A CIO’s Guide to Mobility Governance

We live and work in a mobile world, there’s no question about that. As a result, the way we conduct business, is changing. All those devices that form the backbone of enterprise mobility—many of them falling under the potentially treacherous, still slightly “wild wild west’esque” BYOD category—can be great for productivity and employee satisfaction. They can be not so great, however, if you’re looking at them from a security or risk management perspective. CIOs, as we know, are expected to do all of that, to see the possibilities and the risks and figure out how to make it all flush in the end. It is doable–with just a little (or maybe a lot) of mobility governance. But how do you do that? And what’s the real point behind it, anyway? Let’s cut through the jargon and give CIOs some practical advice to ace mobility governance.

Priority One: Create a Mobility Governance Team

Implementing a mobility plan is a good idea from an ROI perspective. In fact, according to a survey by Enterprise Mobility Exchange, responses by the 300 global respondents indicated businesses that had done so were enjoying significant benefits. The reality is, whether you’re an enterprise or a small to midsize business, mobility issues remain the same. Here are some of the benefits the study participants realized that could well apply to your business, regardless of size:

• Competitive advantages (33.9 percent)
• Efficiencies on task in the enterprise (33.9 percent)
• Efficiencies on task for field services (30.4 percent)
• Customer loyalty and retention (28.6 percent)
• Improved sales performance (21.2 percent)
• Cost reductions across lines of business and with overheads (14.3 percent, respectively)
• Faster and higher quality field data capture (14.3 percent)

CIOs embracing mobility are smart—we can all learn from them. Focusing on realizing some of the benefits outlined above, and actively working to reduce things like bandwidth issues, intellectual property loss, cyber security risks is the way forward. That’s where mobility governance teams come in.

Why are they important? Let’s get real for a second about cyber security and all that data moving between devices—while business mobility is full of the potential for increased functionality and finding better ways to do business, with all that possibility comes a whole lot of potential liability.

Workers could use third party applications that could contain malware, inadvertently choose a weak password that’s attractive to hackers, or lose their devices altogether. It’s not at all uncommon for employees to not always be on a secured Wi-Fi network when conducting company business on mobile, making the risk of data loss greater. The list of what’ifs when mobility backfires is pretty substantial, but having a mobility governance team, no matter what the size of your organization, can help mitigate those risks.

Who needs to be on that team? Well-rounded mobility governance teams should include representation from all key areas of IT, as well as the business sectors of a company. This includes thought leaders from the following departments: Human resources, finance, sourcing, and legal. Choosing members who have big picture attitudes and who are comfortable collaborating is a must.

What exactly will they do? Each department represented on the mobility governance team has a unique responsibility:

• IT: Nail down device onboarding processes, and determine what exactly the company considers a mobile device in the first place. Do you think a laptop should have the same rules as a tablet? What about a smartphone? Also, determine which of those devices will have intranet access and just what kind of content will satisfy the business needs of the employees using them. Most importantly, find ways to limit the opportunities for data loss and the likelihood of cyber attacks.
• HR: Decide how HR will handle BYOD in general. How will security and procedures be communicated as part of the employee onboarding process? Will ongoing training happen? If so, who will be in charge of ensuring that happens? Who will enforce consequences if errors are made?
• Finance: Answer the age-old question: ‘How much is all this going to cost?’ Note how financials will be handled for device purchases and data usage and, most importantly, who will foot the bill. Will your employees pay for calls or will you? To what extent? Finance should present data-backed suggestions to the mobility governance team to make a decision.
• Sourcing: Decide what carrier(s) will be used for company-supplied devices and find an acceptable corporate plan. Also, source and procure the devices themselves.
• Legal: Determine boundaries for navigating the BYOD culture as it relates to privileged company information. Consider ways employees can use corporate devices as well as their own smartphones and tablets. Determine consequences for misuse.

Key Takeaways: Mobility Governance Do’s and Don’ts

I’ve covered a lot of information in this post, so I’m just going to leave a few do’s and don’ts here for easy digestion:

Do:

• Be on the same page when it comes to mobility. Approaching the issue department-by-department can lead to issues with consistency and poor execution of recom Communicate with your team and work together.
• Strengthen use policies in a way that does not inhibit job function.

Don’t:

• Be inconsistent when enforcing mobile policies. It devalues your objective and your authority.
• Ignore traditional security best practices. You’re beefing up your security measures, not replacing them in favor of the newest and shiniest option. That could spell trou

You can’t stop mobility—in the enterprise or elsewhere—and you probably wouldn’t want to. After all, getting it right can be very beneficial for companies both big and small. Getting it wrong, though? Having little or no mobility governance in a BYOD corporate culture heavy in the transmission of data? Bad move.

From the discussion of mobility governance teams above, do you think a team like this would be a good fit for your company? Do you have one already? As CIO, what challenges are you facing in this regard? I’d love to hear your thoughts.

Additional Resources on this Topic:

Sharing: The #1 Reason Your Company Security Will Be Breached
Profile of a ‘Trusted Operator’ CIO
The Top 6 Governance, Risk and Compliance Certifications

Photo Credit: rondacomunicacion via Compfight cc

This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. For more on these topics, visit Dell’s thought leadership site Power More. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.