In fact, make it 10 things to teach the business world.
1. Be Prepared.
Colleges and universities gird themselves each fall for a raft of new devices, new users and new issues. Businesses won't have to deal with BYOD challenges all at once, but they do need to be prepared -- for anything. "Colleges and universities have dealt with personally owned devices far longer than the emergence of the BYOD acronym," said Paul Hill, consultant with SystemExperts. "Each fall, a freshman class arrives, typically with a variety of personally owned devices including laptops, desktops, smartphones, tablets, gaming consoles, network printers, IP TVs, standalone webcams, servers and even NAS devices. ... Many faculty and staff members also have some personally owned devices that are connected directly to the campus network or are used for remote access."
2. Develop Policy.
While the BYOD model by its nature removes a degree of control from the IT department, it shouldn't be a mobile free-for-all. Colleges and universities provide students and faculty with minimum requirements, guidelines and policy around mobile device and wireless use, and so, too, should businesses. "Business should develop mobility use cases and determine the best plan of action to handle access," said Pej Roshan, VP of product management at ShoreTel. "Set up specific policies that describe the access that's appropriate to the different user roles."
[ Higher ed is jumping into business' well-worn territory with private social networks. See Universities Create Their Own Social Networks For Students. ]
3. Minimize Diversity.
Higher-ed IT departments also look to apply an appropriate level of control by minimizing mobile device diversity to the degree possible. "Higher-ed IT staff are well aware of the increased cost of a diverse computing environment," said SystemExperts' Hill. "Although they usually embrace the idea of heterogeneity, the staff normally tries to minimize the diversity in order to control costs and have the resources to offer a reasonable level of support."
4. Separate Bad Apples (No Pun Intended).
BYOD doesn't stand for "bring your own (security) disaster." Higher-ed institutions have come up with ways to keep insecure systems from compromising the network and other devices on campus. "One strategy that many higher-ed sites have adopted is network segregation and quarantining devices that do not meet a minimum set of configuration requirements," said Hill. "Devices will typically be examined for operating system version, patch levels and antivirus controls before being admitted to the main network. Devices that don't conform are placed on a virtual network that only provides access to updates, antivirus installers and support to seek advice."
5. Use "Preventative Licensing" Strategies.
Universities and colleges have learned that it pays to spend money in key areas -- especially when the goal is mitigating the risk of a diverse mobile computing environment. "While not all higher-ed institutions can afford current operating system licenses to provide free upgrades for all personally owned devices, most institutions do bear the licensing costs to ensure that all personally owned devices can install and update the most recent virus-checking software for each supported platform," said Hill. "This cost of this preventative licensing is typically much less than the cost of tracking down and remediating compromised machines."