Do your employees use Office 365 apps on unmanaged personal devices?
The BYOD 365 services gives you the ability to secure company data without managing your employee’s personal devices.
We consult with the key stakeholders to develop a BYOD policy with appropriate security for each group of employees and we deliver a working configuration in your Microsoft 365 tenant.
Your employees don’t want their personal devices managed by your company. They perceive this as an invasion of their privacy.
But, they want to access their work email so they use the native email client, or they download Outlook from a public app store. And increasingly, employees download the Teams app as well.
Now your Office 365 data is on an unmanaged personal device and you don’t know if that device is secure or compromised….
Your company has no control over the employee’s device and no visibility of the Office 365. You can’t restrict actions such as copy/paste, save-as, open-in actions. This is a scary predicament.
BYOD 365 Balances Privacy and Security
Listen to Shane Sloan, Solutions Architect, explain how a balanced BYOD policy respects employees’ privacy while ensuring data security. Learn how our approach ensures adoption and give employees confidence that you are not interested in their personal apps and data.
BYOD 365 balances data security with personal privacy for employees
Your company data is secure in all your Office 365 apps, yet employee devices do not need to be managed by the company.
Our proven process involves three steps
-
BYOD Policy Workshop – We consult with you to develop a BYOD Policy that balances security and privacy
-
Tiered Trust Model – We build a Tiered Trust Model to define security and privacy requirements for your use-cases
-
Implement in Intune – Our engineers design and implement the appropriate settings and controls in your Microsoft environment
Relax. With BYOD 365, you can rest assured that your company data is secure even on unmanaged employee devices.
And your employees will feel empowered because their personal privacy has been respected and they can work on any device.
1
Step One
Balanced BYOD Policy Document
We consult with your IT, Security, HR, Finance and Managers to determine security and privacy requirements for your company. Then we develop a BYOD Policy document that balances security and privacy appropriately.
Finance
Cost management
Risk and liability
Personal vs. business
International roaming
Carrier contracts
HR
Eligibility criteria
Usage guidelines
Safe driving practices
User profiling
Device allocations
Employees
Privacy protection
Stipend model
Device management
Changing devices
Email & Office 365
IT
Office 365 data
Device security
Groups and profiles
Support workload
2
Step Two
Tiered Trust Model
Not everyone in your company will have the same needs & required controls when it comes to security and privacy. Our Tiered Trust Model will help you define security and privacy requirements for different personas / use-cases.
No Trust
Unmanaged BYO devices that access data which is public or considered low-risk
Low Trust
Unmanaged BYO devices that access Office 365 via OWA and Web applications
Medium Trust
Unmanaged BYO devices with managed Office 365 apps on the device
High Trust
Managed BYO devices with managed apps that access Office 365 and other apps
3
Step Three
Implement in Intune
Our engineers design and implement the appropriate settings and controls in your Microsoft environment for test and validation.
Intune App Protection Policies
Secure the data in Office 365 apps on unmanaged personal devices
Intune Device Management
Management of devices that need to be enrolled for security reasons
Intune Conditional Access
Restrict access to sensitive data by applying conditional rules
“We get 320,000 attacks every day, mostly by email and many of those come through BYO devices.”
Don’t control your users, enable them
IT Administrators have more options than ever for device enrollment, user enrollment, work profiles, app management and secure data containers.
Read our blogs below to see what is possible:
What are managed Apple IDs
How to configure Android Enterprise Work Profile
How to configure Apple User Enrollment
BYOD in the era of user privacy
Configure custom enrollment screens on iOS
Mobile Mentor is a Microsoft Gold partner and our engineers are certified by Microsoft, Apple and Google. You are in safe hands.
GET IN TOUCH
Contact a Mobile Mentor expert today
Mobile Mentor is Microsoft’s 2021 Partner of the Year for Endpoint Management. Our engineers are certified by Microsoft, Apple and Google.
Complete our contact form below and one of our consultants will get back to you within 24 hours.
Featured
Key Considerations for a Smooth Transition from Jamf to Intune
The introduction of platform Single Sign-On (SSO) for macOS devices marks a significant advancement in device management for businesses using Microsoft Intune. The development is crucial and may influence many to migrate from JAMF to JAMF to Intune.
Adapting to Change: Navigating JAMF’s 2025 End to Conditional Access Support
In January 2025, businesses using JAMF Pro alongside Microsoft Entra ID for Conditional Access will encounter a significant change that could impact their entire device management strategy. JAMF will discontinue its support for conditional access, a move driven by Microsoft's transition from the Partner Device Management Legacy API to the new Partner Compliance Management API.
What is Microsoft Entra and How Does it Work?
Microsoft Entra is a suite of identity and access management solutions designed to help businesses secure and manage digital identities in a modern, cloud-native environment.