This post is an excerpt from GovLoop’s recent report, Exploring Bring Your Own Device in the Public Sector.
David Graziano, Director, Security and Unified Access, US Public Sector, Cisco, spoke with Pat Fiorenza of GovLoop on the state of BYOD in the public sector. David provided expert insights on how to best manage, control and implement a BYOD program for a public sector agency.
This guide addressed numerous best practices and ways to overcome common challenges for public sector agencies looking to implement BYOD initiatives. Graziano’s in- sights provide further evidence that although challenges still remain for BYOD, this is one of the most important trends occurring in government. During the interview, David was clear to highlight the benefits of BYOD, from optimizing business lines to workforce productivity and morale, BYOD clearly has the potential to transform how agencies operate. Although the benefits are clear, there are numerous best practices that David highlighted for agencies to consider.
He advised that agencies must start by embracing BYOD, and accept that BYOD is a trend that they must act upon, “Embracing BYOD is really important, because if they don’t, then the agency is actually moving away from technology rather than leveraging it to achieve their mission,” states Graziano.
Embracing BYOD is essential. BYOD initiatives show a commit- ment to becoming an innovative workplace and allowing people to work on the platform they desire. “If you embrace BYOD and make it very easy for people to get on the network and enforce policies to protect data, that is the best thing,” David keenly acknowledges. Once BYOD is embraced by agencies, he advises that it is essential that the organization create a simple user experience. David states:
“You need to create a simple user experience. This involves guest ac- cess and on-boarding, this means potentially allowing people access who do not work for you and limit- ing information they can access. If it is an employee, it is simple onboard- ing, managing the user experience of getting on the network, establishing and confirming their identity and authenticate who they are and their device, just making this a very smooth process.”
Clearly, the intent is not to limit ac- cess or have challenges connecting to a respective network. Although bringing in a tablet for work use can aid in productivity, David is sure to address the importance of setting policy to protect government data.
Graziano advises that the right kind of policy needs to be developed, and that if necessary, the agency has the right to delete all data on the tablet. Further, David advises the use of Next Generation Encryption in any BYOD initiative. Cara Sioman recently described Next Generation Encryption in a Cisco blog post as:
“The next generation of encryption technologies meets the evolving needs of agencies and enterprises by utilizing modern, but well reviewed and tested cryptographic algorithms and protocols. As an ex- ample, Elliptic Curve Cryptography (ECC) is used in place of the more traditional Rivest-Shamir-Adleman (RSA) algorithms. By upgrading these algorithms, NGE cryptography pre- vents hackers from having a single low-point in the system to exploit and efficiently scales to high data rates, while providing all of the security of the Advanced Encryption Standard (AES) cipher.”
Security and protecting government data is the preeminent concern for any BYOD initiative, with the use of Next Generation Encryption, agencies can work to remain safe, and still implement a successful BYOD initiative.
David highlighted four core challenges for BYOD, the loss of control, protecting government data, limited access, and changing work practices for new employees. The loss of control is absolutely one of the most critical concerns with BYOD.
Graziano states, “Typically loss of control is related to policy, if you are going to let these things on your network, how do you possibly control where they are allowed to go, and what they are allowed to do?” These are important considerations to make while crafting a BYOD policy, and as David mentioned, the importance of a well-crafted policy is essential to the success of any government BYOD initiative.
Closely linked to the challenge of a loss of control, is the need to protect government data. David states, “If you are going to allow people access to data and in theory they could pull it down, you run the risk of losing that government data.”
Additionally, Graziano advises that policies will differ for government furnished devices and personal de- vices. “If the devices are government furnished, you can establish one set of policies, and if it is literally BYOD, then you have to establish a different set of policies for that,” stated David. Beyond operational and efficiency gains, BYOD also may contribute to tackling the challenges to recruit and retain top talent in government.
BYOD has the potential to shape how government entities recruit the next generation of public servants. BYOD is becoming a necessity for recruitment, as a new demographic of employees enter the workforce; entrants have expectations that information will be available at their fingertips. “They have expectations that they are gong to be able to access information on any device, any time anywhere,” David states.
David provided some great insights on BYOD and how it is shaping public sector entities. As the mobile boom continues, and agencies work towards delivering improved services, BYOD initiatives will be critical to improve how government operates.
David provided great insights how BYOD is shaping the public sector. As the mobile boom continues, and agencies work towards delivering improved services, BYOD initiatives will play a critical role trans- forming government operations and service delivery.
This is a practical and useful report for government agencies considering BYOD at their agency. The report will guide you through the challenges and common roadblocks faced by your peers in government, helping you to consider all the numerous aspects of BYOD and encouraging you to think of the challenges within your agency, and implementing some of the lessons learned from the report. As always, we want to hear from you, your challenges, and best practices you have found.