September 30, 2013

Bring-your-own-device (BYOD) offers powerful benefits for banks, from enabling better customer service at a lower cost to improving employee productivity and satisfaction. Just as ATMs transformed retail banking a generation ago, mobile devices make it possible to provide service in more places and reduce reliance on traditional teller windows and service desks. By allowing employees to choose their preferred work devices -- PC, Mac, mobile -- you can better attract the tech-savvy young professionals your organization needs to succeed.

[3 Tips For Implementing Banking BYOD Initiatives]

As you move to implement BYOD in your bank, though, it's important to think through your approach carefully. A Ponemon Institute study found that regulated data is most at risk when it sits on a mobile device, according to 69% of respondents, which included U.S. IT and data security practitioners. Make sure you avoid the common pitfalls so BYOD can fully deliver on its promise for your bank -- not create a new set of headaches around technology, security, and compliance.

Pitfall 1: Taking a one-size-fits-all approach to BYOD

People often assume that BYOD means allowing employees to bring their own personal devices to work, and perhaps receive a stipend to offset their cost -- but this is not always the right approach. In fact, Citrix recommends considering a different model for BYOD in the banking industry: buying the device for the employee instead of providing a stipend. This fulfills the two essential aspects of BYOD -- increasing mobility and allowing user choice -- but makes it possible to maintain a level of control and management that employees might resent on a personally owned device.

Whether or not you choose to buy BYOD devices for your employees, there will still be some workers who bring their own personal devices into your environment: contractors and temps. While corporate devices can be managed at the device level, application-level management may be more appropriate for personal devices to allay concerns about privacy. You'll also need a way to ensure that enterprise data is never accessed or sent from personal accounts. To meet these needs, make sure the solutions that support your BYOD strategy offer the flexibility to selectively apply mobile device management (MDM), mobile application management (MAM), and secure mobile email as needed.

[To hear about Mobile Devices -- Technologies and Trends, attend the session at Interop on October 2.]

Pitfall 2: Addressing short-term needs through point solutions

As any technology executive knows, requirements change quickly. Often, enterprises launch their BYOD initiative with a device management mindset, and plan their technology approach accordingly -- only to discover that they need to provide enterprise-ready apps, data collaboration capabilities and access to legacy apps from mobile. Email management and secure browsing of intranet content are often overlooked as well, but represent equally important parts of a complete strategy for mobility and BYOD. Before long, the mobile environment becomes a hodgepodge of non-integrated technologies with all the management pain that implies. Many enterprises also realize much later that they have not addressed scalability and data throughput needs for mobile users. Before you take that first step, think about what it truly means to mobilize your business, and then form a technology strategy to address the full range of needs through an integrated platform.

Pitfall 3: Not considering the full range of platforms/devices/apps employees will use

Even if most of your employees will be on the same couple of platforms, we've all seen how fast market share and consumer tastes can shift. To future-proof your BYOD initiative, you need to be able to empower people on any type of device -- Windows, iOS, and Android on mobile; Windows and MacOS on laptops.

Think about how you'll deliver the full range of apps people rely on. For laptops, desktop virtualization provides a solution for diverse Windows and Mac platforms. For mobile devices, consider a staged approach beginning with the mobilization of core business apps like email, calendaring, and document access so people see immediate value. Follow this with vertical third-party apps like CRM or point-of-sale systems. Third, create mobile apps -- but make sure you also have a simple, scalable way to make Windows apps available on tablets without having to develop mobile versions one-by-one.

Pitfall 4: Leaving out a rich data collaboration platform

Employees often need to share sensitive data both inside and outside the organization, from non-public financial data to confidential M&A information. Unless you provide a convenient way for them to do so, they're all too likely to resort to a consumer service like Dropbox or Box -- creating a compliance nightmare. To prevent data leakage and other risks, you need a secure, managed, and fully auditable data collaboration platform -- one that provides a simple, consumer-like experience to ensure full adoption. This functionality should be accessible on PCs and Macs as easily as on mobile devices with full integration to the email clients to support the full spectrum of collaboration scenarios.

Pitfall 5: Having an incomplete BYOD policy (or none at all)

In a highly regulated industry like banking, a complete, well thought-our policy is essential for implementing BYOD without increasing risk. Your policy should encompass considerations such as eligibility, allowed devices, service availability, cost sharing, acceptable use, device support and maintenance, and -- most importantly -- security.

As the role of BYOD and mobility in banking grows, new ways of serving customers and empowering employees will transform our organizations. By avoiding these pitfalls, you can keep your institution at the leading edge of our industry.

Chandra Sekar is Director of Product Marketing for Citrix XenMobile.