BYOD deployment in the public sector: Solihull Council
Steve Halliday, CIO at Solihull Metropolitan Borough Council, continues our chapter on ‘Managing and securing mobile devices‘ with a discussion on the BYOD technologies he’s implemented to ensure that employees have more choice in the devices they use to get work done.
When Steve Halliday joined Solihull Metropolitan Borough Council as CIO, back in 2006, certain council employees were already clamouring for permission to bring their personally owned mobile devices into work. “The trend of consumerisation was already making itself felt,” says Halliday, “but it was clear from the start that this would be a tricky challenge to address.”
In particular, he says, the local authority needed to find a way to meet employees’ demands, but at the same time satisfy the strict security requirements set by the UK Government’s information assurance advisor, CESG.
Finding a way forward took a great deal of negotiation, he recalls: “I needed to pitch a story that went way beyond allowing a few key stakeholders to access their council email on the move. It needed to be a vision of how we could introduce fundamental changes in the way we provide IT to employees. But I needed to build a good relationship with those key stakeholders first, in order that I could talk to them about that wider picture. I knew we couldn’t continue delivering IT in the old way – especially if we were going to get the best from younger council employees.”
As the mobile device management (MDM) market matured, however, a number of options emerged that could help Halliday and his team deliver ‘bring your own device’ and remote working policies, “and we considered most of them,” he says. Good Technology’s MDM system, however, was the first he saw that satisfied the CESG requirements: “That was a critical thing for me.”
Halliday started with an early 2012 pilot project of the Good for Enterprise product, across group of around 50 elected members, senior directors and some general council officers. “We worked with volunteers who had campaigned for this provision for some time, on the basis that one volunteer is better than ten pressed people,” he says. “We concluded that pilot project with the volunteers all telling me that there was no way I could take that provision away from them, now that they’d tried it. The experience, for them, was transformative.”
The council has been rolling out BYOD ever since. It’s not a mandatory requirement, but is provided to staff on request, as long as they have an identified business need for BYOD. These requests are currently approved by the human resources department, but will soon be rolled out to line managers instead. The ‘containerisation’ capabilities of Good for Enterprise, meanwhile, means that Halliday and his team can be confident that all council information is kept in a secure, encrypted location on employees’ mobile devices – and wiped centrally by them, if necessary.
Today, at Solihull Council, Good for Enterprise supports standard BYOD across smartphones and tablets, giving employees access to their personal information – their email, their calendar their to-do list and access to the intranet – on personally owned devices.
For those employees who require a full desktop experience – they may work from home two days per week, for example – a combination of a VPN [virtual private network] link from Juniper Networks and a VDI [virtual desktop infrastructure] from Citrix is used to deliver the applications and other information they require to home PCs or laptops. This second initiative is known at the council as ‘Yodah’, which stands for ‘your own device at home’.
Around 3,000 members of council staff now have access to BYOD, Yodah or a combination of the two, says Halliday. And, for some staff, the council is starting to offer a COPE policy, which stands for ‘corporately owned, personally enabled’. This allows certain employees, with the approval of their managers, to be issued with a council-owned tablet, for example, in order to perform certain work tasks.
The main challenge now, says Halliday, is keeping a firm eye on costs while still allowing employees plenty of choice. With that in mind, the council is putting in place a points-based device allocation policy, which enables employees to have, for example, a council-owned laptop and a personally owned smartphone – but stops them from expecting the IT department to provide or support an unreasonably large collection of laptops, tablets, smartphones on their behalf.
“The way we provide IT has fundamentally changed – but there still has to be limits,” says Halliday. “On the whole, I’m very satisfied that we’ve got the balance right. We’re not imposing council-owned equipment on employees who prefer their brand-new iPhone, for example, but everyone still gets the equipment they need to do their jobs effectively – and at a lower overall cost.”