dialog background

BYOD: The fine line between user freedom and control

Posted October 09, 2018
Quote

Having BYOD available makes employees less bound by the technology barriers that were once in place. But it’s not all roses. With access to company data comes an extra overhead with security & control

By Chad Gowrea, Director - Solutions and Strategy

BYOD is not going away. Bring Your Own Device is a concept whereby employees are able to bring their mobile device or laptop to work (or on the go) and access digital company resources. A 2016 survey by Crowd Research Partners found that 81% of companies had BYOD available to at least some or all employees, or planned to within the next 12 months. However, this can pose safety and control concerns.

What’s your business’s position on BYOD?

There’s a fine line for businesses between user freedom and control. How can you allow your employees access to sensitive company data without worrying about the security implications of storing it on their own device?

The case for BYOD is strong

There are plenty of benefits to having a BYOD workplace. Not only do your employees have the freedom to use what they’re familiar with (and like), but you get to save on hardware costs if you don’t plan on buying their preferred device – it’s already owned by your employee.

Being able to access work emails from home, take their own laptop to an external meeting rather than hunt around for a spare one in the department, the ability to work on the weekend should they wish to… BYOD can increase productivity on the go. While you can still furnish company desks with a desktop machine, everything else can be your employees’ own. They certainly don’t want the hassle of carrying around a company phone as well as their own mobile.

Having BYOD available makes employees more mobile, less bound by technology barriers that were once in place. No longer would someone curse themselves out, forgetting to bring a USB stick home, planning to work over the weekend knowing the office is now locked up until 7am on Monday. An unexpected contact made while out and about can be added directly to a company database, or a business email quickly drafted and sent across.

But it’s not all roses for BYOD. With access to company data and services comes an extra overhead with security and control.

BYOD and security and control

How well do your employees manage their own device security? Some may not have a password on their tablet, a laptop riddled with malware, or they’re just prone to losing their phone. Others may have complex passwords, complete virus, and malware protection, or run dual-boot on their laptop with Linux as their main operating system.

You cannot expect your employees to install all the control systems that you have in place in your office on their own devices, and follow practices that you outline. It’s not reasonable to expect that they are going to be able to protect themselves to the same degree as your business can.

So, how can you implement BYOD without worrying about outside threats that may enter through employee ignorance, accident, or maliciousness?

How to toe the line

Your real question needs to be what do employees both want and need on their devices from your work resources? For many people, they only want their work email. For others, it’s documents and presentations. For developers, it might be trickier, they might want to access company applications and runtimes.

The answer to BYOD is called Enterprise Mobility Management, or EMM. EMM includes areas like device configuration, app delivery and management, and cloud content synchronization and management. EMM is designed with security as an intrinsic factor, which may include provisions such as remote wiping, or strict passwording on apps.

Traditionally, it would be up to systems administrators to develop and implement these types of solutions in-house. However, these services are now offered in package form by reputable providers, such as Microsoft Intune, or AirWatch.

With these services, it makes management of BYOD simple and secure, if configured correctly.

Our own experience

As a Managed Services Provider, before offering solutions to our clients we need to self-proof them. One particular EMM solution Bremmar is working with and trialing for secure BYOD environments is Microsoft Intune.

  • Over the years, Microsoft Intune has greatly evolved and has introduced features like
  • Enhanced support for all devices ( IOS, Android, Windows, and MacOS)
  • Protecting Data and Applications with or without device enrollment – allowing flexibility with device choice for users
  • Encryption of Data Storage for Managed Applications (Outlook, Word, etc.) across all platforms
  • Greatly Simplified Administration Center in Azure
  • Integration of Window Hello with Microsoft Intune to create secure logins

Here are a few use cases that Bremmar is trialing with clients for their client BYOD fleets:

  • Device policies that will only certain access to applications on unmanaged BYOD devices. For example, when using Android, it only allows users to connect to their mailbox if they are using the Microsoft Outlook for Android Application and ensures that the storage for this application is encrypted on the device.
  • Ensure the encryption of any corporate applications via Intune policy. So that if a device is lost, the data in the applications cannot be accessed through its stored application data and also have the ability to secure wipe in the event of stolen/lost devices. This includes Windows 10 devices as well as mobile IOS / Android-based tablets.
  • Allow for a full lockdown of mobile devices like tablets for front-line workers. For example, Care workers or manufacturing workers who may use a tablet device and will only need to use a single application for their day to day working and do not require access to anything else.
  • Control Access for different applications for Intune MDM Enrolled devices only. For example, only devices that are already enrolled to the organization’s Intune MDM agent – are allowed to use certain applications. In addition to this, it gives the ability that if a user’s device is not already enrolled and they try to access an application it will redirect them to enroll their device on the fly.

Is your business up to date with BYOD?

Does your business have a strong BYOD policy yet? Which technology solution (if any) are you using for device management across your workforce and is it the best one? Are your IT administrators tasked with too much already?

Bremmar specialises in helping businesses with their cloud and mixed IT infrastructure and management, including BYOD. We help ease the burden of new IT roll-out, remove complexity in implementation and management, and educate administrators on how to utilize dashboards to get your employees’ devices onboard quickly, safely, and securely, to work without friction while mobile. Ask us how we can help your business with BYOD.

New call-to-action

Get an initial consultation with Bremmar!

We can help with software, technology implementation, strategy and staff training.

  • This field is for validation purposes and should be left unchanged.

By Chad Gowrea, Director - Solutions and Strategy

Back to articles

Previous Articles

The “Digital Mine” is here and is here to stay!

By Daniel Clark, Information Systems Manager: Construction & Manufacturing industries, December 05, 2018

The Mining industry in Australia, particularly in WA, has been early adopters of technology solutions that help businesses to become more efficient, effective, successful, and save on resources.

Continue Reading

Understanding the modern SharePoint experience

By Chad Gowrea, Director - Solutions and Strategy, October 24, 2018

Had gripes with the classic SharePoint experience? You’re not alone. Microsoft have completely overhauled SharePoint Online and it’s now a user-friendly design that ticks all the boxes. Check it out!

Continue Reading