Vodafone in America

Vodafone launching enterprise wireless services in US

Cellular security

T-Mobile quietly upgrades 2G network security

We teach you

How Microsoft Account two-step verification works

Here we go again

Dropbox accounts hacked, service not to blame for leak

Hypothetical threat watch

New malware exploits USB, but isn't really that scary

Microsoft News

Microsoft issues security advisory affecting all versions of Windows, Windows Phone

General News

UK government set to rush through emergency surveillance legislation

General News

UK officials follow US counterparts by banning electronics that have no charge from boarding flights

Microsoft News

Microsoft restores control of seized domains to No-IP

Windows Apps

1Password for Windows gets much needed 4.0 update

Software

Microsoft Azure ML to help analysts crunch big data

Editorials

Is Windows Phone finally ready for enterprise?

Editorials

Using strong passwords and keeping your online self secure

General News

Outlook users can now join Hangouts with new Google plug-in

General News

Microsoft hopes BYOD will help bolster Windows Phone 8.1 in enterprise

General News

First smartphone 'kill switch' bill in the US passed by… Minnesota

Windows Phone Apps

Microsoft Lync collaboration app updated for Android tablets

Windows Phone Apps

Secure your passwords and critical information with Enpass Password Manager

General News

Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Windows Phone Apps

John McAfee's Chadder aims to keep your messages private, lands on Windows Phone before iOS

< >
Lumia 920 company apps
67

So, you want to adopt BYOD?

Bring Your Own Device (BYOD) is the current hot trend. (And has been for a while, really.) There are many perceived advantages for a company that allows employees to bring their own devices to work and have access to your company resources, but is BYOD right for you? Can you make mistakes when developing your BYOD policies? Can you really let any device connect to your resources?

Lets look at a few top issues that you should be aware of.

What devices should your BYOD policy include?

BYOD used to mean Bring Your Own (Smartphone or Tablet) Device. The BYOD movement started through the failure of BlackBerry to keep up with Apple and Google as they began to dominate and revolutionize the mobile landscape with more capable devices that had much faster CPUs, more memory, larger screens, and desktop web browsing capabilities.

BYOD has now morphed into Bring Your Own (Smartphone, Tablet, or Laptop) Device. But what devices do you want your BYOD policy to include? Do you want to limit it to smartphones and tablets, or do you want to include laptops?

iPhone and BlackBerry Q10

Which smartphones and tablets should you allow?

Today the market is awash with smartphone and tablet choices from Apple, Google, Nokia, Microsoft, Samsung, HTC, Motorola, LG, and even Amazon — to name but a few manufacturers. If you adopt a BYOD policy that includes smartphones and tablets, can you really allow your employees to bring in any device they want, and expect that the device is secure enough?

The answer is no, not all mobile devices can be secured to the same level. (Nor should you ever assume an employee's home device is safe.)

Apple leads in the enterprise because it has built strong and flexible APIs since 2010 (starting with iOS 4.0) that allow Mobile Device Management (MDM) vendors to tightly secure, control, restrict, and monitor iOS devices. Those controls have improved greatly with iOS 7. Google’s Android mobile operating system is not as popular in enterprise because Android does not provide many built-in controls and is perceived as insecure — even though that isn't really the case.

Vendors like Samsung have made radical additions to Android to try and make it more secure. For example, some Samsung devices support Samsung Approved For The Enterprise (SAFE) and Samsung Knox that allow similar kinds of controls as what is found in iOS. Windows Phone and Windows RT tablets presently lack the kind of secure compartimentalization that is available on iOS and Samsung devices.

So as you think about which devices you should allow, you need to consider how each can be secured. You can either limit the device choice to iOS and a limited selection of Android and Windows Phone/Windows RT devices, or you could use a method of device security called Containerization that we discuss in its own section below.

Laptop

Will you allow laptops?

If you allow your employees to bring their personal laptops, which ones will you allow, and how will you ensure that they are secure? Some MDM vendors do offer laptop management, but you may choose to use virtual machines instead. Virtual machines allow you to create a “company secure build” of Windows, and have that virtual machine run on personal Windows, Mac OSX, and Linux laptops.

Mobile Device Management (MDM) or Containerization?

The traditional method of securing smartphone and tablet devices is to use MDM. This allows the IT staff to have full control over the entire mobile device if they decide to, or only control the company data and apps.

Your employees may not appreciate that you have full control over their mobile devices, even if you have chosen not to exercise that that power. Your employees may prefer that you only have control over part of their device, leaving their personal data alone.

Containerization (also known as Dual Persona) is the solution for two issues. The first issue is that of providing that same security policy across all Smartphones and Tablets no matter what operating system they are running. The second issue is that of personal and company separation.

By keeping your company email, contacts, calendar, and apps in a separate, secure, encrypted container on the Smartphone and/or Tablet, you have no way of having visibility into their personal device, apps, and data. You are limited to controlling only the container. Dual Persona is increasingly becoming the go-to choice for BYOD since it provides peace of mind, and truly separates personal and company data.

iPhone secure workspace

Bring Your Own App (BYOA)

BYOA is a movement that leverages the popularity of containerization, but to the app level. The idea is that you take your company's apps and wrap them in a secure container, and push them to your employees’ personal devices. You only have control over the app in the container, and not entire parts of the device. The app is secured in its container, and may have access to data behind your firewall via a secure connection from the container.

This truly separates corporate and personal data at the app level.

Monthly voice and data costs

When you allow your employees to use their own devices, you should consider whether you want to compensate them in some way. Do you want to take the approach that since they would be paying for voice and data anyway, that you do not need to provide a monthly stipend. Some employees may argue that they pay for the voice minutes and data usage based on their personal use, and do not have unlimited data plans. In this situation, they could argue that their voice and data usage will increase when they start accessing company resources.

You need to decide whether to offer a monthly voice and/or data stipend, and how much to offer.

If employees need to travel internationally for work, how will you handle international voice and data rates?

Support costs

When you adopt a BYOD policy, you will need to decide whether you want to provide support for your employees, and how much support. Your employees may be bringing devices running multiple mobile operating systems (and in the case of Android, many variants of that operating system).

What type of support will you be offering through your help desk? How will you effectively train your support staff to deal with the device diversity, and will you need to hire more people to provide that support?

HTC One accounts

How do your current laptop security policies translate to mobile?

Most companies already have well established security policies that they apply to company provided laptops. These include password policies, hard disk encryption, two factor authentication, limited web browsing, and blocking of eternal storage to name a few.

While your may want to simply use those same policies on smartphones and tablets that access your resources, it may not be practical to do so. Some policies that work on laptops, may not translate to mobile, and policies that do translate may be too invasive or limiting. Plan on using a subset of your current end-point polices for mobile.

Nobody ever said BYOD would be easy

As you can see, creating a BYOD policy encompasses many different areas, and there are many decisions to be made so that your BYOD policy does not fail. Making it too restrictive or intrusive could lead to rebellion by your employees. Making it too relaxed could lead to exposed company data or data leakage. Not accounting for all variable could actually lead to an increase in cost, instead of the decrease you were hoping for.

BYOD has benefits and detractions that you need to weigh when considering implementing it for your business. But done right and the benefits can far outweigh the costs.

5
loading...
0
loading...
0
loading...
0
loading...

Reader comments

So, you want to adopt BYOD?

67 Comments

I like the idea of not carrying a second phone for work, but considering that my phone's password might have to be longer and proly be spied on by corporate IT due to regs, I think I'll keep carrying two for now.
This of course is what works for me. I'm sure others would jump on that boat to avoid paying for a personal device to either save $ or simply spend it on what matters to them. Both good choices as applicable imho.

information re: windows/windowsphone enterprise security seems to contradict information reported in the previous article, "IBM seeing growing enterprise demand for Windows Phone."

Agreed. I also don't see how insecure Windows Phone and Windows RT/Pro are considering they offer things like BitLocker encryption, IRM, and full integration with Microsoft's enterprise-level MDM solutions.

Yes, im confused too. Can the author expand on the short comings of wp/rt when they support the industry standards mention med in the comment above.

I don't think that the issue is WP being insecure (it is quite the opposite), it is the fact that there are limited options. Third party MDM solutions don't support WP and WP doesnt provide the APIs to put secure elements in a "compartment", the whole dual-persona thing.

WP is great for Enterprise solutions (aside from VPN not coming until 8.1) as it provides alot tools necessary for company work. However, it is not very good for BYOD companies that want to keep company data seperate from personal data.

What confuses me is that this article seems to completely ignore Microsoft's great MDM solutions which actually work perfectly with Android and iOS devices as well. It seems to be written from a point of view of someone who uses no Microsoft infrastructure, which to be honest is the minority rather than the majority.

In the "inside windows phone" podcast Microsoft says you can keep personal data and work data separate just as easily as iOS & Android.

I have to say I expected a bit better from Mobile Nations, especially when this kind of post is being syndicated to a Windows-focused site. I don't care if the others sites live in their little bubble, but Microsoft has a strong pedigree of solutions with the exact features this site says they don't have.

I completely agree as well. The writer does not seem to come of as having complete familiarity (not expertise which would not be expected anyway) with all BYOD management solutions including the market leading solutions like AirWatch, Windows Intune and and Microsoft System Center including their abilty to manage iOS, Android, Blackberry and WP/W8 devices. At best, it makes WPCentral editorial staff look a little lacking at worst, it is the writer helping spread biased propoganda.

 

@Daniel_Rabino, As editor-in-chief, I would be interested in your take on the content in this article.

Fantastic article.   I think people who think BYOD will save money are in for a shock.   I kinda see some things move more towards CYOD (choose your own device) where a company has expanded offerings, but it's not the "wild wild west."   I think Microsoft, for example, has gone the CYOD route.  It's the best of both worlds.  You keep some control and still give users choices.

Close - i can pretty much use any device i want, but they need to meet certain specs to be able to connect them to the corporate network (TPM for example) - depending on what I want to do (domain join or not).  Obviously, most any Windows Pro device with a TPM, most any x86 Windows Tablet, and any Windows Phone is supported.  Hell, you can bring an Android or iPhone and use it to check your mail or access external resources (e.g. SharePoint Online) - but obviously, helpdesk support for those is more limited.  From a corporate device standpoint - we are given a list and based on the budget you have to spend (every 3 years or so) you pick one.  You get spoiled for sure...  But theres one major advantage MS has that others do not.  Licensing costs....

 

Microsoft has been owning that space, like, forever ... this article sounds quite uninformed on the Microsoft side.

Actually, Blackberry ruled the enterprise world until a few years ago (2010-11). MS (with Windows Mobile) was a strong second place, but since iOS has improved their enterprise features, with lots of employees using iOS and some companies even using Mac OSX in their offices, Microsoft has lost that place. However, most IT specialists like Microsoft and Windows, so as soon as WP will catch up with iOS, they'll definitely support it.

Had to shake my head on that one considering it is false. Management of only iOS devices does not a solution make. Any enterprise looking for MDM is looking at managing cross platform for BYOD.

I could not stand BYOD. There were also problems trying to compensate people on different carriers for their phones/plans. Luckily, my previous company dropped the practice and signed with VZW and gave a choice of iOS, one Android, and gave me a WP7 device which I used to access Sharepoint and Office with ease....

And that is how I got started with WP.

Yeah, it is hard to imagine BYOD being feasible. I think it is just another failed executive initiative. The devil is always in the details. Execs don't look at details and certainly wouldn't understand them even if they did.

Companies often go to BYOD because they think it is cheaper not having to buy employees phones and plans. They end up subsidizing the plans as incentive and don't account for the added infrastructure and administration of those devices. It seems that companies are doing it because everyone else is.

Not sure what the problems are. My employer has a pretty good range of allowed devices on the BYOD list, and any participating device gets locked down pretty well. In some cases, though, overly locked. For example, one guy's camera is strangely locked out whenever he activates the VPN. Frankly, any camera lock out policy is asinine, when everyone who doesn't connect to corporate email has free use. Too late to say no cameras at the workplace, as that horse left the cellphone barn years ago.

Other things to consider:

- What happens if a user doens't pay their bill and the service is cut off?

- What happens if a user breaks a brand new device and do not have the funds to buy a new device?

- What if you work in a competitve market and an employee leaves for another company taking their number with them?

- How do you stay compliant when accessing Microsoft infrastrucuture through a non-Microsoft device such as iOS or Android?

- And how do you make the decision on who supports what? When does the user call the helpdesk and when do they contact their provider?

So many questions with so many answers. It's overwhelming. Which is why we decided to abandon BYOD for now and focus on company issued Windows Phone devices. We'll consider BYOD again in a few years.

For my company:

What happens if a user doens't pay their bill and the service is cut off?  If it isn't a company provided phone, user assumes all liability for service and equipment.

- What happens if a user breaks a brand new device and do not have the funds to buy a new device?  See answer above

- What if you work in a competitve market and an employee leaves for another company taking their number with them?  In a BYOD environment this is to be expected.  Upon leaving the company user's account will be disabled so that he/she can no longer access our resources.

- How do you stay compliant when accessing Microsoft infrastrucuture through a non-Microsoft device such as iOS or Android?  Through Active Sync and group policies put in place beforehand, i.e., Mandatory pin, periodic password changes, etc.

- And how do you make the decision on who supports what? When does the user call the helpdesk and when do they contact their provider.  For accessing company resources such as email user can call the help desk.  We have a list of approved devices that have been tested within our environment and we will give all the software support needed.  If it's determined that the issue is hardware related user must go to his/her service provider or OEM for support.

 

 

Not really acceptable answers, which is my point. So what do you do when customers are unable to contact your sales force. Do you pay their bill or buy them a new phone when they cant afford it?Your answers really don't apply in the real world. Compliancy is different from policy. I was referring to licensing costs and manageability.

As far as I know I am in the real world and these are the policies we have in place right now and it works for us.  Again, the user assumes all liability if he/she is bringing their own device so if they can't do their job because they didn't pay their bill or dropped it it's their fault.  Having a mobile device is more of a convienence for them, not a requirement and any costs associated with running specific apps that are company standard we pick up the bill for that.

Yes, but that _is_ the problem you are missing.

If the company has paid a sum of money, it is entitled to get the right coverage in terms of insurance, warranty repair etc. Handing over that ownership to the unwashed masses at work will make that difficult to enforce, and have a tangible impact on the ability to use the tools and in extreme cases effect business operation.

The support boundaries are blurred (and in my view very likely to increase desktop and mobile support costs)

Data protection and other compliance regimes will become more difficult to manage. Its a nightmare scenario for many IT shops. Maybe small / hipster style shops where its all show and no impact it might be ok, but serious corps BYOD is a hidden cost monster, with most of the cost below the waterline that cannot be seen. BYOD is like VDI, its a salesmans dream of trying to sell you stuff you don't need :)
 

His answers totally apply to the real world. My employer supports BYOD for 60K employees, and it works quite well.

I'm simply suggesting that the policies currently in place will not fly with the majority of organizations. I'm not implying you're wrong. There's no wrong answer. In our environment mobile devices are the most important tool our salesforce relies on. Without a mobile device, our salesforce is chained to a desk which doesn't help much when they need to be on the road or in the field. It's not acceptable. Their job is to work from a mobile device.

So what happens in these cases. Do you supply your users with loaner devices? Does the company offer the ability to provide the user a device if they don't want to utilize the BYOD policies? How do you handle cases where the user relies on the mobile device for their job?

I'm not trying to poke holes in your policies. I'm trying to understand what happens in these cases which seem to be common problems. I have yet to receive an answer other than "It's their fault. It's the user's problem. They have to deal with it. User assumes all liability for service and equipment.". Again, this is simply not acceptable in many organizations. The attitude from those who have BYOD in place has been very blunt. Does this work for everyone? I don't think so. A problem with the user's mobile device is a loss for the employee and the company. Especially when the user in question works solely from a mobile device. Do you have users like this? How is it dealt with in your organizations. You can't simply say "You're out of luck, deal with it yourself" because the company relies on these users to utilize the mobile device for business. There's a business to run and a user without the necessary tools could be a waste of company resources. Maybe you don't have any users within the organization that work on the road or in the field? Maybe you don't have employees with this much reliance on a mobile device. Maybe there is no answers to these questions. Once again, I'm not poking holes. I'm trying to understand. Thanks.

Your company is requiring your Sales people to have mobile devices then you should be providing them.  BYOD is not the way to go for your company.  Simple as that.  For us(and for the record here I work for a global consulting company) it works.  And keep in mind that I'm summarizing our policy but that's the gist of it.

Stock up on Advil ;)
If done right it can work for some companys but most are forced into it by management not because its a good way to go from a IT point of view. Now I will say this employees tend to treat their own devices with more respect.

I'm more interested in convincing my company to switch from iPhone to Windows Phone. As we don't use any custom programs and actually use Excel the most, it just makes sense to me.

I just convinced our IT department to order two 1020's on a trial basis. Can't wait till they come in. We don't have BYOD, but company so far supports bberry, iphones, and now androids.

I've had 2 problems with Windows Phone for corporate use

1) As the article suggest, pathetic levels of MDM API in current WIndows Phone

2) Lack of apps (Salesforce, and Autodesk apps. Both on the radar to be sorted, but MS still taking too long)

Point 2: No, Microsoft are not taking too long. Salesforce and Autodesk are. You cannot expect Microsoft to port every damn app that has ever been developed - and they don't have the rights to do it anyway. All MS can do is say, 'we'd like your app on our platform' and provide some seed money for developing it. It's up to the original app developers to decide if it's worthwhile for them to support Windows Phone - bearing in mind that WP development is very different from Android development, is very different from iPhone development. If you started from an iPhone app there is no migration path to WP, all the code must be rewritten. Similarly if you started from an Android app. There are expensive tools (Xamarin) that could help to port a WP app to the other two, but most people didn't start from there.

Even if there's a public API for it, MS developing their own front-end can be a problem - the designers of the API could easily pull out the rug from underneath you, accidentally (incompatible changes) or deliberately (revoking API key). Just witness the ongoing YouTube app mess: MS created an app, Google deactivated the API key it used. Any number of Twitter apps have had to pull out of the store because an API key usage limit has been reached and Twitter won't extend the limit for that key.

I will bring my damn wp8 if it actually connects to the enterprise WiFi to start with. Recently I bought a mini iPad just to cover up this gap.

Your WP8 shouldn't have any problems on a enterprise WiFi. I'm a IT consultant and have no problem connecting to any clients WiFi. From mom & pop to medical facilities.

Only problem is if they want to install the management software on my personal device. Sorry, not happening. Lucky for me the company I work for has gave me a device and then told me install the management software. That is fine.

Is this applecentral or wpcentral? this article is full of so much misinformation pertaining to msft. apple is the leader in empire? come on. wp/winrt not secure? are you that ignorant? plus you not even mention 86x windows tablet. come on.

Posted via the WPC App for Android!

Agreed, this article is written by someone who doesn't seem to know a lot about Microsoft's enterprise offerings.

would you like to point those out? because I'm sure the author would correct them if you back them up with some evidence. clearly if there is a flood of WP devices on the enterprise, it shouldn't be hard to correct the facts right? I find the article spot on. With the lack of VPN on WP, it just may as well not exist in the enterprise.

I guess I'm the only one here saying this but I wouldn't want to use, say, my mobile phone for work. Reason: I like to keep work and private life strictly separated. I used to think different, but had to find out that it can become unbearable if working life is slowly but surely taking over my private life. For work, I use whatever is provided from my employer, which is,at the moment, a phone (non mibile)a PC on my desk and a laptop (for home office and on-call duty) at home. My mobile phone number is only know to a very small circle of colleagues, and if some project ever demands my mobile phone number, I'll refuse - otherwise I'll never have a quiet minute anymore. Also, they neither pay my phone nor my contract, so: my money, my contract, my mobile phone = office stuff won't touch it. When I'm on call, I simply divert my office phone to my landline, and that's it.

In my shop, Windows Phone is not yet supported for company email whereas IOS and android is for BYOD.  I suspect it has to do with the lack of VPN support and some API they need to get hold of.  Lucky for me I manage AD and Exchange otherwise, I'd get no company email on my Lumia 920. We do allow for personal ipads but no android tablets and no personal laptops.

BYOD is a great idea for a business (this is why it's being pushed) but a horrible idea for the user. Once you connect your own device to a business, you give them the right to wipe it out on a whim! Imagine you get laid off - not only you lose your job, but you lose all the content on your phone/laptop/tablet. Just think about it. Also they get to monitor and administer what stuff you can install on your device and how you use it.

In many cases that happens just because users want their work emails. Their jobs don't necessarily require that they get work emails on mobile devices.

If I were important enough that receiving work emails on a mobile device were necessary, I'd expect my employer to pay for the device.

One big issue not necessarily touched on here.  licensing.  Licensing costs can be significant depending on your existing licensing, agreements, and setup.  Windows Server, Exchange, SharePoint deployments - VDI and remote application access can get especially pricey.

WIth VPN capabilities still to come, WP is not (yet!) a viable solution, in my opinion. In my company, everything is linked to VPN so I can't use my Lumia yet. We do have a BYOD policy, but Windows Phone is not allowed at the moment. I've had conversation with lots of people from Corporate HQ on this matter, and they've all promised to allow WP as soon as the 8.1 update is rolled out. So, yeah, Blackberry and Android are still in charge, but I'm sure that will change this summer. Can't wait to use my Lumia for work!

Edit: Regarding Android, everyone here (Emaar, UAE) views it as a company risk, but they allow it simply because lots of people use it and they want their employees to be happy. However, specialists from CHQ are talking about discontinuing support for Android when WP devices will support VPN. There are also talks of Blackberry being discontinued, but that's less probable. iOS is and will be their favourite for a long time, but WP does come as a strong second solution. I love it that things are looking up for WP users!

Great article, thank you. I'm a mechanical engineer and these details help me understand what it takes to get byod going from the IT side. I work for a company of 20,000+ that allows no BYOD and I can't get our management to support the idea that byod would make us more efficient. Unbelievable.

I feel that BYOD might be the best thing to happen for Windows Phone.

Keep in mind that most of the disgruntled former BlackBerry users who now hate BlackBerry probably feel that way because they had been stuck with company-issued BES devices that wouldn't run any apps. Those "BlackBerry has no apps" statements are more a result of BES/IT policies than anything else.

If Windows Phones remain consumer devices that are able to be used in enterprise as BYOD, then there will be less of a negative perception than if Windows Phones are company-issued but crippled by IT policies.

I'm happy you guys didn't suggar coated the mediocre state of the windows phone device management API, which has to be the most perfect example of how MSFT just doesn't get mobile. All this time going after consumers only to be ignored while the enterprise was begging for what basically apple gave them: windows-like management. It's like a novel where MSFT's mobile OS bears the name windows as if implying excellent enterprise support, but may as well be called anything but.

Apple leads in the enterprise because it has built strong and flexible APIs since 2010 (starting with iOS 4.0) that allow Mobile Device Management (MDM) vendors to tightly secure, control, restrict, and monitor iOS devices.

 

Seriously who was high when they typed that pant load?

BYOD at my employer (bank) really stinks. They won't pay or reimburse you. So far only BlackBerry and iPhone running 6.1+ are approved. So I'm using the BYOD program until my work BlackBerry Bold contract comes up for renewal. I will upgrade to a BlackBerry 10 device since I have no interest is paying for long distance work calls. No motivation at all for BYOD at all after I get my upgrade in the next few months.

Posted via the WPC App for Android! on BlackBerry Z30

This article really is painting an incomplete image of the MDM space.

For starters no mention is made of one of the biggest MDM solution providers, MobileIron.
All the issues with WP is supported under MobileIron as well.
Nor is there mention of the Enterprise Pack stated by MS  which will be features as part of WP8.1
Also Apples ACTUAL management platform to manage devices is terrible, and is rarely actually implemented.
More businesses are looking to InTune to hook in to their exist System Center Configuration Manager (SCCM)environment for management for all their mobile devices (Laptop/Tablet/Mobile).
Exchange features only available to WP devices are not mentioned, example, disablement of forwarding flagged emails.
Where is the mention of Citrix/Terminal Servers/Remote Apps/Virtual Apps in this article? Not sure if the author is pointing to booting from VHD/WIM or just a local VM as nothing is specifically stated..

Perhaps someone whom looks at Device Management as their specialty should have written this article and given a more balanced (and proof read) view of the reality of BYOD.

Why would you want to encrypt the SD card? It only contains your media so it's kinda useless to encrypt it

My company that I work for has BYOD and it rolled out support to Windows Phones last fall. My Lumia 920 works great with it too.

I did try to upgrade to the Lumia 1520 but the SD card slot is causing all sorts of trouble. The phone I believe is tripping over the policy to encrypt the SD card, ends up making the card nit usable at all, and fails to integrate with the corporate system.

Its a shame too because I really enjoy my white 1520. I hoped to get it all working and eventually mod the phone adding qi back into the shell and everything like that.

I really appreciate all the discussion around this topic.  I see great banter around wether Windows Phone/Windows RT is not used more in the enterprise, if it has good MDM APIs, etc.  The overall topic of the post was around the pitfalls of BYOD and didn't really deep dive into topics like why Windows Phone/Windows RT isn't used more in the enterprise, or why iOS is the top choice.

I think the important thing to remember, and maybe Mobile Nations will want to deeper dive on this, is that Windows Phone/Windows RT cannot login to AD.  Its not running Windows as we have all grown up with.  Its Windows by name, but its really a very different animal.

Therea re some great MDM solutions out there from MobileIron, AirWatch, Good, Citrix, etc. Many support Windows Phone for sure, but not to the extent or iOS and a Samsung Android varient.

One of the big shocks was how tightly integrated Windows Mobile was, and when Windows Phone came out, how it lacked enterprise support.  I'm sure that Microsoft will eventually address it, but right now, iOS and the Samsung SAFE-enabled Android devices are far more MDM-friendly.

We're implementing VLans to isolate the production network and guest network.... One interesting caveat to BYOD
is a company or in our case a school district providing battery charging abilities. If we have 20 students per class, with 40-50 classes, there is a great deal of charging that can occur. Hence our policy states that the District is not responsible nor is it to be permitted that charging occur in a classroom. Our school simply are not wired to support a possible power load like this. Just as some teachers might not allow pencil sharpening to occur, (show up with a sharpened pencil or else), you better show up with a charged battery on your device. Personal responsibility carries much weight.