IT managers planning a Choose-Your-Own-Device (CYOD) or corporate-issued mobile program have more work ahead of them than enterprises opting to go BYOD. By issuing phones to the workforce, they typically take more responsibility for configuring, managing and securing those devices, but it also puts the enterprise in a better position to streamline enrollment processes, standardize which devices are in use and establish effective controls.
When mobility strategy and policy are determined, with tools such as mobile device management (MDM) and end-point security (EPS) selected and installed, IT managers still face a big hurdle: how to execute a mobile deployment that may involve hundreds or thousands of devices.
Start by Asking the Right Questions
CYOD or corporate-issued mobility projects usually involve ordering and staging devices so that users can dive in quickly with the right device, right settings and the right apps at deployment time. IT managers have to focus on both the logistics of deployment and the mechanics of operations. This can be a tall order for already-strained IT departments that have focused on desktop and server operations in the past. Managed mobility service providers can help, but IT managers still have to answer some big questions — no matter who does the work.
- How will you get devices to staff? In person? Remotely? Will you use third-party resources, such as carriers or managed mobility service providers?
- How will you maintain device inventory? As part of existing tools? A separate tool linked to your MDM or enterprise mobile management (EMM)? Within MDM/EMM itself?
- How will devices be initially configured with the right image? How will enrollment into MDM/EMM occur?
- Will devices be locked and come from a single carrier, or unlocked and from some other source?
Simplify Deployment Logistics
For many IT managers, the logistics of passing out hundreds or thousands of mobile phones represents a difficult task. One danger is to assume that the same tools and techniques for getting laptops to end users will work with smartphones. They won’t.
For example, IT managers often have a standard “gold master” image that they use for all desktops and laptops at deployment time; this gets manually loaded before the device is handed to the user. That technique could be done for smartphones, but it’s particularly inefficient and gets in the way of fast deployment. Instead of using bulk imaging tools, smartphones can be configured over-the-air, which can eliminate the need for anyone between the warehouse and the user to touch the device. For example, Samsung’s Knox Configure can be used to ensure that each device gets the right apps and initial configuration, all handled over-the-air and automatically when the device is first powered on, wherever it is in the world.
Other steps, such as the traditional “join the PC to the Windows Domain” step have analogues in the smartphone world, but can also be handled automatically. For example, Knox Mobile Enrollment bridges the gap between an anonymous smartphone and one enrolled in the company’s MDM suite with the proper MDM agent installed.
Locked or Unlocked? Choosing the Right Phone
The question of locked versus unlocked smartphones is more than one of pricing. While locked phones from carriers come with attractive subsidies and some deployment help, IT managers facing global deployments may find that unlocked phones are a better choice. This comes down to three major factors: mobility, manageability and security.
- Mobility means working where and when you want. Geography is the obvious reason to shy away from a single carrier, as different carriers have different footprints and coverage levels around the globe. A single carrier solution with global roaming may make sense — or, depending on the costs involved, multiple carriers and the complexity of multiple relationships might be worth the effort. Unlocked phones let the IT manager (or user, in some cases) select the carrier that is right for a particular environment, without having to worry about technical or contractual blockages getting in their way.
- Manageability means simple and comprehensive control. Locked phones are running the carrier’s image, and each carrier packages and delivers the phone operating system — and any updates — differently. This can inspire a management nightmare, as different phones will have different configurations over time. IT teams have little or no hope of bringing them to a common base. Unlocked devices provide greater consistency across the organization.
- Security means proper configuration and prompt updates. One of the major issues associated with carrier-locked smartphones is the lack of control over software updates. Firmware management is generally taken out of the hands of the IT manager and is subject to the carrier’s own processes and timelines. With unlocked devices and tools like Samsung’s E-FOTA, IT managers retain greater control over when and how to apply updates.
IT managers wondering how to plan a mobile deployment are taking on something different from traditional end-user computing. Answering a few preparatory questions ahead of time will reduce risk of failure and improve the chances of smooth sailing.
Download our free white paper on planning a CYOD policy from start to finish.