November 25, 2019
It can be complex to choose between several device distribution methods in an organization. While it's essential to explore and understand what best fits your business needs, and what are the overall implementation hurdles, security should always be a top priority. Why? Because as remote work becomes the norm, employees and their devices are the primary target for cybercriminals.
Mobile device security challenges
When choosing a mobile device distribution approach it is important to consider the relevant security challenges:
- securely access resources;
- secure always-connected devices from network-based attacks;
- protect against malicious apps;
- protect against phishing;
- assess the security capabilities of mobile device management tools;
- simply and accurately identify threats to mobile devices and mitigate them.
What are the threats
Protecting devices anytime anywhere is crucial as they can be at risk both on the corporate or on any other network. Phishing attacks enable criminals to access the corporate network and sensitive data when unsuspecting employees download malware, click on malicious links or even authenticate using company credentials on fake websites. Moreover, malware can be brought back to the office or corporate network from anywhere: conferences, coffee shops, homes, or airports.
Bring Your Own Device - BYOD
For several years, the trend has been toward BYOD. The BYOD market is forecast to reach $367 billion by 2022, up from just $30 billion in 2014. 87% of companies acknowledge that their employees use personal devices to access business apps.
With the BYOD approach, employees have the freedom to buy the device they want to use and manage it themselves. If the company wants to add a layer of security around the usage and access to corporate data, they can use an MDM (mobile device management) solution.
Quick to deploy, no hardware costs, less management, and higher user convenience.
It can be challenging to enforce corporate requirements and security as device owners have to ensure device security themselves. Also, there is no visibility into how the devices are used. This creates the possibility that a compromised device will go undetected.
- Loss of control and visibility into the enterprise data.
- Many different operating systems to manage.
High risks of potential:
- Data leakage.
- Unauthorized access to company data.
- Malicious apps and content.
Corporate Owned, Personally Enabled - COPE
With the COPE approach, employees receive smartphones from the company and the company owns the devices. With this approach, users can enjoy the productivity benefits of BYOD, such as sending personal emails, accessing social media or downloading files.
This approach promotes a work/life balance on a single device. An organization has more control and authority over devices, as well as fewer security concerns than with BYOD. When necessary, it’s easier to administer device repairs and replacements.
There are tight procurement standards and it is slow to deploy. Employees have less freedom to choose what device they want, which might hinder their productivity if they receive the device they aren’t familiar with. To ensure there are not too many delays deploying new devices, IT teams must keep up with innovation and monitor policies. This option brings the highest hardware costs for the company.
- Employees can access personal email, social media to lead work/life balance but this can increase security threats while browsing personal content.
- Businesses choose COPE to prioritize security and control: IT teams can prevent users from accessing corporate data outside the corporate network or wipe the device if needed.
Choose Your Own Device - CYOD
With the CYOD approach, businesses provide employees a list of approved devices (that the company owns and manages) to choose from. Devices can be pre-configured and already have all the necessary apps and security features set up to ensure employee productivity and data protection.
This option offers lower hardware costs and employees are in control of their technology. However, procurement standards are tighter than those of BYOD. Support standards are streamlined, given a more homogenous pool of options. Users only have to carry one device.
It can be slow to deploy and the costs can surpass BYOD. Some employees might not be happy with the device choices and might struggle with replacement, repair, security updates issues. This option can limit employee access to certain apps and even certain functions.
- For IT teams it’s easier to manage and support the devices compared to BYOD.
- It provides the company visibility into each device’s security status, software version.
- A company has more access control to apps and resources.
- A company can take the lead to secure devices and enforce policy-based controls and network settings.
- CYOD increases security, but has a higher financial burden for the company.
How Fyde can help
Whichever option you choose, it must align with your organization’s needs, values, requirements, and security policies. Also, for startups and small companies BYOD is the most reasonable option as it helps to save costs. Regardless of the company size, have secure access practices set up before various devices start accessing your data. It’s crucial as it takes only one compromised device to risk security and success of the whole company.
Fyde can help you with that: it enables secure access to the company’s data in a simple, fast and reliable way. It enables you to have more control and visibility into who, when and what devices access your data. With Fyde you can set up policies to ensure the right people access the right data with the right devices and permissions. Fyde solves the problem of securing devices and does that job for you regardless of which device distribution model you choose. Read more about Fyde Enterprise here and learn how to modernize access and security for your business.