Making BYOD Work for Your Organization

Making BYOD Work for Your Organization The “bring your own device” movement compels organizations to strike the right balance between employee freedom and corporate control over technology. Organizations should take a measured approach to transition

to BYOD BYOD and chart a middle path to reap its benets to avoid falling falling behind proactive competitors.

| FUTURE OF WORK

Executive Summary The inux of personal smartphones, tablets and laptops that connect with and use corporate resources is challenging

companies to walk a ne line between channeling the benets of employees purchasing and using their own mobile devices and making these devices secure and costeffective enough for the enterprise.

Known as BY BYOD, OD, or bring your own device, this consumer-led movement is transforming enterprise workspaces by extend ing the notion that 21st century employees need to work from

anywhere, at anytime and on their devices of choice, both within and outside of the traditional corporate structure. BYOD is not only disrupting the traditional way technology is

provisioned, paid for and used, but it also promises the dual benets of simultaneously driving down IT costs while improving employee productivity and satisfact satisfaction. ion. The BYOD trend holds immense potential to transform

business, enable agility and encourage innovative ways of interacting with customers and business partners. The key

is to approach BYOD holistically, responding to employee expectations while fullling business requirements for security,, compliance and risk mitigation. security Transitioning to a BYOD model should be phased in over

time. Organizations need to mitigate security risks, such as inappropriate usage or loss of corporate data and

the ensuing nancial and legal implications. Establishing effective governance mechanisms to ensure data privacy and security can be challenging when embracing a BYOD

philosophy. In addition, advances in consumer technology and device heterogeneity are creating complexities that can undoubtedly turn into nightmares for IT if not handled properly.

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

2

Organizations should deconstruct traditional workspaces, using virtualization to decouple dependencies among hard-

ware, OS, applications and user states found in traditional desktop congurations. This gives them greater exibility to stream the right set of user prole, data and applications ondemand, at the right performance level and in a secure manner to any device, based on employee roles and IT requirements. For the foreseeable future, companies should take a limited BYOD approach (the middle path), with nite lists of supported devices that are easier and less costly to manage.

A limited-BYOD infrastructure that is platform and OSagnostic will help minimize security breaches and the organizational resources needed to support and manage employee-owned devices. Deploying the right combination

of mobile device management (MDM), mobile application management (MAM) and mobile application development platform (MADP) solutions can help organizations secure and

quickly update business apps on employee em ployee devices devices and perform compliance reporting, all while providing p roviding employees the exibil ity they demand, resulting in improved productivity and higher satisfaction.

Unlike previous waves of technology change, BYOD promises to pervade all parts of the business. Proactive organizations that embrace this trend and mold it in suitable ways to

benet the business will gain the critical lead to out-perform out-perform the competition.

3

FUTURE OF WORK

June 2012

BYOD Beginnings The proliferation of affordable computing devices and technology in the 1980s and ‘90s had organizations scurrying to adjust to the trend of employees using

non-corporate devices for work. Being off the IT radar, portable computers and rst-generation handheld devices confounded many organizations that recognized their utility but could not fully embrace them because of the command and control issues they raised.

Today, with even greater advances in consumer technology, mobile applications and the affordability of smart and powerful mobile devices, organizations are more challenged than ever to incorporate them into the enterprise IT architecture. IT departments are understandably concerned about the security and data privacy

risks that accompany the BYOD movement, as well as the increased support costs. But the genie is out of the bottle. BYOD holds the promise of not only enabling

companies to become more agile and customer-focused, but also helping employees rapidly create and apply knowledge at work, which is key to deriv ing competitive advantage in a knowledge-driven economy. The issue today is for enterprises to embrace these changes in ways that improve organizational effectiveness and productivity while mitigating risk. Organizations need

to be proactive in avoiding the mistakes of the past so they can benet from the cost and productivity advantages of BYOD initiatives, as well as the ability to meet employee expectations and enable anytime/anywhere work.

IT Consumerization and BYOD Consumerization of IT is transforming the traditional IT landscape of organizations and the way employees use technology. The traditional lines between work and

personal life continue to blur for employees. Seeking exibility and choice in how they work, more and more employees are using their personal (smart) devices in the workplace. An IDC survey found that in 2011, 40% of devices used by information workers to access business applications were personal devices, compared with 30% in 20101 (see Figure 1), a 33% inc rease in just one on e year. year. According to the survey, 30% of information workers used their PCs, and 10% used their tablets for

Devices Used to Access Business Applications

2010

2011

30.7% 40.7%

Personal PC, smartphone 59.3%

69.3%

Business PC, smartphone, tablet

Business PC, smartphone

Perso Pe rsona nall llyy-ow owne ned d Base for 2010: 2,820 responses from enterprises with 500 or more employees from 10 countries.

Personal PC, smartphone, tablet

Comp Co mpan anyy-ow owne ned d Base for 2011: Over 3,000 information workers and  business executives from nine countries.

Source: IDC Information Worker Custom Survey, May 2011 and May 2010.

Figure 1

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

4

work-related tasks. BYOD demand and adoption varies by industry, with nancial services, insurance, healthcare and professional services leading the way (see Figure 2).2 As businesses realize that they can no longer dictate what devices should be

used at work, many are looking for ways to approach BYOD to advance their strategic agenda.

Benets for Employees and Organizat Organizations ions A major driver of BYOD is the productivity advantage resulting from improved

employee satisfaction and worker mobility, as well as lower costs of technology adoption and refresh (see Figure 3, next page). Other benets include: Increased productivity and employee satisfaction. BYOD provides the

exibility that employees seek to respond instantly to work requests outside of work hours, thus reducing process times and improving operational efciency. In addition, employees report higher satisfaction levels with such exible work arrangements and the freedom to use their devices of choice. Attracting, retaining and supporting new talent. Expected to soon become the largest segment of the workforce, many millennials openly seek environments that allow them the freedom to use tools and technologies native to their

upbringing and customized to their work and life preferences (see Figure 4, page 7). Lower IT procurement, support costs. BYOD promises considerable cost

savings if employees are willing to bear the cost of purchasing, maintaining and upgrading the devices they use for work. Though BYOD necessitates a one-time, upfront investment to create the support infrastructure, it can result in lower total cost of ownership in the long run. Improved collaboration. Employee-owned devices equipped with enhanced

mobile services allow employees to collaborate in real time and nish their tasks efciently by responding quickly. With virtualization, ubiquitous connectivity, anywhere access to corporate data, and innovative mobile apps, the opportunities for collaborative ways of working have grown immensely.

BYOD Support By Industry Finance/Insurance Healthcare Professional Services Manufacturing Transportation/Logistics Legal Software Government (Federal) Communications Retail/Wholesale Life Sciences Government (Local) Entertainment/Media 0%

5%

Currently support Consi Con side deri ring, ng, no no speci specifi fic c timef timefra rame me Source: Good Technology 

Figure 2

5

FUTURE OF WORK

June 2012

1 0%

1 5%

20%

Planning to support: Next 6 months Not planni Not planning ng to supp suppor ortt

25%

30%

35 %

40%

Planning to support: Next 6-12 months

Transforming the workplace. The combination of managed personal devices and cloud computing with desktop and application virtualization can help organizations enable secure access to key corporate resources anytime and

anywhere for their employees. The conuence of cloud, virtualization and mobility is transforming the way employees work today, allowing them to be creative and innovative in ways previously unobtainable.

BYOD Implementation Challenges Without a doubt, the proliferation of myriad smart mobile devices creates complexities that are overwhelming many organizations. With limited control over and vast choice of mobility devices, today’s organizations face considerable challenges in protecting data, ensuring security, providing support, meeting compliance regulations and lowering IT costs to manage a BYOD environment. Protecting data. Compared with most corporate ha rdware resources, resources, employee-

owned devices are more prone to theft and loss because of their size, perceived value and portability. For organizations, tracking lost personal devices and wiping sensitive corporate data stored on them is a major challenge. Security. The heterogeneity in the device landscape makes it challenging to

develop and implement appropriate security measures. In addition, their advanced features — such as high-resolution cameras, recording functions and large storage capacity — can circumvent many traditional IT security measures.

The possibility of employees inadvertently exposing their devices to malicious attacks while using them outside work is a serious risk. For organizations

operating in regulated environments bound by compliance mandates, ensuring security for corporate resources while allowing BYOD can be a tightrope walk. Support. Providing support for the numerous devices used by employees —

while offering the potential for signicant reducti ons in overall support costs — is a major implementation challenge. IT departments may be overwhelmed if they lack the appropriate resources to implement the changes necessary to support BYOD.

BYOD Drivers Improved employee satisfaction Increased worker productivity Greater mobility for workers More flexible work environments for employees Reduced IT costs Attracting/retaining high-quality staff Better quality of devices used by workers Better care and/or longevity of devices Reduced device management requirements for IT Faster onboarding of employees and third parties Improved business continuity Other 0% Base: 700 IT professionals in seven countries, including Australia, Canada, Germany, India, Netherlands, U.S. and UK.

1 0%

20 %

30 %

40%

50%

60 %

Percent of respondents 

Source: Citrix Global BYO Index 

Figure 3

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

6

BYOD costs. The potential to save money depends on how well organizations

understand and manage the required expenditure. Companies run the risk of unnecessary BYOD outlays, such as reimbursing employees’ mobile expenses, processing related expense reports, investing in solutions to support heterogeneous devices and customizing apps to run on those platforms. Compliance requirements. Compliance mandates such as HIPAA, 3 PCI DSS4 and GLBA5 are particular about safeguarding data, regardless of the device on which

data is stored. Organizations are subject to heavy nes in the event of data breaches. Given device heterogeneity and the scant regard today’s workforce seems to have for IT policies, the cost of staying compliant, addressing risk and establishing proper governance can be daunting.6

Overcoming BYOD Barriers Yet the benets afforded by BYOD make it worth proactively pursuing. To support the myriad devices, congurations and applications, organizations need to have a robust and scalable infrastructure. Additionally, it requires support staff, especially IT expertise, to acquire the appropriate skills to manage this new environment and infrastructure.

A platform- and OS-agnostic BYOD infrastructure will provide controls to limit security breaches, as well as minimize organization support and management of employee-owned devices. By deploying the right combination of MDM, MAM and MADP solutions, organizations can secure and quickly update business apps on employee devices, as well as perform compliance reporting. It can also provide IT departments some degree of visibility and control over the devices and apps used by employees.

Infrastructure Provisioning Managing the complexity of a BYOD environment requires organizations to intelligently provision the infrastructure and access to corporate resources.

Business Staff Expects To Be Self-Sufficient And Empowered

25% Millennials in the workforce

66% of your employees select their own mobile phone. *

39% of millennials select their own mobile phone, regardless of what IT supports.*

2010 * Forrsights Workforce Employee Survey, Q3 2010, Forrester Research, Inc. † Bureau of Labor Statistics and Forrester Research Source: Forrester Research, Inc.

Figure 4

7

FUTURE OF WORK

June 2012

22% of your employees have used a service delivered over the Web to help them get their  job done.*

2015

34% of millennials say they have better technology at home than they have at work.*

45%

By 2020, 45% of your workforce will be millennials.†

Empowered, tech-savvy employees

2020

Virtualization. Providing access to corporate data and enterprise applications from a centralized location gives IT greater control over safeguarding enterprise resources regardless of the devices in use. In this way, virtualization accommodates the diverse devices used at work and eliminates the IT and business costs of customizing apps and creating access mechanisms. “Containerization.” This approach separates corporate data into secure “container” structures on devices and allows organizations full control over

them. By using either a self-contained, secured application and data construct or a completely separate mobile OS via a hypervisor, organizations can isolate or contain corporate data on personal devices.

With the hypervisor, multiple instances of an operating system can be run on a single device, essentially creating virtual devices. This way, organizations can completely isolate the OS and partition the portion used for corporate applications and data from the one used for personal purposes. With the self-contained

construct, applications and data are run in a separate memory space on the device. Access to this information is secured via additional authentications and can be selectively removed in the case of device loss or employee retirement. These containerization methods allow IT departments to manage and monitor the corporate applications and data effectively and securely without impinging

on the personal data on employees’ devices. Encryption. This provides a strong layer of security for devices, applications and data. It also makes it difcult for anyone to view and obtain data from lost devices without the encryption key. BYOD in phases. Embracing a limited BYOD model is key to handling

the complexity that personal devices introduce. Carefully evaluating the requirements of employees based on their roles and limiting device support will help IT departments gain some control over management and security challenges. Allowing only secure and compliant personal devices for work can

help organizations alleviate their concerns over security, support issues and costs so they can create an infrastructure to accommodate them.

Creating a Holistic BYOD Strategy and Policy Deciding on a BYOD implementation path can be challenging for many organizations. The BYOD journey should begin with the understanding that the strategy needs to be all-inclusive and balance the risks and rewards for employees and employers.

Strategy Essential to the formulation of a BYOD strategy is understanding employee roles and how they relate to the use of mobile devices at work. Organizations should group users into broad categories that consider the kind of work they do on a daily

basis and the necessary IT requirements to support them. Ideally, Ideally, BYOD BYOD should be rolled out only to qualifying em ployees. The strategy should factor in the nature of the business and industry in which an organization operates to identify how it can stay

compliant, especially on data security/privacy and usage mandates. It should also specify the kind of device congurations, preferred vendors and brands that support the organization’s business needs. An important consideration is balancing enablement with control. This will

require organizations to decide on the proper application of MDM, MAM and MADP solutions and whether these should be managed in-house or contracted out to vendors. The transition to BYOD should start only after an

organization assesses the net benets it expects to realize from the initiative.

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

8

Another key element is the cost BYOD entails in setting up new infrastructure and ensuring support for diverse technologies in a non-standard environment. Organizations should also determine the liability they are willing to assume (see

Figure 5), as well as the tax and legal implications of allowing BYOD, especially when reimbursing employee expenses. To support BYOD, organizations also need to prepare enterprise applications to work with the allowed set of personal devices, which entails customizing, developing and updating applications to work with personal devices. Support is another critical aspect, as employees need anytime, anywhere access to either live agents or self-help tools. A mix of sourcing, automation and strong technical customer support is essential to a robust BYOD support model. A successful strategy will ensure that IT and the business units agree on how to approach the BYOD program.

Companies should consider a middle path between the two extremes of the complete

freedom

that

employees

desire

and

the

full

control

that

organizations seek over personal device work usage. A exible and scalable strategy will better accommodate the growing demand for BYOD, given the rapidly evolving device technology landscape.

Policy Implementing the BYOD strategy is only possible with a comprehensive policy.

To develop an effective policy, organizations need to dene and understand factors such as: Which devices and operating systems to support.

Security requirements based on employee role and designation. The level of risk they are willing to tolerate.

Employee privacy concerns. Employee demand for freedom in how they work and use technology has serious ramications for IT environments. This demand is altering IT departments’ traditional structure and scope of control. Understanding this altered

Employee vs. Company Liability •

•

•

•

Corporate Liable, Capped Expense

Better control over devices can be applied (blocking of marketplace applications, etc.)

Corporate Liable, Complete Expenses Paid

Better security

•

•

•

Comparatively easier for enforcing policy and compliance

•

Individual Liable, No/Capped Expense

Need for application license management

Individual Liable, Complete Expenses Paid

•

Better control over expenditure

•

Reduced device running cost (direct Op-Ex cost)

Reduced IT overhead Reduced device procurement cost (Cap-Ex) Better choice of device Challenges in deploying corporate applications due to non-standardization of OS

Corporate liable devices are recommended for environments with higher data security risks (e.g., financial services); individual liable devices are recommended for environments with lower data risks (e.g., education). Source: Cognizant 

Figure 5

9

FUTURE OF WORK

June 2012

environment will give organizations a better idea of what to consider while drafting BYOD policies (see Figure 6).

BYOD BY OD Policy Framework A comprehensive BYOD policy is an essential component of a successful BYOD

program. An effective policy should include the following: Devices » Scalability of devices: Flexible guidelines need to determine which devices

are evaluated on an ongoing basis, particularly as new devices, platforms and operating systems emerge and employee expectations evolve. » Device criteria: Comprehensive evaluation criteria need to specify which

devices are allowed and how employees will be notied that their devices satisfy that criteria. » Supported congurations and platforms: Customized user agreements

should account for the varied combinations of devices, the platforms they run and the regulatory requirements specic to the region(s)/industry(s) in which the organization operates. » Device certication: A methodology is needed to evaluate and certify a device. The policy should provide a list of compliant and preferred vendors

for sourcing devices and licensing for core applications required. » Device support: A clear statement needs to detail how employee-owned

devices will be congured, which applications will be supported and the type of support that will be provided. If the company wants to encourage a

“self-support” culture, it should provide self-help/support tools to users. » Security: The organization needs to dene its stance on how corporate data will be retrieved and wiped in case of device loss or theft, as well as the rights it reserves for dealing with corporate data and applications. It should

outline restrictions on usage of device features such as cameras, storage and recording functions and should stipulate the use of anti-virus and malware

software and the frequency of updates.

Dening BYOD Policies Policy Element

Traditional IT Policy

BYOD Policy

Devices, device congurations and

Standardized.

Complex and heterogeneous.

Mobile applications and data

Full command and control over data and apps.

Limited control over corporate partitions, data and apps.

Device tracking and monitoring

Full IT control over evaluating how

Clarication of how devices are tracked and monitored, as well as which portion of the devices and data will fall under the policy’s

operating systems

Cost re reimbursement

devices are used, with no express permission required from users. No pr provision fo for re reimbursement of of company-owned device costs.

purview.

Denition of who pays for what, based on an understanding between employees and employer.

Figure 6

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

10

Users » Eligibility: Eligibility requirements need to be created, as well as the criteria used to establish eligibility. Role-based restrictions regarding access to certain applications and data should also be clearly stated. Organizations should describe the procedure for obtaining approval for using personal devices. » Acceptable usage: Employees should be required to understand their responsibilities with regard to acceptable use and minimum device

connectivity requirements. The policy should encourage employees to prioritize business-related use when they are at work. » Compliance and governance: Communicate non-compliance to users and outline the remedial actions they can take to be compliant. Organizations

should get executive buy-in for the BYOD policy and involve all related departments, such as HR, nance, legal and operations, apart from IT. » Ownership and liability: Guidelines must be claried on who owns the device and the data. These should dene liabilities related to loss of corporate data stored on personal devices, as well as the liability the organi zation is willing to accept for affecting personal data due to the management of corporate data and apps. » Reimbursement considerations: The organization needs to dene its stance

on reimbursement. The extent of reimbursement (full, partial), the limits (allowed expenses, maximum amount), the frequency (one-time, monthly, yearly) and eligibility (based on role) will help guide the organization when formulating its stance. » Policy violations: The company needs to prescribe actions in the event of violations of policy guidelines.

Implementing BYOD Policy A clear policy on the types of devices allowed as part of a BYOD program helps organizations attain a certain level of standardization and allocate the necessary

Defining User Profiles and Their Needs Knowledge Workers

Examples

Typical Work Pattern

IT Requirements

Scientists, designers,

• Rich user experience, with multiple

• Data security and compliance • Flexibility to access multiple desktop computers • Application-specic security and regulatory

statisticians

computer applications and tools running locally

compliance efforts

Ofce Workers

Admins, HR, nance

• Routine workows, with multiple computer applications and tools running locally

• Data security and compliance • PC integrity • Application-specic security and regulatory compliance efforts

Executive &

Function heads,

Mobile Workers

sales reps

• Similar to knowledge/ ofce workers • Ofine computing • Anytime, anywhere access

• Data security and compliance • PC integrity • Application-specic security and regulatory compliance efforts

• Ofine access to les and data Task Workers

Call center reps, retail agents, factory workers

• Simplied and streamlined user experience • No requirements to save data locally

• Data security and compliance • PC integrity • Highly controlled environment • Low-cost hardware solution that maintains high user productivity

Contract Workers

External contractors, third-party collaborators

• Local and remote access

• Data privacy and condentiality • Low-cost hardware solution that maintains high user productivity

Source: Cognizant  Figure 7 

11

FUTURE OF WORK

June 2012

infrastructure to support the devices. Customized policies mapped to the roles of users and their dependence on the devices will be an effective way of limiting risk.

Segregating users into broad categories such as mobile workers, ofce knowledge workers and task workers will help organizations better understand their needs and

provision the appropriate IT requirements accordingly. The policy should consider the role, the kind of work performed and the mobility needed to determine the capabilities required of a personal device. For example, a senior executive is more likely to use a tablet to review and approve work, while a designer or an engineer will prefer a desktop or a laptop. Organizations can derive insights from the BYOD implementations of early movers and absorb the best practices into their policies.

Transitioning to BYOD BYOD is transforming traditional end-user workspaces by unshackling the

dependencies of employees tied to a physical location, a rigidly congured device, OS, applications and user states and allowing them to work from anywhere, accessing applications and content using myriad device congurations. Organizations looking to prot from a BYOD setup should ensure that employees have the right virtual workspace from any device and a productive work and collaboration plat-

form, while ensuring effective security for corporate information and ease of access.

To do so, organizations should deconstruct traditional workspaces and decouple the dependencies among hardware, OS, applications and user states found in traditional desktop congurations. By isolating and centralizing operating systems, applications and user data and state, users can access data and apps from any device, from anywhere, and organizations can manage and monitor apps and corporate assets efciently. Once they have categorized e mployees into broad pools based on their work and IT requirements, organizations can stream the right set of user prole, data and applications on-demand, at the right performance levels and on any device, securely (see Figure 7, previous page). Taking a pilot approach to BYOD, organizations can establish the reference architecture for an “any device, anywhere access” model.

Transitioning to the BYOD Model

Investment ROI Analysis

New Setup Implementation

Employee Onboarding Process

• Baseline current TCO • Identify one-time

• Build enabling

• Define trigger for onboarding • Define policies • Create implementation

investments

• Assess ongoing cost with new model

• Go/no-go

infrastructure for solution identified

• Finalize sourcing options

checklist

• Define new

• Create communication

support model

plans

Creating a compliance audit framework to ensure success Source: Cognizant 

Figure 8

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

12

Organizations currently have only two choices when it comes to BYOD – adopt it now or later. A transition to the BYOD model should occur in a phased manner

(see Figure 8, previous page). First, organizations should analyze their return on the investment of enabling and supporting supportin g BYOD. BYOD. They need to consider the costs of setting up t he required infrastructure, one-time investments in MDM, MAM and MADP solutions, supporting the program and reimbursements for device purchases. Looking at returns over the long term and the possible value-additions from such a program will be a better yardstick to measure the ROI.

Second, they should examine the current infrastructure that is designed to support corporate-issued devices and bolster it with the additional capabili-

ties required to support BYOD programs. Organizations should be proactive and recommend to employees the ideal devices and platforms that can quickly deliver the desired benets. Organizations should ideally recommend preferred vendors and discounted pricing contracts for devices and apps to help minimize costs.

Lastly, a critical step is that the employee onboarding process should be smooth and simple.

The Future of BYOD BYOD introduces a multi tude of challenges; h owever BYOD owever,, organizations should shou ld treat this as an opportunity that can yield signicant benets, both tangible and intangible. The key is to approach BYOD in a holistic fashion to address employee expectatio ns, while ensuring business requirements are met related to security, compliance and risk minimization. The need for agility and speed will more rapidly transform the

role of IT from a support function to a strategic, business-enabling function. Successful organizations will take a proactive approach to embracing and molding BYOD for competitive advantage and the agility to outmaneuver the competition. Creating obstacles to BYOD will be futile as empowered employees are provisioning their own technology anyway. Younger employees and those

with a millennial mindset nd it hard to draw the line between their personal and professional lives and seek the exibility and ease-of-use that their personal devices provide. Implemented with the right strategy strategy,, BYOD can: Empower employees to improve their productivity through their choice of devices and collaboration styles.

Ensure security of corporate data while complying with corporate mandates on compliance, risk management and privacy. Deliver cost savings with minimal IT support for employee-owned devices.

Simplify IT by running any app, anywhere, on any device.

13

FUTURE OF WORK

June 2012

Footnotes 1

“2011 Consumerization of IT Study: Closing the Consumerization Gap,” IDC, 2011, http://www.unisys.com/ http://www. unisys.com/unisys/ unisys/ri/report/ ri/report/detail.jsp?id=1120000970016710178  detail.jsp?id=1120000970016710178 .

2

“Good Technology State of BYOD Report,” Good Technology, December 2011, http://www.good.com/r http://www. good.com/resources/Good_Data_BY esources/Good_Data_BYOD_2011.pdf  OD_2011.pdf .

3

Health Insurance Portability and Accountability Act.

4

Payment Card Industry Data Security Standard.

5

Gramm-Leach-Bliley Act.

6

“Cisco 2011 Annual Security Report,” Cisco, 2011, http://www.cisco.com/en/US/  prod/collateral/vpndevc/security_annual_report_2011.pdf .

References Tom Kaneshige, “BY “BYOD: OD: Five Hidden Costs to a Bring-Y Bring-Your-Own-Device our-Own-Device Programme, Programme,”” Computerworld UK , April 2012, http://www.computerworlduk.com/in-depth/mobile-  wireless/3349518/byod-ve-hidden-costs-bring-your-own-device-progamme/ . “Bring Your Own Device: Agility Through Consistent De livery, livery,”” PricewaterhouseCoopers , 2012, http://www.pwc.com/en_US/us/increasing-it-effec  -  tiveness/assets/byod-1-25-2012.pdf  . “Best Practices to Make Ma ke BYOD Simple and Secure,” Citrix , March 2012, http://docs.media.bitpipe.com/io_10x/io_104481/item_530202/BYOD%20  Best%20Practices%20Guide.pdf . “Leaders in Enterprise Mobile Strategies: Tug of War Between Business Value and Risks,” SandHill Group , November 2011, http://sandhill.com/reports/leaders-in-  enterprise-mobile-strategies-tug-of-war-between-business-value-and-risks/ . Cimarron Buser, “How Workers Can BYOD Without Risking Data, Networks,” Mobile Enterprise , August 25, 2011, http://mobileenterprise.edgl.com/how-  to%5CHow-Workers-Can-BYOD-Without-Risking-Data,-Networks-75175  . “Mobile Virtualization Offers Enterprises a Way to Embrace the Consumerization of IT, According to New Research from ID C,” IDC , June 7, 2011, http://www.idc.com/  getdoc.jsp?containerId=prUS22864311 . James Staten and Alex Cullen, “BT 2020: IT’s Future in The Empowered Era,” Forrester Research, January 2011. http://www.forrester.com/BT+2020+ITs+Future+  In+The+Empowered+Era/fulltext/-/E-RES58156?docid=58156 .

June 2012

MAKING BYOD BYOD WORK FOR YOUR ORGANIZATION

14

Credits Author and Analyst Aala Santhosh Reddy, Senior Research Analyst, Cognizant Research Center 

Subject Matter Experts Jeff Wallace, Assistant Vice President and Cognizant Mobility Practice Leader  Tim Rose, Associate Director, Cognizant IT Infrastructure Services Product Management  Anindo Sengupta, Associate Director, Cognizant IT Infrastructure Services 

Design Harleen Bhatia, Design Team Lead  Suresh Sambandhan, Designer 

About Cognizant Cognizant (NASDAQ: CTSH) is a leading p rovider of information technology, consulting, and business process outsourcing out sourcing services, dedicated to helping the world’s leading companies build stronger businesses. Headquartered in Teaneck, New Jersey (U.S.), Cognizant combines a passion for client satisfaction, technology innovation, deep industry and busi ness process expertise, and a global, collaborative workforce that embodies the future of work. With over 50 delivery centers worldwide and approximately 140,500 employees as of March 31, 2012, Cognizant is a member of the NASDAQ-100, the S&P 500, the Forbes Global 2000, and the Fortune 500 and is ranked among the top performing and fastest growing companies in the world.

Visit us online at www.cognizant.com or follow us on Twitter: @Cognizant.

World Headquarters 500 Frank W. Burr Blvd.

Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: Free: +1 888 937 3277 [email protected]

India Operati Operations ons Headquarter Headquarters s #5/535, Old Mahabalipuram Road Okkiyam Pettai, Thoraipakkam Chennai, 600 096 India Phone: +91 (0) 44 4209 6000 Fax: +91 (0) 44 4209 6060 [email protected]

Australia Cognizant Technology Solutions Australia Pty Ltd Level 15

14 Martin Place Sydney, NSW, 2000 Australia

Phone: +61 2 9223 3988 Fax: +61 2 9233 5315 [email protected]

Hong Kong 62/F, Suite 6201, The Center 99 Queen’s Road Central, Hong Kong Phone: (852) 2273 5393 (852) 2273 5395

Fax: (852) 3965 3222 [email protected]

Singapore Cognizant Technology Solutions Asia Pacic Pte Ltd 80 Anson Road

#27-02/03 Fuji Xerox Towers Singapore, 079907 Phone: +65 6324 6672 Fax: +65 6324 4383 [email protected]

© Copyright 2012, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners.