Bring your own device management
Consumerization of IT, a phrase used to describe how an Information Technology (IT)-related entity first emerges in the consumer market before permeating into enterprises, largely as a result of employees getting used to the technology/devices available at home and thus, preferring to use it in the workplace as well.
BYOD or Bring Your Own Device is one of the core concepts of Consumerization of IT, whereby employees who’ve been using a particular device frequently at home decide to use the same in their organization as well. BYOD has a lot of advantages for both the employees as well as employers.
Features of a BYOD setup:
- No learning curve: As the employee is already used to the device, there is absolutely no learning curve.
- No additional devices to be purchased: Employees needn’t use multiple devices - one for corporate usage and one for personal usage, as the personal device can be used for both.
- Access to corporate data/apps anywhere, anytime: With their personal devices, employees have the option of working remotely.
Advantages of a BYOD setup:
- Increased Productivity: As there is no time taken for device adoption, employees can start to work immediately, thereby improving productivity.
- Cost Efficient: As employees bring in their own devices, enterprises needn’t purchased any additional devices.
- Improved employee satisfaction: Giving the employees the option to choose and/or use a device of their preference to work, leads to increased employee satisfaction improving efficiency.
Along with the advantages, there are certain disadvantages as well:
- Security: As the corporate apps and data exist along with personal apps and data, there are high chances of data loss or unauthorized data sharing.
- Loss of device: Unlike corporate devices which are bound to be within the organization’s premises, employee’s personal device is carried out of the organization’s premises and can be lost/stolen/misplaced. In addition to losing the device, there are high chances of unauthorized corporate data access.
- Device Disparity: In case of corporate owned devices, most of them manufcto a single OEM or a couple of them. However, in case of BYOD, there going to different device types manufactured by several different OEMs, making management difficult.
- Privacy: From the perspective of the employees, the enterprise taking control of their personal devices in order to manage the corporate data present within, can be considered as an infringement on their privacy.
ME MDM as a mobile device management solution, lets you leverage all the benefits of a BYOD setup while nullifying any disadvantages due to its extensive set of BYOD-related features:
- Simple and quick onboarding
MDM provides you with onboarding methods which are can be utilized by the employees to enroll their devices with MDM. As an IT admin, all you need to do is to send an enrollment invite via E-mail or SMS and the employees can follow the instructions to enroll their devices within minutes. There’s the other option of enrolling personal devices by providing AD credentials to enroll their devices themselves with minimal user intervention via self enrollment. Further, as MDM can handle device disparity as it manages multiple platforms (iOS, Android, Windows, macOS, and Chrome OS) and multiple device types (smartphones, tablets, laptops and desktops).
- Efficient management of personal devices
In case the organization has a mix of corporate and personal devices, you need to configure separate set of policies for corporate devices and separate ones for personal devices. This can become cumbersome when dealing with a large number of devices. MDM lets you cluster personal devices into groups after which you can associate policies and apps to these groups. Once associated, any time a personal devices is brought under management, all you need to do is add it to this group. On doing so, all the policies and app previously associated to this group gets automatically associated to the personal device. In case you've got multiple groups for personal devices, MDM eases the process of switching groups as well using Move to group. This ensures when a device is moving from one group to another, the policies and apps from the previous group gets automatically removed and the ones from the new groups gets automatically associated.
- Managing only corporate data
Containerization lets you manage only the corporate data while having zero control over the personal data. This is possible due to the creation of a logical container which isolates the corporate data and personal data despite co-existing in the same device. Enterprises can only manage the corporate space while ensuring there is no unauthorized access/sharing of corporate data.
You can configure basic policies such as Wi-Fi, E-mail, Exchange ActiveSync etc, on the device ensuring employees needn’t spend time configuring corporate policies. Also, you can configure policies containing restrictions to ensure secure access to corporate data and/or to ensure devices adhere to certain organizational security standards.
You can build your own app catalog and create an application self-service portal for the employees to install the apps they need. In case of in-house enterprise apps not available for public download on the Internet, you can have them easily distributed using MDM. You can also pre-configure settings (supported for iOS, Android and Windows) as well as permissions for the apps thereby ensuring the apps are ready to use on installation and requires minimal user intervention.
MDM also integrates with Android Enterprise (also referred to as Google Play for Work), Apple Business Manager(previously known as Apple Volume Purchased Program), and Windows Business Store ensuring you can silently install/update/uninstall apps without any user intervention. However, for this the devices need to be provisioned as Device Owner in case of Android and Supervised in case of iOS.
To ensure devices accessing corporate data adhere to organization compliance standards, you can periodically scan devices to fetch basic device data such as OS version, space available etc. In case the personal device is running outdated OS versions, you can initiate and automate OS updates from MDM server.
As the devices are handy and portable, there are high chances of it being lost/misplaced. If it is misplaced, MDM lets you remotely lock the device to prevent unauthorized data access. You can locate the device and make it ring an alarm to get its exact location. In case the device is lost, you can enable Lost Mode which automatically locks the device and prevents it from being accessed. To ensure device cannot be unlocked from Lost Mode by providing the device passcode, MDM provides you with the option of resetting the passcode. You can optionally display a message and a contact number to hand over the device to its rightful owner. Lastly, you can choose wipe the device to prevent misuse of data.
Further, in case the employee encounters an issue on the device while not being in the organization's premises, you can choose to remote troubleshoot the device by viewing the device screen or controlling. To ensure user is fully aware of this, MDM prompts the user to accept a remote session or in case of iOS, the employee needs to perform certain functions on the device to initiate a session.
In case an employee leave the organization, you can deprovision the device which automatically corporate wipes the device ensuring the device has no corporate data present on it while retaining other personal data on the device.