Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Business & Enterprise Computing

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old 7th February 2017, 9:46 AM   #1
bcann Thread Starter
Member
 
Join Date: Feb 2006
Location: NSW
Posts: 4,134
Default BYOD observations

Gday All,

Were looking at implementing a BYOD mobile phone type policy @ work for calls and using our medical app that staff take to a customer to record their observations.

I'm interested in any observations you guys have had in regards to BYOD for mobile apps. We would obviously use an MDM to deploy the apps and manage the device, but i'm more interested in what you guys on the front line saw when deploying the BYOD policy, and any successes and failures and gotcha moments.

Personally for me i would like to deploy a company owned phone type plan, where we just get a bunch of phones all the same make and model and still use an mdm as that would be easier, but i may get overridden on that.

Thanks
__________________
Quote:
Originally Posted by elvis View Post
All I do is hand folks the working gun. Up to them as to whether or not they go hunting to bring home the bacon, or shoot themselves in the foot. I am merely the lowly gunsmith, and nothing more.
bcann is offline   Reply With Quote

Join OCAU to remove this ad!
Old 7th February 2017, 10:29 AM   #2
tree86ers
Member
 
tree86ers's Avatar
 
Join Date: Oct 2004
Location: Brisbane
Posts: 290
Default

having a std model of phone helps out heaps, at least you know what issues you have with that device and hope that there are work arounds etc.

The biggest problem we have right now at my work is switching from one mdm system to another. the users are loosing contacts from there phone (since it was defaulted to the corporate contacts). it is an easy fix since they just export the contacts from outlook to what they use but it is becoming a pain once you have had about 50+ people ask about it.

iOS is generally all the same. Android is where you have to be careful since they nearly all have there own spin. this is where you would find most of the work with apps get done for compatibility.
__________________
Main PC "Tensa Zangetsu" - MB "eVGA X99 Classified" - CPU "i7 6800k" - RAM "corsair dominator platinum 32gb" - GPU "evga GTX 1080 FTW x 2" Trans-code PC "Hyōrinmaru" - MB "ASUS P9X79" - CPU "Xeon E5 2670" - RAM "corsair LP 32gb" - GPU "eVGA GTX 960 2GB" LAN PC "Zangetsu" - MB "EVGA Z77 Stinger" - CPU "i7 3770k" - RAM "corsair LP 16gb" - GPU "eVGA GTX 980 4GB"
tree86ers is offline   Reply With Quote
Old 7th February 2017, 10:34 AM   #3
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 49,791
Default

BYOD devices for what you are referring to sound like a minefield - how do you secure the patient data?

Are you calling patients customers? I'm confused.

Corporate devices are a much better idea overall and imo at least will end up costing the company less.

You can get great corporate packages that make all calls in the org "free" and large data pools now. Not only that but your tech fund pays for all the handsets (Telstra).
Also when staff leave the number doesn't leave with them so outsiders are never having to update contacts as the number remains the same. You can centrally control the fleet too in every respect, it just makes more sense. BYOD is a pita.

Admittedly Android at Work is looking like a solution to this - but you won't be able to guarantee the minimum handset spec and there will be iOS users out there too.
__________________
this is who we are.

Last edited by power; 7th February 2017 at 10:44 AM.
power is offline   Reply With Quote
Old 7th February 2017, 10:42 AM   #4
^catalyst
Member
 
^catalyst's Avatar
 
Join Date: Jun 2001
Location: melbourne
Posts: 11,509
Default

Medical data + BYOD = front page of newspaper within next 3 years.
^catalyst is online now   Reply With Quote
Old 7th February 2017, 10:43 AM   #5
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 15,915
Default

imo the premise behind BYOD is a bit sucks.

From the User perspective - Effectively you're letting a company control part of your asset for $0 (or fuck all).

From the Company perspective - you've just opened up your support arrangements to * vendors/devices.

If you haven't opened up your support to * vendors/devices, you've just decreased the amount of users who you can rely on to have connectivity to the service/resources BYOD is supposed to facilitate.

Most BYOD stuff has a pretty line under support either saying "best effort" or "select devices" - Bean Counters who see it as, TADA WE DIDN'T BUY ASSETS, SEE MOST MONEY SAVED!!!! - should just bugger off about this.

If you want me as an employee to have access to resource, you need to provide a *reliable* device and device configuration to provide access to that resource - otherwise you simply cannot rely on the assumption that i have access to that resource.

And if you have a not insignificant portion of your user base unable to reliably access that resource - why the hell do you have it?

Now if you *have* opened support up to * Vendors/Devices - have you actually weighed up the cost of supporting "random bullshit that Apple/Google/Samsung/Nokia/LG/Huawei/Sony/etc did with update X"? What about mixing in the fact that carriers also fuck around with it - so users on Phone X, but Carrier Y are broken, but Phone X w/ Carrier Z are ok? (and this is all before you get to the concept of jailbreaking, rooting, unlocking,custom firmwares, etc).

So much shit is Wild West in the Phone space - Activesync is one thing... but throwing on MDM on random handsets is just a straight up recipe for disaster.

Last edited by NSanity; 7th February 2017 at 10:45 AM.
NSanity is offline   Reply With Quote
Old 7th February 2017, 10:52 AM   #6
PsychoSmiley
Member
 
PsychoSmiley's Avatar
 
Join Date: Dec 2001
Location: Taranaki, New Zealand
Posts: 6,300
Default

Quote:
Originally Posted by ^catalyst View Post
Medical data + BYOD = front page of newspaper within next 3 years.
Agreed.

Medical data needs to be kept a tight leash access wise. Not worth the risk exposing it to a BYOD environment in the slightest.
__________________
Steam Profile | Currently Playing: Heroes of the Storm (PC) | Rimworld (PC)
PsychoSmiley is offline   Reply With Quote
Old 7th February 2017, 10:58 AM   #7
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 15,915
Default

Quote:
Originally Posted by PsychoSmiley View Post
Agreed.

Medical data needs to be kept a tight leash access wise. Not worth the risk exposing it to a BYOD environment in the slightest.
Pretttty confident that RACGP guidelines are pretty anti sending medical data anywhere - and even with the auditing and configuration review requirements - i wouldn't be doing it.
NSanity is offline   Reply With Quote
Old 7th February 2017, 11:00 AM   #8
bcann Thread Starter
Member
 
Join Date: Feb 2006
Location: NSW
Posts: 4,134
Default

Quote:
Originally Posted by ^catalyst View Post
Medical data + BYOD = front page of newspaper within next 3 years.
The data is never stored on the device, just a glorified web interface with encryption. Having said that i am uncomfortable having to support every tom dick and harries devices, i'd rather just have it a company device with restrictions that is the same across the board. it makes my life way easier.

Quote:
Originally Posted by NSanity View Post
Pretttty confident that RACGP guidelines are pretty anti sending medical data anywhere - and even with the auditing and configuration review requirements - i wouldn't be doing it.
And by medical, were not talking hospital data, more inhouse patient notes for the nursing staff, along with care requirements. yes i know not exactly not confidential stuff, but its more care plan type stuff. GIven the platform is one of the more widely used ones in the states and canada and is gaining a foothold here in australia, it does comply with relevant laws.
__________________
Quote:
Originally Posted by elvis View Post
All I do is hand folks the working gun. Up to them as to whether or not they go hunting to bring home the bacon, or shoot themselves in the foot. I am merely the lowly gunsmith, and nothing more.

Last edited by bcann; 7th February 2017 at 11:03 AM.
bcann is offline   Reply With Quote
Old 7th February 2017, 11:03 AM   #9
timsarg
Member
 
Join Date: Apr 2006
Posts: 3,580
Default

byod does not work fullstop . I've seen it implemented in the WA education sector and it's a massive fail .


Whatever idiot thought up this idea needs to be shot
timsarg is offline   Reply With Quote
Old 7th February 2017, 11:06 AM   #10
Skramit
Member
 
Skramit's Avatar
 
Join Date: Oct 2004
Location: Melbourne
Posts: 2,876
Default

We tried it (large multinational) and it was a disaster. Impossible to support when things went wrong.

Have gone back to iPhones but we let them choose the size and colour which makes people think they have a choice still.
__________________
MAIN: Intel Core i7 2600K @ 4.4GHz | ASRock P67 Extreme6 B3 | Fractal Design R3 | Thermaltake 750w | Prolimatech Megahalems | 8GB DDR3 1600 | EVGA GTX1070 SC | Crucial MX300 750Gb | Sandisk Ultra II 480GB | Crucial M4 256GB | 3 HDD (5TB) | Win 10 Pro
Skramit is offline   Reply With Quote
Old 7th February 2017, 11:09 AM   #11
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 15,915
Default

Quote:
Originally Posted by bcann View Post
And by medical, were not talking hospital data, more inhouse patient notes for the nursing staff, along with care requirements.
This all falls under similar guidelines. Its somewhat unregulated right now, but audits are using similar language to RACGP, which is using similar language to HIPAA.

My general advice here is, treat it the same as HIPAA till $ becomes an issue - then get as close as you can.

Quote:
Originally Posted by bcann View Post
GIven the platform is one of the more widely used ones in the states and canada and is gaining a foothold here in australia, it does comply with relevant laws.
The platform means fuck all honestly. A platform really just needs user/group policy and security - along with auditing.

External access is out of scope.
NSanity is offline   Reply With Quote
Old 7th February 2017, 11:10 AM   #12
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 49,791
Default

Quote:
Originally Posted by bcann View Post
it does comply with relevant laws.
and you're out.
__________________
this is who we are.
power is offline   Reply With Quote
Old 7th February 2017, 11:13 AM   #13
bcann Thread Starter
Member
 
Join Date: Feb 2006
Location: NSW
Posts: 4,134
Default

Quote:
Originally Posted by power View Post
and you're out.
Given far larger Corporate groups then us (With revenue in the hundreds of millions) use this software as a way to give their nurses/care givers external access to this same data/program suite, care to elobarate, or do you just want to throw out wild assertions there with no basis?
__________________
Quote:
Originally Posted by elvis View Post
All I do is hand folks the working gun. Up to them as to whether or not they go hunting to bring home the bacon, or shoot themselves in the foot. I am merely the lowly gunsmith, and nothing more.
bcann is offline   Reply With Quote
Old 7th February 2017, 11:16 AM   #14
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 49,791
Default

Quote:
Originally Posted by bcann View Post
Given far larger Corporate groups then us (With revenue in the hundreds of millions) use this software as a way to give their nurses/care givers external access to this same data/program suite, care to elobarate, or do you just want to throw out wild assertions there with no basis?
sorry read does as doesn't.
__________________
this is who we are.
power is offline   Reply With Quote
Old 7th February 2017, 11:18 AM   #15
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 15,915
Default

Quote:
Originally Posted by bcann View Post
Given far larger Corporate groups then us (With revenue in the hundreds of millions) use this software as a way to give their nurses/care givers external access to this same data, care to elobarate, or do you just want to throw out wild assertions there with no basis?
Just because you can, doesn't mean you should.

Having sat through and assisted compliance audits for NDIS and Medicare local - And knowing things like NSW FACS hadn't passed an audit in *years* and was about to be de-certified (causing a *massive* issue - given they are in the process of privatising a *ton* of services, it was somewhat embarassing they are forcing regulation on entities when they didn't meet the standard themselves) - just because bigger orgs use and get away with it, doesn't mean its right, or more importantly compliant.

Always ask yourself, what is the cost of non-compliance, and how will that affect the business. Structure your implementation around the cost of non-compliance giving you an idea on what you're going to spend on actually complying.

Last edited by NSanity; 7th February 2017 at 11:22 AM.
NSanity is offline   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 4:48 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!