More and more companies are allowing or encouraging employees to bring their own mobile devices (BYOD) to work. It's a trend that is expected to become more commonplace in the years ahead, bringing with it management challenges for organizations. This year, according to a report published by research and consulting firm Frost & Sullivan, some 70% of organizations in the US will tolerate or embrace BYOD activity. By 2018, that figure is expected to exceed 78%.

BYOD isn't just about allowing personal devices into corporate facilities; it also encompasses using individually owned mobile devices to access enterprise IT resources and data. For IT departments, that means supporting a mix of devices and platforms and managing the workspace -- not necessarily the whole device environment -- on those devices, within the parameters set by corporate policy and regulations.

The benefits of BYOD are clear: The practice promotes productivity and has the potential to save on hardware costs. But the options available to manage personal devices can be confusing. IT organizations must weigh software and hardware for mobile device management, device and identity partitioning, virtual machines, wireless access points, network access control, and custom mobile applications.

[Mobile threats are a big problem for business. See When BYOD Equals Bring Your Own Malware.]

"Organizations need to be totally clear on the end goal of their mobile business strategy; they need to clearly define the business objectives and impact of mobility before taking a closer look at specific BYOD management products," explains Vikrant Gandhi, mobile and wireless senior analyst at Frost & Sullivan, in a report titled "Bring Your Own Device (BYOD) -- Key Trends and Considerations."

Here are some of the things companies ought to weigh as they formulate a mobile strategy.

Run a BYOD pilot program
Mobility should be treated as an important strategic tool and a foundation for growth, not as a sideshow. Organizations should at the very minimum have a pilot program for evaluating BYOD.

Involve stakeholders
BYOD presents challenges that go beyond the technical. Organizations need to involve all relevant departments, which are likely to include finance, legal, human resources, and operations.

Training matters
BYOD isn't anything goes. Nor does it mean that IT's hands are tied in terms of the kinds of apps and devices that are allowed. Successful implementations will provide guidance to employees about what is and is not acceptable.

Take the long view
Mobile strategy should anticipate rapid changes in devices and platforms. IT groups should expect that authentication and identity management systems will evolve. Look for MDM vendors that can accommodate new platforms and directions in technology.

Look beyond device-level security
Organizations have to try to keep up with device threats, even though they're likely to miss some of them. So it's important to maintain a flexible policy-based control system on the network. One layer of defense is not enough.

Plan for increased support costs
BYOD also means bring your own problems. IT groups need to make sure their helpdesks can provide support for personal devices from both mobile and desktop endpoints.

There's no free lunch
Though organizations may have less mobile hardware to buy when employees bring their own devices, that doesn't mean BYOD comes at no cost. Beyond potential support costs, organizations should consider whether they need to invest in infrastructure technologies or additional enterprise software/service licensing to make BYOD work.

Tailor your BYOD strategy to fit vertical industry requirements
If your company is subject to the Health Insurance Portability and Accountability Act (HIPAA), for example, there are specific compliance requirements. This might mean BYOD devices must have the ability to delete data remotely if disconnected from the network.

Make sure access is easy for authorized users
A successful BYOD program makes access to corporate resources simple; if access is difficult, because of cumbersome authentication or inadequate network resources, the program has already failed.

These tips are just a start. Organizations should also consider the capabilities of MDM vendors, mobility platform architecture and its consequences, an enterprise app strategy, and an enterprise infrastructure strategy.

Click here to get the full report. For additional thought leadership reports, please visit Frost.com.

Engage with Oracle president Mark Hurd, NFL CIO Michelle McKenna-Doyle, General Motors CIO Randy Mott, Box founder Aaron Levie, UPMC CIO Dan Drawbaugh, GE Power CIO Jim Fowler, and other leaders of the Digital Business movement at the InformationWeek Conference and Elite 100 Awards Ceremony, to be held in conjunction with Interop in Las Vegas, March 31 to April 1, 2014. See the full agenda here.