Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Sparky787

69 posts

Master Geek


#136472 28-Nov-2013 13:38
Send private message

Hi Guys

We are in the process of testing our BYOD Android process, and I am just curious, what sort of solutions other organisations have in place.

I was hard pressed to find anything on the Internet, so thought I might ask the IP Pros here.

We are using Group Policy/ActiveSync/MobileIron to manage our Android devices, due to the stringent security requirements from the Security Team.



View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
langers1972
1039 posts

Uber Geek


  #942260 28-Nov-2013 13:56
Send private message

Take a look at this on the HP site, has some interesting info:

www.hp.com/go/byod



nathan
5695 posts

Uber Geek
Inactive user


  #942268 28-Nov-2013 14:07
Send private message

if they really cared about security you wouldn't let Android touch your systems

But if you're using MobileIron why not just keep on using that?

can you be a bit more specific about what you're looking for?

Sparky787

69 posts

Master Geek


  #942272 28-Nov-2013 14:17
Send private message

I agree with introducing Android into the fold, however we are under pressure from the one dept. that earns most of the $$.

Apple is our current Corporate Device, however it is becoming harder and harder to avoid this.

I am just curious as to how other organisations have implemented BYOD.

For Example: Do they just rely on Active Sync or a MDM tool? Or do they have in-house developed apps? How does your company implement BYOD. 

We are going to be using MobileIron, however as any IT department, we need to be flexible and it is good to know about the other solutions out there, to see if there is a way to better our current practice. 







adresdendoll
62 posts

Master Geek


  #942286 28-Nov-2013 14:34
Send private message

Have a look at this for a half decent guide - http://searchsecurity.techtarget.com/tip/How-to-write-an-effective-enterprise-mobile-device-security-policy

In order to even consider BYOD or Android in general, you are going to want some form of containerisation; Good, Airwatch SCL, KNOX are the three leading choices in my opinion.

You cannot secure Android sufficiently in a BYOD environment with device management technology alone. You have to secure the data and you cant do that by trying to lock down an Android (even with the extra SAFE API's), more so because your options will be limited by the nature of what you can enforce on an employee’s device.

It’s completely possible but it is not easy or cheap.


Darren

Sparky787

69 posts

Master Geek


  #942302 28-Nov-2013 14:40
Send private message

I think we are slightly hopeful that when we present the "Technical Solution" to the business, that they will see the light with the cost association and potential HR issues with introducing BYOD.


timmmay
20575 posts

Uber Geek

Trusted
Lifetime subscriber

  #942326 28-Nov-2013 15:06
Send private message

One government department is using Samsung Knox. Another option is to put the devices onto a network you consider public, then provide firewalled email and corporate apps.

What are you trying to achieve with BYOD? Just internet access for them, or some business benefit?

graemeh
2078 posts

Uber Geek


  #942333 28-Nov-2013 15:17
Send private message

timmmay: Another option is to put the devices onto a network you consider public, then provide firewalled email and corporate apps.


That is what we had at one power company I used to work for.

The email was delivered using exchange and there was no access to corporate apps (apart from Lync).

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
nathan
5695 posts

Uber Geek
Inactive user


  #942347 28-Nov-2013 15:38
Send private message

this is an incredibly complicated area, and there is no silver bullet.

There is a lot of change happening in this area, and this whole space will be quite different in a years time (just look back a year from today - now only AirWatch and MobileIron are the remaining pure-play EMM companies that haven’t been snapped up by larger enterprise companies)

Samsung KNOX is incredibly immature IMHO. And you still need an MDM product as well

Containerization of apps is not the right approach in the long term I believe

The best direction is managing mobile apps (MAM) not devices (MDM) and coming at it from the user centric point of view, and controlling data access to data for DLP

Some new acronyms:
Mobile Application Management (MAM)
A more specific type of management, MAM focuses on delivering native apps from a corporate app catalog to an employee device while giving IT the power to selectively remove downloaded apps and associated data without touching personal apps and data.

Mobile Information Management (MIM)
This is the most granular type of management where IT policies are assigned directly to the data to ensure security no matter where it resides, flows to, or which app is using it.

Mobile Content Management (MCM)
Secure distribution and mobile access to documents for employees.


Please note that I am biased, but right

"Mobile Device management is in chaos right now, and I think this market is going to die," said John Girard, vice president and distinguished analyst at Gartner. "MDM will reach an endpoint and then we'll really start to see vendors have to look at mobile application management and application shielding around the app -- that is really what is happening."

nathan
5695 posts

Uber Geek
Inactive user


  #942349 28-Nov-2013 15:45
Send private message

adresdendoll: Have a look at this for a half decent guide - http://searchsecurity.techtarget.com/tip/How-to-write-an-effective-enterprise-mobile-device-security-policy

In order to even consider BYOD or Android in general, you are going to want some form of containerisation; Good, Airwatch SCL, KNOX are the three leading choices in my opinion.

You cannot secure Android sufficiently in a BYOD environment with device management technology alone. You have to secure the data and you cant do that by trying to lock down an Android (even with the extra SAFE API's), more so because your options will be limited by the nature of what you can enforce on an employee’s device.

It’s completely possible but it is not easy or cheap.


Darren


I'd be thinking about Citrix in your top 3 as well, their Zenprise acquisition which is now called XenMobile is pretty interesting

Again I question the whole Containerisation thing as well.  Frankly the only reason it exists is because you can't trust the devices your apps are running on

CB_24
366 posts

Ultimate Geek


  #942364 28-Nov-2013 16:03
Send private message

Sparky787: Hi Guys

We are in the process of testing our BYOD Android process, and I am just curious, what sort of solutions other organisations have in place.

I was hard pressed to find anything on the Internet, so thought I might ask the IP Pros here.

We are using Group Policy/ActiveSync/MobileIron to manage our Android devices, due to the stringent security requirements from the Security Team.




Not really a BYOD policy you're after if your specifying the type of devices (Android), your more after MDM.

adresdendoll
62 posts

Master Geek


  #942619 29-Nov-2013 08:20
Send private message

nathan:
adresdendoll: Have a look at this for a half decent guide - http://searchsecurity.techtarget.com/tip/How-to-write-an-effective-enterprise-mobile-device-security-policy

In order to even consider BYOD or Android in general, you are going to want some form of containerisation; Good, Airwatch SCL, KNOX are the three leading choices in my opinion.

You cannot secure Android sufficiently in a BYOD environment with device management technology alone. You have to secure the data and you cant do that by trying to lock down an Android (even with the extra SAFE API's), more so because your options will be limited by the nature of what you can enforce on an employee’s device.

It’s completely possible but it is not easy or cheap.


Darren


I'd be thinking about Citrix in your top 3 as well, their Zenprise acquisition which is now called XenMobile is pretty interesting

Again I question the whole Containerisation thing as well.  Frankly the only reason it exists is because you can't trust the devices your apps are running on


 

For BYOD I personally would not trust the device; you can't enforce the same level of security on a non corp owned device.

That really leaves either the applications, the information on the device or both as far as your remaining points of security. Containerisation is really just the easiest way to allow a decent level of corp access without having to compromise on your security standards.

SSO, PKI integration, compromise detection built into the container or the apps through MDM/MAM SDK wrapping, forced encryption and DLP are all offered with a decent container and I don’t see BYOD requiring much more than that. The catch is that the container apps need to perform as well or better than the native options.

I have not used Citrix or Zenprise in the past 12 months, so I can’t really comment on their capability. I'm pretty keen to see how Airwatch Workspace handles in real life; the presentations ive seen are impressive.

As you previously said, there is no silver bullet approach. The biggest piece of advice i can give anyone looking at mobility is the get your requirements articulated clearly and then try find the solution that ties in best with the existing infrastructure you have in place.

Sparky787

69 posts

Master Geek


  #943885 2-Dec-2013 08:04
Send private message

timmmay: What are you trying to achieve with BYOD? Just internet access for them, or some business benefit?


We need to deliver email, contacts and calendar.



Sparky787

69 posts

Master Geek


  #943887 2-Dec-2013 08:08
Send private message

CB_24:
Sparky787: Hi Guys

We are in the process of testing our BYOD Android process, and I am just curious, what sort of solutions other organisations have in place.

I was hard pressed to find anything on the Internet, so thought I might ask the IP Pros here.

We are using Group Policy/ActiveSync/MobileIron to manage our Android devices, due to the stringent security requirements from the Security Team.




Not really a BYOD policy you're after if your specifying the type of devices (Android), your more after MDM.


Hi - we already have the BYOD solution for Apple, we were required to develop one for Android due to pressure from the business. It isn't perfect, but we have to make do.

Sparky787

69 posts

Master Geek


  #944088 2-Dec-2013 13:31
Send private message

Hi - Something I forgot to mention- we are using Office365 for emails. This does changes things quiet a bit for us, therefore the containerisation solution did not work for us.

nathan
5695 posts

Uber Geek
Inactive user


  #944094 2-Dec-2013 13:34
Send private message

if all you need to provide is corporate email/contacts/calendar is Exchange ActiveSync enough?

or are you trying to stop people doing stuff with their email once its on the device

or trying to stop malware running on Android from interacting with their email or?

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.