
BYOD is unstoppable. Smart companies must build apps - iProject
http://gigaom.com/2012/04/08/byod-is-unstoppable-smart-companies-must-build-apps/
======
joejohnson
Sad, but my company just took a step back ten years this week. We were a small
company originally, very mobile IT engIneering and sales teams. If you ever
came to our offices it would be a ghost town during the day if everyone was
busy out on client sites. We had Citrix for access back to the office, an
allowance to get whatever data plan we wanted, provided light weight laptops,
and all our apps were available by remote. Then we got bought by a much bigger
company. Easier to kill of our systems and move us into the collective. Now my
laptop is a shitty dell that weighs a ton, and our time sheet system now only
works with IE, so my iPad now can no longer work seamlessly, so I HAVE to take
my laptop with me, and our office communicator system now only works on the
corporate network. No companies have to support BYOD, but it does make it feel
like ten years ago with out it. 8(

~~~
dualogy
Hey, at least you got a laptop -- 10 years ago, everyone was still tied to
desktops and laptops were the iPad-like flexibly-mobile novelty back then.
(And you brought one to a coffeeshop, everyone stared at you like you're a Mad
Professor. Well, outside the Valley, I suppose.)

~~~
sopooneo
Laptops were already pretty ubiquitous at coffee shops around Cambridge, MA
ten years ago. Longer than that actually. But I guess we weren't exactly
representative of the nation.

------
pixelcort
Is it just me, or am I the only one who enjoys having two separate devices;
one for work and one for personal use? This way I can set up two separate
environments and optimize for purpose. For example, my work computer can be
setup to maximize for coding, and my personal computer for gaming.

Perhaps the bigger issue is the lack of device choice for the company-issued
devices?

~~~
wmf
Size and weight are an issue. I don't want to have two phones in my pockets. I
have separate work and personal laptops, but I don't bring both into the
office.

I agree that low-quality devices are probably also behind it. Many people
would probably prefer to use their iPhone for work instead of the company-
issued Blackberry.

------
sounds
I'm usually one saying weird things like, "why do you say 'Post PC Revolution'
when PC's are here to stay and still vitally important?"

This article answers that question -

BYOD, Bring Your Own Device, is unstoppable. Let the user choose. Let them use
their laptop when that's the most convenient, or their mobile devices at a
whim.

Do what Dropbox does.

I agree that new input methods (including touch and Kinect's inputs) represent
a dramatic shift in hardware capabilities, and software UI's need to adapt.

I disagree that any of these changes make the PC less relevant or valuable.

------
ajb
There is no way I am using a personal device for work. You think 'we demand
your facebook password' was bad? Any big company is going to want root on any
device that is in their network, period. Sure, most bosses wouldn't want to
poke around, but if HR or Legal think that they need to search your computer
to cover their asses, they're gonna do it. And you'll have signed an agreement
giving them permission.

~~~
muzz
Multiple accounts / personnas on mobile devices is coming soon. Your work will
not need root access, they simply get an "account" on your phone, with
separate email, file system, web browser history, etc. I wouldn't be surprised
if Android and iOS implemented this in the OS even.

------
barrkel
There are some unnecessary technical problems.

Android's native Exchange integration requires you to give up "remote
administrator" access to your device; that means that the Exchange
administrator can, at their whim, wipe your device and all your data. (There
are other requirements around needing to enter a PIN each time you active your
device, etc.) I don't know if or how this can be configured at the Exchange
server end (and have been unable to sufficiently motivate corporate IT to find
out), but the upshot is if you don't want to give up this remote access, you
probably have to forego Android's Exchange integration.

There's TouchDown, a one-stop-shop for Exchange integration which keeps
Exchange-related data in its own little silo, so when the remote kill order
comes in, it only kills off the silo. At 20 USD it's not cheap as apps go, and
AFAIK it needs you to enter a password to log in in order to be compliant etc.
I have not used it.

Instead, I just use IMAP to access Exchange email, forego calendar
integration, and blame IT when I turn up late for meetings.

~~~
techsupporter
Every Exchange install comes with a default ActiveSync policy and Android
(along with iPhone, Windows Phone, and any other ActiveSync-capable client)
will alert you to its existence and prompt you to accept that fact. This is a
feature, not a bug. Your employer or Exchange provider can configure these
however they like. Your IT admins may have the security policies locked down
because of a requirement from "on high." The default policy is wide open and
doesn't require a PIN or password lock nor does it wipe your device if you do
set a security lock and get it incorrect.

Both you, as the Exchange user, and the Exchange administrator can perform a
remote wipe on your device. If you don't like this level of access, as you
said, you can simply not sync your personal device. At my employer, huge
swaths of people don't sync work mail with personal devices for this and other
reasons.

~~~
barrkel
I think it's a bug that Android's integration requires you to accept a
complete remote wipe, rather than just Exchange data. "Simply" not syncing has
only one downside in my practical experience: no calendar integration. The
"security" doesn't protect much when there's also IMAP access.

~~~
techsupporter
Every non-app ActiveSync implementation I'm aware of requires a full device
wipe. iPhone goes one further and busts you down to boot loader (or did when I
had an iPhone 3G and tried it out) so that it requires assistance from iTunes
to get moving again. Windows Phone and Android will just reboot to stock.

Having IMAP access enabled means that your IT department didn't think ahead,
they got overruled on having IMAP shut off, since it comes disabled by
default, or they are using the default ActiveSync policy which will generate
the security prompts as well.

~~~
barrkel
The topic is BYOD. "Requiring" a full device wipe is a problem here then, I
hope you can see - the remote server has no authority to require such a thing.
That's a bug, whether it's a bug with institutions and software licensing, or
with implementations, it's still a bug for proper BYOD support.

------
ekoontz
"The value proposition of the API proxy increases dramatically if it is able
to map between the security protocol of choice in the mobile world, OAuth, and
the existing security infrastructure in the enterprise."

The problem is that OAuth is only Authorization - you still need
Authentication. It seems to me you'd want to use SASL with mobile devices so
that your mobile clients can connect to your enterprise's Kerberos or Active
Directory Server. Haven't tried this, but maybe this would be a good start for
Android devices: <https://github.com/koterpillar/android-sasl>

(seen here: [http://stackoverflow.com/questions/3327615/is-there-sasl-
imp...](http://stackoverflow.com/questions/3327615/is-there-sasl-
implementation-that-works-on-android))

