By Tom Kendra\n\n\n\nA few months ago, I asked a very large international customer about its bring-your-own-device (BYOD) plans. The reply was, \u201cOur strategy is akin to random acts of mobility.\u201d What was meant is something I\u2019ve heard from many other customers. People are bringing in the devices they want IT to support, and they are getting their way. This puts tremendous pressure on IT to support these devices, even if they are not part of a larger plan. While randomly supporting devices is bad, the motivation behind the requests is usually good because BYOD increases productivity by letting users access information in the way they want.\n\n\nWhile IT should support this willingly, there needs to be a better plan. Of course, that\u2019s easier said than done. The evolution of systems management in most companies has been piecemeal with a variety of systems\u2014some proprietary\u2014deployed to support the different iterations of company-approved laptops, tablets and smartphones. Combine these systems with the reality that users now typically use three-to-five devices respectively, and it\u2019s no wonder that IT faces a constant struggle to track who has which devices, what data they can access and whether the devices are secure. In such an environment, random acts of mobility are unavoidable.\n\n\nSo how can companies move from randomness to a successful BYOD strategy? Let\u2019s start with a definition of \u201csuccess.\u201d I think of it as letting individuals use their devices of choice while easily managing users, devices and access to data\u2014all for a reasonable cost.\n\n\nAchieving this success requires two critical pieces. First, a set of best practices and policies that creates the proper balance between the users\u2019 desire for flexibility and the enterprise\u2019s need for data protection and regulatory compliance. Are there limitations on how devices can be used? How much support will the company provide for user-owned devices? Does the enterprise have the right to wipe data? What happens if a device is lost or stolen? Should data access be limited according to an employee\u2019s role, time of day or location? To formulate and codify these best practices and policies, it\u2019s imperative to bring together representatives from IT, legal, compliance, finance, HR and business.\n\n\nThe second requirement is a new technology solution that makes it easy and cost effective to implement policies and best practices while being able to scale to incorporate more users and devices. To facilitate policy and compliance management, look for a solution that uses a secure workspace installed on BYO devices. Such a workspace effectively separates personal information from enterprise data and enables IT to manage and, if necessary, delete enterprise data without impacting the personal side. To ease deployment and control costs, look for a comprehensive solution that offers management of user identities and access, devices, applications and content. This eliminates the need to purchase and support multiple point solutions, which increases cost and complexity. By meeting these requirements, your BYOD strategy should be a success.