BYOD: A Framework To Empower Clinical Work On Personal Devices

By Adam Mahmud, Senior Product Marketing Manager of Healthcare at Jamf

Bring your own device (BYOD) is a trend that has taken the enterprise by storm. Don’t think it’s happening in healthcare? Think again. 

According to a HIMSS Analytics Industry Benchmark Study commissioned by PatientSafe Solutions (now Vocera Edge) in 2018, various groups across the collaborative care teams at health institutions around the globe were surveyed on the state of communication modalities used throughout their day. In each survey group — Environmental Services, Case Managers, Transport, Therapists, Lab, Physicians, Nursing — there were sizable reports of unsecured text messaging being used. For Physicians, upwards of 20% of communication reported was in this category. This indicates that employees across healthcare opt for the faster, simpler form of communication when they need it: the device that’s in their pocket. As consumer-simple technology continues to evolve, the capabilities we have available on personally owned technology will only increase in scope, so this text messaging example is only a leading indicator of additional BYOD demands.

Some health systems have yet to formalize a BYOD strategy, leaving under-managed devices in the wild. Others have used mobile device management (MDM) solutions for years; however, this has typically come with a catch: Employee-owned devices are over-managed by IT. Some organizations enroll employee devices into their company’s MDM tool as though they are a corporate-owned device. While this provides IT with the functions they need to push out apps and settings, it also exposes additional management actions which are not appropriate for a personally owned device. For example, IT would have the capabilities to see all applications installed on a device and even remotely lock or wipe it, which are certainly over-reaching in the context of employee-owned hardware. 

As BYOD programs were adopted and established, management concerns were real and valid. Is an organization able to access personal data and apps on managed devices? Is enough being done to secure network connections and corporate data on personal devices, while balancing the user needs? Providing a secure BYOD program and experience that neither over manages nor underserves the organization and its users is the holy grail. 

Many device manufacturers build management and security frameworks into their operating systems, and specifically offer settings for personally owned devices. This allows IT admins to remotely configure work experiences on devices they don’t own. For example, Apple’s Account-Driven User Enrollment is a BYOD method for iOS and iPadOS devices, and other device ecosystems have similar offerings.

These types of personal device management capabilities segregate personal and work accounts on a single device, keeping sensitive corporate data safe. Settings can be configured to even restrict which apps can access work data, and specific apps that a user can or cannot share data too. Depending on the platform, it can be incredibly simple for a user to enroll their device to get begin the process.

With a modern BYOD program, the user is empowered to set up their personal device for work purposes – without IT touch or an enrollment invite link. What can this look like for a user? Open the Settings app, log in to your work account, and that’s it! The device is configured with the corporate applications, settings, and resources to get productive right away.

A core focus for BYOD for personal devices is configuration and management. In other words, ensuring that key applications and settings are available or enabled for a specific use case. That said, endpoint and network security are key factors that all organizations should consider as part of their wider BYOD program. For example, how is network access to a corporate application secured once the app is installed on a personal device? And how complicated is it for users to enable those secure connections when they need them? While an MDM is fundamental to a solid BYOD strategy, network security solutions like Zero Trust Network Access (ZTNA) can also be configured for personally owned devices as a future beyond VPN. ZTNA creates a simple and protected environment for employees to access the apps and data they need, without any of the fuss of a finicky VPN connection that continues to drop.

While healthcare organizations see Apple devices dominate their BYOD landscape, not everyone uses iPhone or iPad as their personal device of choice. The good news here is that management endpoint security solutions exist in the market for devices that may be in use amongst your staff.

As healthcare continues to adopt technology strategies to meet new market needs, securing the BYOD devices in the wild is a key topic to consider. While corporate-owned technology will always be central to IT and informatics solutions, we can’t ignore the portable powerhouses that are in our people’s pockets; and the presence they play in personalized productivity. When done right, a BYOD program as part of your wider mobility strategy can help keep your organization – and your people – stay secure and protected.