Earlier this week Citrix hosted an educational webinar titled “A Look at Bring Your Own Devices in the Enterprise” featuring Forrester Research. Benjamin Gray, Senior Analyst from Forrester and Paul Martine, CIO of Citrix joined us to talk about the driving influences, trends and considerations for BYO. Paul went on to talk about Citrix’s own BYO program, which we offer our employees. Over 200 people, many in executive level roles, attended the webinar, which speaks to the volume of interest in BYO.
For those of you are new to the concept, Bring Your Own (BYO) is the new business model that empowers employees to bring the device that best suits their virtual workstyle into the workplace. BYO works for all types of devices—laptops, smartphones or tablets—and it can be offered as a company sponsored stipend program—Bring Your Own Computer (BYOC)—or simply a bring your existing device program—Bring Your Own Device (BYOD). Either way, BYO brings value to employees, IT and the organization.
During the Q&A at the end, we were flooded with questions. So many that we only could get through a small percentage of them. In the end, the questions boiled down to questions about the program implementation, support and security considerations. Rather than answer each question individually, I’ve summarize what was being asked in the next few paragraphs.
How the Citrix BYOC program works?
Citrix employees can voluntarily join the program after receiving manager approval. Once approved, employees receive a $2,100 (or equivalent local currency) stipend to purchase a laptop of their choice (Windows or Mac) and a 3-year maintenance program. Employees then turn their existing laptop back into Citrix, which IT uses for loaners as needed. If you leave the company before the 3 years is up, you are responsible for re-paying the pro-rated percentage of the cost. The program supports Windows 7, Windows Vista, Windows XP and Mac OSX.
Once you have your laptop, users connect to a BYO website where they download the required anti-virus and Citrix Receiver software. Citrix Receiver includes a number of plug-ins which are used for VPN access, creating an encrypted partition for company data, and application and desktop access. They use Receiver to access their on-demand applications and/or virtual desktops through our XenApp and XenDesktop environment. If someone wants to run a local app for personal use, say Office, they can take advantage of the Microsoft employee discount program.
How does support work?
As part of this program, employees are responsible for purchasing a 3-year support agreement from the laptop vendor. Any hardware or base OS issues are handled by the respective vendors support team. If someone’s laptop is out of commission, Citrix IT providers a loaner laptop while theirs is being repaired. Employees still use our internal tech support to handle normal support issues related to our apps and services provided by IT. Citrix has found that because the employees own the laptop, they are empowered to take care of it and do a lot of self-support.
What about security?
By far, the biggest amounts of questions were about security. How do you keep company data safe? How do users access the network? The answer to all of this is really quite simple once when you consider the bigger Citrix story. Let’s start at the beginning of a typical BYO day.
Even though BYO devices are not domain members, users authenticate to Active Directory just like managed devices. Once connected, Receiver lets you access the full catalogue of apps, desktops and IT services. It’s the same set of apps that non-BYO users have access to, so everybody has the same experience and there isn’t a learning curve.
When you run an on-demand apps (powered by XenApp) or a virtual desktop (powered by XenDesktop), everything in the session stays secure in the data center. This means that the BYO user is only sending keystrokes and screen updates over the network, not company data. Their apps and desktops automatically get mapped to the corporate file shares, where data is saved. If the laptop were lost or infected, you’d be okay because the data is safe back in the data center.
But what about local storage, like when I need to work offline? Earlier I mentioned that Receiver sets up an encrypted drive space. That’s where Citrix XenVault comes into play. XenVault extends the built-in security protection provided with delivering applications in a hosted virtual environment to include XenApp data encryption on the local device. Here’s how it works. When someone tries to save to their local device while using an on-demand app, XenVault directs the user to save it to their encrypted drive. Now IT can centrally manage the encrypted drives and can easily lock and delete data in the event of loss, theft or termination.
If you still have questions about BYO, leave a comment on the blog. Learn more about BYO at http://www.citrix.com/BYO