BYOD and CYOD Policies Thrive on Application-Level Management
In the modern business world, a lot of time and resources goes into trying to figure out the conundrum that is employee’s mobile devices. Issuing corporate-owned devices is expensive, especially when those devices get lost, stolen, damaged, or are in need of replacement. But taking a hands-off approach and letting employees handle corporate data and work matters on their own devices creates a massive security risk. The trick has been finding the perfect middle ground between these two approaches—and mobile application management may be exactly the way.
In the early days of BYOD (Bring Your Own Device) policies, mobile device management was all the rage. This meant that employees could use their own device, but they would have to hand it over to IT to install device-level safeguards. This became an issue for obvious reasons: if a device were lost or stolen, IT would go ahead and perform a remote wipe. There goes anything that could potentially be leaked or stolen—along with an employee’s contacts, texts, calendar, grocery list, family photos, and anything else that wasn’t specifically backed up on the cloud.
Today, the key to successful BYOD and CYOD (Choose Your Own Device, which has many benefits of its own) policies is employing application-level management. Mobile application management solutions eschew controlling the entire device in favour of simply controlling which applications have access to corporate information. Of course, this also means driving home the point that work-related communications must only be sent through the approved applications.
By creating an ecosystem of secure custom applications and trusted third-party applications that can be controlled by your CIO or CISO mitigates the flaws of previous strategies. For example, you can simply revoke a device’s access to specified apps in the event that it becomes lost. Now, if the device is found or otherwise returned to its owner, they will have lost nothing, but nothing sensitive could have been accessed.
It also means allowing tiered access to applications and information—i.e. it would be incredibly easy and straightforward to restrict employees from any data that they don’t have specific authorization to. In larger companies that compartmentalize information to mitigate leaks, or in government or military offices, this kind of tiered access is a must, and it becomes simple when you have control over which users can use which apps in which ways.
By implementing a mobile application management strategy in tandem with a CYOD policy, you can also ensure a basic level of compatibility. For instance, you can limit the OS choices from four to just the major two, Android and iOS. You’ll also maintain a level of employee satisfaction by presenting them a choice of device, but have the opportunity to make sure your MAM system is set up on the device before they ever turn it on.