Bring your own computer to work or school (BYOC) is a growing trend. More and more folks are wanting to bring their own laptops, tablets or smartphones and use them for work or school. Often an employee, or student has a better device than what you are offering. They want to get on your wireless or plug into your network. The benefit to you is to potentially save money by providing the access to the user without having to purchase the equipment. The danger to you is that this equipment is not owned by you. You do not maintain it. You do not control it. You cannot guarantee whether the owner is doing the right thing with anti-virus and anti-malware protection. You have no idea what else the user might have installed which might interfere with your operations, or even be a security risk to your organization. Besides the security issues you are also faced with the challenge of how to provide a consistent, reliable user experiences that ensures the end-user is just as successful and productive as someone on a computer you actually own and maintain.
Unfortunately most users don't get your concerns about security and separation of their equipment from your equipment. You will be judged solely on whether they can do what they want and need to do on their equipment. If they have a poor end-user experience, you will get the blame.
On the surface this may seem to be an impossible task that cannot be done without compromising either your security standards or compromising the end user's computer access experience. However, that doesn't need to be the case.
CSI has year's of experience in solving this exact problem. We know how to provide seamless, positive end-user experiences while keeping these BYOC computers at arm's length. We employ various technologies which can isolate the BYOC computers in their own network which is isolated from your internal network. That way if something is horribly wrong with one of their computers (such as a virus or trojan), it can't infect your internal network.
We use various technologies to "webify" or allow computer applications that normally would be run directly from a workstation or laptop to be run on a web page - even across the internet - in the identical manner. Stoneware is one of those technologies.
We also utilize technologies which create "virtual desktops" such as VMware View that look and feel like normal desktop computers. However, they are accessible either internally or externally across the internet.
For both of these technologies the limit of your support involvement is to validate that the user can start a web browser and get to the internet. If they can, then they can use these technologies. If they can't, then the problem is with their computer. Once they access your environment you will support them like any other user you have. These technologies can create a complete wall of separation as the user actually is using the applications inside your network on your equipment at all times. Only the screens and keyboard travel from the remote computer to your computers. Therefore, there is no risk of viruses coming from the BYOC computer.
The other benefit of these BYOC technologies is that they can also provide "anytime, anyplace" access to your network from across the internet. In fact all the administrative staff at CSI use the VMware View desktop virtualization platform as their only desktop. They can work at their desks or work from home. It functionally makes no difference to them. The experience is the same. If we close due a blizzard, everyone is sitting at their desk doing their work just as if it as a normal work day.
While many of these technologies are designed for larger enterprises, CSI has strategies to implement versions of this technology that almost any small business can afford as well.
With proper planning and implementation we can provide you with a robust BYOC end-user experience that is easy to manage while not compromising your security standards.
We'd love to discuss your particular needs. Contact us for more information.
CIO magazine has an excellent article talking about this issue as well. You can read the entire article here: https://tiny.cc/tp3mu