IT's 6-step Guide to Adopting Consumerization

If your IT department is resisting the "consumerization" trend, it's in the minority. Recent research shows that most enterprises are proactively addressing this trend and the new relationship between IT and users that often accompanies a consumer IT strategy. What do they know that you don't?

Many of the fears regularly expressed by some technology and business executives -- often related to information security in the mobile environment -- can be effectively addressed through technology and policy.

[ Get savvy about the consumerization of IT with InfoWorld's special reports: Understand how to both manage and benefit from the consumerization of IT trend with InfoWorld's "Consumerization Digital Spotlight" PDF special report. | Get a handle on the mobile management framework with our overview guide. | Then go deep into BYOD mobile strategies and deployment approaches in our "BYOD and Mobile Deep Dive." | Sign up for InfoWorld's weekly Technology: Consumerization newsletter today. ]

A recent survey by the consultancy Avanade found that 60 percent of the companies are adapting their IT infrastructure to accommodate employee's personal devices, rather than restricting use of such devices. Also, 91 percent of the executives say their IT department has the staff and resources needed to manage the use of consumer technologies. In that environment, resistance really is futile.

As your organization moves to consumer-based technologies such as tablets and smartphones, cloud services, a mix of PCs and Macs, and social networking, here are critical practices to help create the right environment to make both IT and the business happy.

Consumerization Step 1: Create a Culture that Welcomes Consumer Tech

How can your organization ensure it gets the most out of consumerization and users have the freedom they need while at the same time maintaining appropriate control?

Perhaps the first move the organization needs to make is adjust its cultural orientation and attitudes from one of zero tolerance on consumer technologies to one of intellectual curiosity and business opportunity, says Frank Petersmark, former CIO of Amerisure and now a CIO advocate at the consulting firm X by 2.

Instead of automatically frowning on, say, employees bringing their own devices to work, you might think about how best to leverage this new technology and the processes that come with it for better customer service, improved profitability, or increased productivity, Petersmark says. An organization's ingrained culture is probably one of the biggest inhibitors to effectively and sensibly leveraging the opportunities presented by technology consumerization.

Part of the cultural change is getting IT out of the mind-set that only technology people can make technology choices.

For example, the IT team at the Austin (Texas) Convention Center had a hard time accepting that consumer products such as iPads would be suitable for use in its business environment, says Joe Gonzales, IT services manager. "In our organization, there is this perception that if a product didn't get ordered from our Dell Premier page, then it's not good enough to use in the enterprise."

First, the center had to get to a way of thinking that the objective is to give employees productivity tools, and it doesn't matter if these tools are considered business IT or consumer IT. Now, it uses iPads to deliver service-order information to its employees on the show floor, and about 50 employees are using their own smartphones to access email and calendar information.

Consumerization Step 2: Focus on Policy-Based Governance

This may seem obvious, but it's usually a big gap for companies to bridge: Develop policies to govern how consumer technologies can be used in the workplace, and deploy an asset management strategy for company-owned objects such as PCs and mobile devices.

Yes, consumer IT is largely about giving people freedom to choose devices and applications. But without a cohesive policy in place, anarchy can result.

"The majority of IT departments feel powerless when it comes to consumerization or any aspect of bring-your-own-device," says Barb Rembiesa, CEO of the International Association of IT Asset Managers (IAITAM). But governing policies, strong processes, and proactive guidelines will give organizations the ability to move into a consumer IT environment while bringing value instead of adding risk and cost.

Also, think about deploying IT asset management systems to control risk and ensure financial return of company-owned technology goods. After all, you own them because you have an explicit expected benefit or payback, or a specific security need that moved you to mandate that tool.

Your standard deployment process for technology may not accommodate the management of consumer technologies. For example, the Austin Convention Center found that its IT-initiated approach of adding a mobile device to a Windows domain and adding user profiles didn't address the casual nature of BYOD usage. The IT department had to start from scratch and determine how it was going to manage equipment, yet still comply with the City of Austin's IT security policies and procedures under which it operated.

In the end, the center wrote a new deployment policy that centered around educating users on the do's and don'ts of device usage, Gonzales says. This is also how the center goes about segmenting company data and personal data on devices: by educating users about how not to mix the two.

IT also took responsibility for the initial setup of devices, so it could control app deployment on them.

Consumerization Step 3: Implement Mobile Device Management

Mobile device management (MDM) software secures, monitors, and supports mobile devices. Typical functionality includes app distribution, configuration and enforcement of access controls, and -- for higher security environments -- imposing usage requirements, such as disabling the camera or limiting Wi-Fi access to specified access points. Such software -- and the policies they execute -- apply to both company- and employee-owned devices.

Consider the experience of furnishings company Holly Hunt's iPad trial, where a few sales staffers used Apple iPads on visits to client sites. During the pilot, the company discovered there was no way for IT manage the updates of iPad applications without going through an iTunes account. That meant it had to have one corporate iTunes account for each device issued and users had to periodically send their device in for the company to update with the PCs running that iTunes instance.

This was an operational nightmare, says Neil Goodrich, director of business analytics and technology at Holly Hunt. Instead, the company decided to shift to a BYOD model for the sales rollout, eliminating the concern about IT needing to keep devices current. Users took that responsibility, aided by iOS's application alert system.

Holly Hunt also deployed MDM software, so it can blacklist certain applications where appropriate. It can also remotely wipe data and deny network access to devices that do not adhere to corporate policies.

This strategy gave the company what it wanted with its mobile strategy: Users can self-update their personal devices and get the full utility from the one device for both their personal and work need, and Holly Hunt can protect itself against risks such as lost or stolen devices.

In addition, MDM software allows for multiple profiles, so the company can have one profile for employee-owned devices and other profiles for corporate-owned devices, which it uses in its warehouse and fabrication facilities. Other organizations implement such multiple profiles to vary permissions and privileges based on users' roles.

Next Page: Just three more steps to go...

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Subscribe to the Best of PCWorld Newsletter

Comments