What is Bring Your Own Device (BYOD)?
BYOD is the ability for employees to use their personal devices for work purposes.
Without any visibility or control of the endpoints, effective IT security is an impossible task. This need for security is what pushes organizations to use a mobile device management (MDM) solution for their BYOD program, and therefore require employees to enroll their personal device to gain access to the internal network, mail, calendars, VPN and more.
Critical security and essential privacy protections
Why use BYOD?
Employees who choose to work on their own devices prefer the convenience of using one phone for both their private and work use, and they want to use tech they are already comfortable with.
Organizations need to protect all device endpoints and secure company apps and data, especially considering the increased frequency of malware and phishing attacks.
Is BYOD a good idea?
BYOD programs merely formalize and manage what many employees are already doing: using their personal devices for work. With a process for enrolling and protecting devices in place, organizations protect their data and network security when accessed through personal mobile devices. A well-conceived BYOD program that can protect corporations and individuals alike is a very good idea.
Jamf BYOD vs. MAM
Some organizations choose to use Mobile Applications Management (MAM) for implementing BYOD programs.
What’s wrong with MAM?
While MAM has historically been just fine at managing work-related apps and separating devices into two partitions that don’t intersect, MAM can’t allow admins to properly configure Wi-Fi and email or automatically install apps. The apps that MAM programs offer can sometimes be limited, and OS updates can break MAM apps designed specifically for one platform. And users can get frustrated when accessing an app through a forced VPN and seeing different interfaces for work and personal use.
With Jamf BYOD, Jamf admins can:
- Apply corporate configurations like Wi-Fi, VPN, mail and passcode requirements
- Install and remove corporate apps and books with the associated data
- Collect security info from a personal mobile device
- Add/remove restrictions that protect corporate data
To explore more, please read our blog post on this very question: “What is Mobile Application Management (MAM)?”
What are the impacts of BYOD?
A strong BYOD program can help attract and retain employees who want a seamless work and personal-use experience on their iPhones. Employees who experience safety protocols that don’t slow them down, rock-solid privacy protections and apps and connections that just work are happy employees.
Benefits of BYOD
- Formalization and management of what many employees are already doing: using their personal devices for work
- Data and network security protections for your organization even when employees access the network from their personal devices
- Iron-clad personal privacy protections for employees using Jamf BYOD on Apple products
Potential risks of BYOD
- Using the wrong tech can leave organizations open to outside attack
- Organizational leaders may have negative preconceptions about organizational security and control with BYOD programs
- Without a thorough staff education on privacy protections, some may be distrustful and unwilling to enroll
BYOD policy best practices
Keep two factors in mind at all times: organizational security and employee privacy. Everything in your BYOD policy should serve these two goals.
Organizational data, access and apps must be completely secure.
Only an MDM combined with encrypted connections such as those provided by Jamf Connect and a powerful endpoint protection program like Jamf Protect can ensure that the corporate side of personally-owned devices is well-managed and secure.
Personal privacy is paramount.
Employees' personal devices often contain the most private kinds of information: photos, contacts and documents. Even the choice of apps installed on the device can reveal very private information about hobbies, habits and lifestyle.
Make it your practice to reassure employees that their privacy is respected.
With private mobile devices divided into separate volumes for work and for private lives, IT admins cannot:
- View or erase private data like photos, personal mail or contacts
- See or remove any personal apps
- Track a device’s location
Implementing BYOD policy
Striking the right balance between privacy and security has been historically difficult, resulting in BYOD programs not being implemented successfully.
To ensure success, rethink the role of MDM as it applies to BYOD. With a Jamf MDM, organizations get a purpose-built solution with privacy protections to satisfy employees and strong security controls that meet the needs of IT.
To this end, Apple recently introduced two features in iOS and iPadOS 15 that allow for even better BYOD programs: Service Discovery and Account-driven User Enrollment.
- Service Discovery allows configurations that only allow management of the parts of the mobile device used for work, leaving the rest of the phone entirely private.
- Account-driven User Enrollment keeps personal and corporate data separate by associating personal data with a personal Apple ID and corporate data with a Managed Apple ID. Jamf BYOD – powered by Jamf Pro – uses these Apple features to create a program that benefits everyone in the organization.
Increase BYOD program enrollment with Jamf Pro and Apple.
With Apple and Jamf, IT reduces device costs and simplifies device enrollment. With the power of Jamf and Apple, both users and IT departments benefit.
Learn more about how Jamf and Apple can increase the adoption of your BYOD program.
Secure. Private. Discover Jamf BYOD.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.