It’s a frustrating reality, but in 2023 the occurrence of companies experiencing hacks or cyber-ransom is staggering. It’s no surprise that these persistent attacks have left many IT leaders feeling downright exhausted. Bring Your Own Device (BYOD) programs are certainly no exception to the concerns of IT leaders.
It’s an understandable worry. The constant mitigation of looming cyber risks is no easy task, especially when considering the number of employees now remotely working on personal devices. As an IT leader yourself, you may have even questioned if continuing or starting a BYOD program is the right solution for your company – or if it would just be easier to pivot. Before you decide which direction to move, we have some helpful insight that may put your mind at ease in terms of thinking about BYOD security and set you and your team on the right path.
Should you abandon BYOD and assign remote employees secure corporate devices?
The short answer is “no.”
As you’re likely aware, your employees are already using apps like Outlook and Teams on their personal devices, regardless of whether those devices have been secured or not. That considered, it’s essential to recognize that these individuals may have, at one time or another, unknowingly carried out one of the three risky activities that are associated with common security breaches on BYO devices. Those activities include:
Typing passwords on multiple devices, which may or may not be secure
Clicking on links, which may or may not be malicious
Opening attachments, which may or may not have malware
It only takes a single mistake to expose your organization to cyber threats. Fortunately, with recent improvements in device management technology, there are more options to secure and manage personal devices. The recent advancements have ushered in a new era of BYOD empowerment where employees can retain control of their devices while still being secure. Full control is still available for the most sensitive use cases, but for many a light touch is now possible. As a result, employees are more willing to use personal devices for work, and companies can be more secure.
How has BYOD technology recently improved from a security standpoint?
We’ve come a long way since the era when executives first swapped out their corporate blackberry for a first-generation iPhone or iPad. It’s safe to say that most IT leaders have collectively spent countless hours contemplating the nuances of mobile security, all while lobbying for device management platforms like Microsoft Intune in their organizations. Fortunately, we have turned a corner for the better in terms of BYOD security and can attribute recent progress to 3 critical advancements outlined below:
Microsoft built APIs into the Office 365 apps to facilitate ‘mobile app management’ instead of ‘device management’. The wording change is subtle, but the impact is enormous. It means you can protect your data without managing employees’ devices. This is ideal for companies that want their employees to access Outlook and Teams while letting employees retain control of their smartphones. Your company can still specify basic security requirements all while running the latest version of the OS.
Apple has created the concept of User Enrollment (as opposed to device enrollment). This is an important break-thought for millions of companies that want to empower their employees to use apps securely on BYO iPads and iPhones. User enrolment creates a separate logical area where company data is secure, while preventing visibility of personal apps and data.
Google/ Android has created Work Profiles to secure work data in a separate container on a personal device. One profile is for personal apps, and the other profile is exclusively for work apps that reside in an encrypted container. This well-designed solution enables an employee to easily switch between personal and work profiles while hindering them from moving data from work apps to personal apps.
While these new solutions are very exciting and establish a higher standard for BYOD security, some solutions may still require a good deal of internal work to stand up. Working with an experienced partner like Mobile Mentor can help achieve the right balance between security for the company and privacy assurances for employees.
How can you continue to improve your BYOD program’s security in 2023 and beyond?
We are always looking for ways to balance endpoint security and employee experience, so it has been encouraging to see technology mature to the point where an elegant solution is now available to BYO. There have been many challenges in the past decade. The biggest point of friction has remained the management of employees’ personal devices – without causing an invasion of privacy.
In 2023 and beyond, BYOD will remain a critical security vector. New solutions powered by Microsoft, Apple and Google will continue to improve. Knowing your employees are safe and their devices are secure will provide peace of mind to the IT leaders and your organization at large. Be agile, thoughtful, and ready to adjust to a shifting threat landscape.
We expect that the next big area of BYOD innovation will be Windows and macOS laptops. These devices have lagged smartphones traditionally, but coming innovations should open up these categories of devices as well.
If you’re looking for help getting started with BYOD at your company, be sure to check out our BYOD 365 service, or our Intune Security Baseline. Both are terrific resources for extending security to all devices. Should you have any questions, please contact us.