Increasingly, employers are implementing “bring your own device” – or BYOD – policies which allow employees to bring their own tablets, smartphones or other devices into the workplace for work purposes. This has the advantage of cost savings for the employer, as they don’t have to pay for mobile devices from the company budget. For the employee, it means that they can seamlessly use their personal device for both work and leisure, and therefore use a device for work which they are comfortable with and know the ins and outs of. The downside for the employer is the risk of connecting an unsecured personal mobile device to a corporate network, with the associated exposure to malware, viruses and potential data breaches. Enter mobile device management.
Mobile device management tools provide the employer with a degree of control over the employee’s mobile device, typically to support corporate security policies. Such tools generally consist of a server component, which sends the management commands to the mobile devices, and a client component, which is installed on the mobile device and receives and implements the instructions from the server. Typical components of a mobile device management app include secure email, secure document management, and a secure web browser. These features ensure that emails, business documents, and web browsing activities comply with the business’s IT security policies.
Many mobile device management tools, however, go further than the baseline functions might suggest. For example, a secure app catalog may be used to either push or disable certain apps or delete them from the device. Other mobile device management clients have the capacity to remotely wipe corporate data, or even the entire device. It may also be possible to remotely lock the device or to trace the location and access location history.
It’s fair to say that some employees may find the more far-reaching capabilities of some mobile device management tools somewhat problematic, and this has become more of an issue in recent months due to high-profile news stories such as the data grab associated with Facebook and Cambridge Analytica. While tech-savvy employees, in particular, may understand the need for mobile device management, many may be leery at the concept of installing a client on their devices that can potentially access data such as private messages and emails, and location data.
So where does the balance lie? From the corporate perspective, the use of some form of mobile device management is pretty much an essential safety net for employers with a BYOD policy. That said, it’s important to be mindful of employees’ concerns over the degree of control that the mobile device management tool may potentially have over their personal device.
When shopping for a mobile device management tool, it makes sense to look for one which doesn’t overreach what you need it to do in accordance with your corporate security policies, or alternatively, to choose one which is highly customizable, and will allow you to sincerely assure your employees as to its limits in terms of accessing or manipulating their device, and the data it contains.