I’m sure you’re inundated with a steady stream of news and information about the Bring Your Own Device (BYOD) component of the Consumerization of IT (CoIT) phenomenon on a weekly basis. Yes, a good percentage of your employees are walking into the office with a wide range of smartphones and tablets every day and they want to be productive. Let me share just a few ways you can facilitate a positive outcome for your employees via completely ‘invisible’ means.
The first is enabling Exchange Active Sync (EAS) to securely provide your employees with email, contacts, calandar, tasks and ‘light’ mobile device management (MDM). Virtually every smartphone and tablet on the planet comes with the EAS client bits as a standard component of the mobile operating system. Whether you’re running Exchange Server in your own data center or in the cloud via Office 365, your employees can quickly and easily become connected with their coworkers. Oh, and you get mobile policies like password enforcement, device encryption, remote wipe and others for free.
The next thing you can do is use a reverse-proxy server or appliance on the edge of your network to securely publish web services and web sites out to the Internet. Without having to fumble around configuring and pre-connecting a VPN tunnel, your mobile employees can access the corporate information they need just as easily as they do when connecting to other resources on the web. Those services and sites will be wrapped in SSL and require appropriate network credentials in order to access them. If you’re currently publishing Exchange Active Sync out to the Internet today, then you probably already have this capability in place via server technologies like ISA, UAG, and others.
The last thing I want to focus on are those web services and web sites you’ll be securely publishing to the Internet for mobile consumption. It’s important that they be efficient over slow wireless networks and work with any mobile device or web browser. You web service wire protocol needs to be REST instead of SOAP and your data must be serialized with JSON instead of XML. Mobile web users must either be directed to a mobile version of your site or you should employ Responsive Design principles to provide the best experience. Those web apps must use the HTML5 Application Cache so they can work offline as well as IndexedDB or Web Storage to store data on the device just like a native app.
These are just a few things you can do to deliver ‘quick wins’ for the employees at your company without compromising security.