Many enterprises are implementing Mobile Device Management (MDM) and encouraging Bring your own device (BYOD) amongst its employees. The reasons are many factors – employee satisfaction, better employee productivity and cost savings in terms of investment for the devices. Many enterprises have accepted that BYOD is a reality that has to be reckoned with. Some enterprises have framed policies that allow BYOD only to a specific group of employees. Generally, enterprises are in various levels of MDM and BYOD adoption and it would benefit knowing where an enterprise stands.
BYOD is an Information Technology policy defined by an enterprise that allows employees to use their personal mobile devices for accessing the enterprise data and systems (enterprise IT network). MDM is a software system that is used for managing mobile devices. Most enterprises were/are reluctant to allow BYOD, citing security as an issue. As employees use the devices for their personal work too, they may download risky apps, or may not have antivirus protection, or may not have updated virus definitions regularly.
Initial Phase: The Enterprise may not have defined a formal BYOD policy in the initial phases as it may have not deemed it necessary. This may be because BYOD was not being used by many employees or the enterprise had not given much importance to BYOD. Employees may be using BYOD for doing official work. However, enterprises must understand that BYOD is there to stay due to the considerable advantages that it offers. New employees may be reluctant to join if BYOD was not allowed. Enterprises must initiate the steps to define BYOD policies
Interim Phase: The Enterprise may define “as and when required” BYOD policy, which would do good only for the short term but not for the long term. The IT department may provide managed mobile devices to employees that contain only vetted safe apps. However, this may not bode well with employees, as they may desire third-party applications. Hence, employees would end up using multiple devices which could affect productivity.
Implemented Phase: The Enterprise understands the importance of MDM and BYOD and frames robust BYOD policies. Instead of developing MDM systems on its own it can get third-party MDM solutions for better management of enterprise-supplied devices as well as personal devices brought by employees. This makes employees happier and enables better productivity.
Enterprises must advance to the Implemented Phase (as soon as possible) from the other two phases.
Based on its security requirements, when defining BYOD policies, the enterprise could consider evaluating and defining allowed devices. Encryption facility, and MDM compatibility could be considered before implementing the policies. Further, the enterprise network could be segregated into internal and public networks. This would allow better accessibility control and ensure enterprise IT network security.