When it comes to using mobile devices to access work resources, companies of every size must be able to take care of their data and people. A key issue to address: How to implement a Bring Your Own Device (BYOD) program that balances IT security with user privacy and experience.
In today’s business world, any device can be a work device. From iPhones used on the road to iPads carried on-site, mobile devices – and personal device ownership – are commonplace.
From a business standpoint, it’s crucial to recognize that mobile devices need just as much security as any other device that can access work resources, like a Mac.
Even though most employees bring their personal devices on the job, and 83% of US companies have a BYOD policy of some kind, there are challenges to implementing and managing a successful BYOD program.
While the idea of employees providing the hardware and organizations providing access may seem like a great concept, all too often it's flawed in practice.
To BYOD or not to BYOD: what's behind the question?
Historical roadblocks to successful BYOD programs include:
Mobile Device Management (MDM) over-reach: A full device management framework is too invasive. Employees do not want to give up entire control of their personal device or have their privacy compromised.
Mobile Application Management (MAM) limitations: Applying corporate policies to specific apps provisioned to the device secures applications, not the device. This requires more end-user interaction for corporate services such as configuring Wi-Fi, email and app installation and can leave employees feeling under-served, and IT feeling open to security vulnerabilities.
Dark BYOD: Employees may use personal devices for work with no management, security or awareness by IT or InfoSec. According to Zippia, over 17% of employees use their personal mobile devices for work without telling IT. Whether or not an organization has a BYOD policy, if employees use their mobile devices to access work resources without IT putting safeguards around those resources, it can cause security and access problems, negating the benefits of the policy.
The varied history of BYOD programs makes it important to have a strong strategy based on trust. Without that trust, it’s difficult to get employee buy-in for BYOD.
As Michael Covington, VP of Porfolio Strategy at Jamf said, "Many workers have gone through the process of enrolling a personal device to be fully managed by an MDM … or VPN software that usually brought with it a ton of stuff that users didn't know about. It's about establishing trust with a business and delivering the applications users need to get work done.”
How do organizations get there?
Establishing trust with transparency
To get your employees on board with your BYOD program, it’s important to let iPhones and iPads act like iPhones and iPads. What does this mean?
- Mobile devices accessing work resources need to be usable, secure and private.
- Work apps can 'just work'. Apps, data and resources benefit from Apple’s inherently good security measures with added protections. And most importantly: employees have the same privacy using an iPhone with Jamf solutions as they do without.
The key to making this possible: Apple User Enrollment.
User Enrollment is Apple’s native solution to support BYO deployments. It’s private by design because of the limitations Apple places on what organizations can and cannot do.
How does this work?
- Work apps, accounts and data are stored within a "managed" profile on the device, while personal apps and data are encrypted separately on the "personal" profile.
- This provides the most intuitive way for employees to enroll devices, and gives transparency to what organizations can and cannot do on those devices.
Covington also said, “They [the employees] just have to go through those familiar Apple settings and configure that relationship by walking through all those prompts… If I'm the user, I like seeing these prompts. I agree to things, and if I don't, I can stop at any time. The prompts are coming from Apple — not the company I work for and not the third party that my company has chosen to manage my device. Apple has a great history with its sandbox approach, so I feel good that they have created a clear separation between that work container and the personal side.”
Any organization can provide this private, secure and usable experience to their employees.
Jamf can help get you on your journey to implementing a BYOD program at your organization.
Jamf solutions can help with:
- Simplifying IT and InfoSec workflows
- Providing trust and better user experience to end users
No matter the size of your business – from SMB to the largest enterprises – it’s crucial to secure both devices and the data on those devices. When employees trust they can use their familiar device without feeling like IT involvement is intrusive, your BYOD program can thrive – and benefit both end users and the business alike.
Learn more about how Jamf can help your business succeed with a free trial of Jamf Pro today.
See how Jamf can help you succeed with BYOD.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.