Checking emails on the bus on the way to work? Why not! Quickly updating that file that popped into your mind before bed? Isn’t it always right before you go to sleep… Going over Monday’s presentation on the weekend? Perfect! This week we look at the security and risks between BYOD and company-supplied devices.
With work on the go becoming more and more easy and viable due to smartphone capabilities, it’s time to consider allowing employees to access company resources from their pocket. However, by allowing employees access to enterprise resources remotely via mobile device comes a question mark over security.
Surely company-provided mobile phones are more secure than employees’ own devices (BYOD)?
Today we check out whether this is actually the case.
Exploring device management solutions in the workplace, you’ll come across three distinct flavours:
- A bring your own device (BYOD) policy, where employees use their own phones to access enterprise resources
- A company-provided policy, where devices are given to employees by the company for work use
- A hybrid policy, where employees can choose to use their own device or a company-provided device
Some terms you’ll often hear in the space include:
Mobile Device Management (MDM); the practice of remote device management, such as system updates, device, app, and network configuration, locking and system wipes.
Mobile Application Management (MAM); the practice of remote app management, such as app updates, configurations, encryption, etc.
Enterprise Mobility Management (EMM); the practice of managing employees’ mobile devices and apps (MDM + MAM), both owned by employees as well as company provided.
Unified Endpoint Management (UEM); goes one step further than EMM to incorporate desktop and laptop clients, as well as IoT devices.
To have a successful and secure mobile management policy, you’ll need to employ a Mobile Application Management system at the bare minimum, but potentially Enterprise Mobility Management or Unified Endpoint Management as well.
Why Mobile Application Management is the bare minimum
By separating control of apps and their data from the mobile user (employee), this means that compromising your systems and data is far more difficult. If an app is installed natively on an employee’s phone, you don’t have control, and they may be able to save the data, accidentally leak it, etc., etc.
While someone could still take a picture of the phone’s screen to grab that data, it’s fairly secure – if you set up your management systems correctly.
Security Concerns for BYOD Without MDM
While with company-provided mobile devices, it’s widely accepted that the devices will have MDM by default, this might not be something your employees want to enrol in with their own devices. Remote wipe my phone or update systems? No thanks, that’s my choice.
The problem with having an application-level management system in place only (MAM) is that system device updates often patch security flaws in an operating system. If your software solution of choice relies on said update to ensure ongoing security and your employee doesn’t update – then the only choice is to delete the app and its data and try and convince them to update their system.
Security + Choice of Device (Hardware Concerns)
Place choice of device in the hands of your employees, or choose yourself? With BYOD you don’t have an option: you get a hodgepodge of whatever brands and models your employees have chosen. With company-provided devices, many companies choose to supply the same make/model across the board, whereas others offer a choice of devices to appease employees who may not enjoy a solitary mandated device.
By offering your own vetted device choices, you can evaluate hardware security and trust in each device before allowed them access to your systems. For instance, if you have security concerns about a particular brand of device, like Australia’s wariness of Chinese mobile technology giant Huawei, you can avoid them.
Need Help With Your Workforce Mobile Management?
There are various solutions that allow you to build a secure, managed remote mobile environment for your workforce, such as Microsoft’s Enterprise Mobility + Security, or AirWatch Workspace One. If you are interested in how these solutions could work for your business, then have a browse and get in contact with us at A1 Technologies.
We help businesses set up new device management solutions in a secure, structured, and accessible manner, using trusted workplace tools.
Get set to allow your employees a more flexible working environment and head towards productivity gains by letting them go mobile…
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- Azure Virtual Desktop is a relatively new service provided by Microsoft to help streamline the virtualization of desktops and applications, providing users with...
- If your organisation uses the Microsoft 365 suite of collaboration and communication tools, and you’re an administrator of this organisation – also referred...
- Do you have an advanced threat protection system to protect your confidential information? Learn about Microsoft 365 Windows Defender and its features of...