Available now. High availability is another important consideration. Network access control will be on your critical path so it must be highly reliable and it must be available 24x7. If it's not then your IT department will have to be instead, since properly servicing remote offices and people working in different time zones requires this round-the-clock availability.
Get granular. Another point for consideration is granular policy. This aspect allows organisations to define the behaviour of access, making it possible to set what type of access users will be granted depending on what device they hold, who they are, from where they are accessing, time of day, their role in the organisation and any other known attribute about the user and the user device. For example, if a user is identified as an HR employee attempting to connect with a corporate managed device through a wired connection, you would want to allow full corporate access. However, if the same HR employee connects wirelessly using a personal iPad with the same corporate credentials, you would want to give them only limited corporate access.
Corporate directories. Integration with corporate directories is critical. The solution must be capable of handling lookups for users and their devices within multiple directories, from different vendors, and all at the same time, in order to adhere to the principles of simple end user access but with robust IT controls.
If your organisation uses private clouds to enable campus network users access to content and applications, you can integrate BYOD access for employees and guests. By essentially providing an end-to-end connection from the desktop all the way to the data centre and onto the device, the IT department can regain control of desktop applications, software licences etc.
There are also other, less technical questions to consider, including:
On whose time? Keeping up with all this BYOD related work can be time-consuming. IT departments have many challenges to face, but monitoring and provisioning guests doesn't have to be one of them. Some solutions offload the task of guest provisioning to non-technical staff, like receptionists and front desk security guards, who can enable guest access through a customisable Web-based interface.
User agreement. Of course everyone - even guests - needs to agree to some terms and conditions, but this part of BYOD shouldn't be the IT department's headache - leave it to the HR and legal teams.
Whatever network access solution you choose as part of your BYOD approach, considering the points above should provide flexible deployment options, detailed granular access and complete real-time visibility of all networked devices and what access they have. Implemented in this way, BYOD should enable you to offer corporate network access under your terms.
Paul Chen is director, unified communications sales & technical operations, Asia Pacific
Sign up for CIO Asia eNewsletters.