had on my Nokia 6010, which I was itching to replace. But what I needed more than anything was online access in a fast, easy, mobile-friendly way.

This was so I could keep track of my customers through our CRM and help desk applications. As I looked at my Nokia, I thought to myself, “Why would I get another cellular phone when I can have one device that can do it all”. And then I discovered my first BYOD device: The HP iPaq hw6915.

HPiPaq

The features listed for this Windows mobile device more than impressed me – they had me at hello. This handset had received great reviews on its effortless Bluetooth connection and quick and reliable wireless network, which was vital for me to stay in the loop on all of the tasks and projects we were managing. The QWERTY keypad promised to blow away the T9 texting of my older device, and I could view applications on a 76mm color screen. I also thought the stylus pen was a nice touch and expected it to become a go-to tool that enhanced my user experience.

In addition to my mobility needs, the iPaq was just as alluring for the gadgetry that could enhance my personal life. I was excited to use the GPS navigation for family or business trips. “I now have a tool that will change my life”, I thought excitedly.

But like those summer blockbuster films with eye-popping trailers that almost always end up disappointing, I realized pretty quickly that my new gadget wasn’t the smoothest tool in the shed. Completing phone calls took longer than it should have which was surprising even back then, and browsing the internet was rough and cumbersome to say the least. My screen looked back at me as if it was screaming “stop trying to cram your desktop interface into me!” I tried to ease both of our pain by using the zoom function, which was particularly brutal. Mobile UX was just an unconfirmed rumor.

After my first week of using the iPaq, it was heartbreakingly obvious that this device wasn’t what I imagined. I looked forward at least to using this phone’s GPS on a weekend road trip. Because the phone didn’t come with any navigation software out of the box, I installed some very expensive software but even then it still wouldn’t work properly on the device.

My vision of finding the device that could do it all had been swiftly and unequivocally shattered. One week was all it took for me to make the divorce complete. For the time being, my solution was to go right back to my old Nokia phone and my laptop.

One year later, my friend kept raving about another new and hyped device, Apple’s first iPhone. I wasn’t on the Apple bandwagon like many others back then and was hesitant to buy into the hype. When a coworker showed me his and let me play with its features, I saw how easy it was to browse and pinch in and out of web pages and photos.

iPhone

I like much of the rest of world knew smartphone technology had just taken an evolutionary leap. I was sold hook, line and sinker. Don’t get me wrong, the first generation iPhone was far from perfect and I remember losing a lot of dropped calls. But as far as its browser and email, I was able to use my most critical business applications in a way I’d never experienced before on a mobile device.

This may have been before BYOD became the buzzword for the age that our enterprise culture was heading, but innovations that helped make mobile productivity easier were partly what inspired me not just be a BYOD believer, but to contribute to the advancement and security of our mobile work experience.

Today, as I continue to learn and work with my team at Nubo towards making Virtual Mobile Infrastructure the new BYOD reality, I still never fail to get a kick out of the innovative devices, apps and wearables that are transforming both our work and life. Every now and then I get taken back to the first time I tried to BYOD with my HP iPaq and it’s amazing how far we’ve come. Perhaps the only thing more amazing, is where we’re going.

David Abbou

BYOD programs are meant to release the shackles and give employees the freedom and flexibility to use their preferred devices and collaborate with their colleagues using the apps they are most comfortable with. There’s no doubt that the profound benefits, including improved workflow and productivity, are highly valued by organizations. But passion without structure can lead to chaos. Enter Shadow IT, where employees turn to consumer apps and cloud storage services that are not approved by their organization. There are several major issues that this causes, but not all enterprises have prioritized educating their employees about this topic from the start.

Businesses should engage their employees and find out which enterprise apps and programs are most in demand in order to fulfill particular functions. This will inform them as to which apps to make available and which policies need to be communicated when it comes to collaborating information. It also increases employee satisfaction by involving them in the process and showing that the tools being selected are driven by their feedback.

On the flipside, once these tools are rolled out, employees need to understand why they should stick to the apps provided. A major aspect of this is proactively educating users on the dangers of circumventing BYOD policies and using unapproved solutions that are not sufficiently secure to house sensitive corporate data. For example, many employees have turned to file-syncing apps like Dropbox as an easy and convenient way to store work documents for later use.

There are clear and immediate issues with doing this that can be communicated to employees, and these messages should be included in the on-boarding process as well as updates delivered periodically, as part of a mobile communications policy. It’s important you effectively convey these messages to your employees:

Using unapproved consumer apps and cloud storage solutions undermines your company’s security.

Your organization’s ability to monitor and control the data – and most importantly to apply sufficient security – is largely compromised when people ignore or go around BYOD policies. Consumerized apps do not guarantee the same level of security, making corporate files more prone to hackers, Trojans and other malware that can nab sensitive data. There are many industries including banking, finance, healthcare, pharma and education where security violations go beyond financial and reputational loss; they break legislated industry governance which can lead to crippling fines and even criminal penalties in certain cases. Taking these types of risks is a red line that your company can’t afford to cross, and you need your employees to be aware of these implications.

If you’re not collaborating with the same tools, you and your co-workers are literally not on the same page!

Inconsistent use of consumerized apps only ends up making work life more difficult for employees. The result is a free-for-all, or “every man for himself” culture. This is the exact opposite of what BYOD is supposed to achieve. If colleagues are using different platforms to enter information that needs to be collaborated, then it often isn’t collaborated at all. You have information sitting on different tools, as well as different document versions floating around which can cause confusion, waste precious time and increase stress for everyone involved.

Enterprise apps are being developed with their feedback at heart.

Evaluate apps and gather feedback to measure how well they meet employee needs and identify areas for improvement. Set up a phased schedule to audit the effectiveness of your enterprise apps and measure employee engagement and usage. Survey employees by department and function as to how well the apps made available are meeting their needs, and give them an avenue to air out any flaws or issues that exist. If employees are going outside of approved apps to perform similar functions, there’s a good chance it’s because you need to tweak existing enterprise apps or possibly consider a different offering altogether.

David Abbou

Enterprise mobility and BYOD culture can be seen as both the future for business communications as well as one of its most complex change management challenges.

But as daunting as it may seem to effectively implement a secure BYOD policy in the private sector, those trials pale in comparison to the healthcare sector, where mobile security risks can quite literally be a matter of life and death.

In an industry which requires using more equipment and devices than most, the convergence of smart technology, automation and sensitive patient and medical data can be viewed as the perfect storm for BYOD security failures. You’d be hard-pressed to find a sector where the challenges and the stakes are at such a peak. Data breaches and medical device malfunctions span the compliance and liability spectrum, carrying with the, significant financial and legal repercussions.

If there’s an industry to watch in 2015 and see just how it can progress in overcoming mobile security hurdles this is the one. In the coming years, will it become a model for best practices in terms of security infrastructure planning? Or will it constantly supply the greater IT community with one worst-case scenario after the next?

Finding sustainable solutions requires understanding the industry’s largest concerns and from where they originate.

A mobile workforce equals more devices at risk

Doctors and other healthcare practitioners embody the word mobile like no other. A massive part of the healthcare workforce, be it full-time, part-time or contract staff, are constantly moving from one medical facility to another, and they are expected to deliver analyses, diagnoses and treatment plans in a relatively expeditious manner. Therefore, they’re perpetually accessing medical and patient data while on-the-go. And expectedly, this leads to many lost and stolen devices. Cloud security broker Bitglass published a Healthcare breach report in 2014 that revealed lost and stolen devices lead to 68 per cent of all data breaches in the industry since 2010. Too many of these devices are not even sufficiently protected by basic passcodes and other security settings that users can apply. It’s clear that healthcare providers need to devote more resources not only to security, but to educating practitioners and instilling a sense of urgency to protect PHI (Personal Health Information) on their devices. Electronic health records are worth 50 times the black market value of a credit card because medical and patient demographic data can’t be cancelled and remains valuable to thieves well after their theft is reported. Data breaches violating HIPAA legislation will run the provider a $50,000 fine the first time. The next time an identical violation occurs, the fine can be as high as $1.5 million. This doesn’t include lawsuits which can be even more lucrative. The need for a robust communications program to educate all applicable staff on why they must be mindful of these risks and how to employ security measures on their personal phones should not only be mandatory, it should require follow up sessions to verify that staff are applying these practices.

So many sign-ons, so little time

Imagine having to log in repeatedly to several different electronic medical databases, applications from several different PCs and devices all in the same day. Now imagine that each log in process for each client can take up to seven minutes just to complete. That should give you an idea how excruciatingly complex a practitioner’s workday can be, and how this also slows down their ability to service patients, resulting in stress and dissatisfaction for everyone involved. Lack of IT standardization to date means that each medical facility is usually using a different application to record and store patient data. This presents a unique integration challenge. But implementing a single-sign on system is fast becoming another necessary investment for the industry as its reliance on IT and mobility increases. Moreover, vertical solutions that are tailored to the unique data management and security needs faced by healthcare will be ever-present going forward. The key for organizations will be learning how to evaluate all of these offerings and accurately assess how they solve not just one set of problems but the bigger picture which encompasses both service delivery and data security.

Unique problems require unique solutions

While many corporations have turned to Mobile Device Management (MDM) solutions in recent years, the fragmented nature of the healthcare continuum severely undermines the workability of such systems. That’s because doctors working for multiple providers would need to give control of all of their applications and data to one organization. The reality of so many personally-owned devices accessing multiple applications means that healthcare organizations should prioritize data security, not device security. Virtualized solutions have emerged which manage all apps and data on a secured cloud or on-premise server. Not allowing any medical data to be stored on staff devices in the first place addresses not just lost or stolen devices. It also removes the weakest link – or easiest target – for hackers and other security threats to exploit.