BYOD Made Manageable
Enterprise Brief
How to balance good IT security practices
with user privacy and personal data protection
to increase user adoption of BYOD programs
The rise of smartphones as an umatched personal productivity champion has resulted in an
always-connected, modern, mobile workforce—and a big challenge for IT management.
Smar tphone ownership is ubiquitous, and
Privacy matters to users
most employees are bringing them to work,
O u r s m a r t p h o n e s c a r r y t h e m o s t p r i v a te
re g a rd l e s s of c o m pa ny p o li cy. In th e pa st
kinds of data: our personal correspondence,
few years, IT managers have tried various
photos, contacts, and documents. Even the
i te r a t i o n s o f p e r s o n a l d e v i c e p o l i c i e s :
choice of apps installed on the device can
ever y thing from an outright ban of personal
r e ve a l ve r y p r i v a te i n f o r m a t i o n a b o u t o u r
devices to a wide open policy of Bring Your
hobbies, habits, and lifestyle. It’s no surprise
Own Device ( BYOD). The success (or failure)
t h a t m o s t e m p l oye e s a r e r e l u c t a n t to g i ve
of a BYOD program hinges on user adoption,
access to that information by enrolling their
r e q u i r i n g t h e r i g h t b a l a n c e of I T c o n t r o l
personal smar tphone in a Mobile Device
and personal privacy. This paper outlines
Management ( MDM ) system controlled
a strate g y fo r str ik in g th at ba l a n c e a n d
b y t h e i r o r g a n i z a t i o n’s I T g r o u p.
m a k i n g BYO D w o r k .
Critical elements of successful BYOD
Alleviate
IT security
concerns
Ensure
privacy for
the user
Reduce
program cost
and complexity
Increased
user
adoption
W h e n BYO D p ro g ra m s fa il, o n e c o m m o n
Striking the balance
r e a s o n i s u s e r s’ r e l u c t a n c e to vo l u n te e r
Both users and IT have per fectly valid
access—or even the perception of access
—o f t h i s p e r s o n a l d a t a to a n I T a d m i n .
Personal privacy mat ters, and users are
i n c re a s i n g l y s e ns i ti ve to a ny at te m pt at
breaching the privacy barrier in the name
of I T c o n t r o l.
concerns. T he employee doesn’t want to
give up access and control of their private
d a t a , a n d t h e I T a d m i n d o e s n’ t w a n t to
ex p o s e t h e i r i n te r n a l n e t wo r k to t h r e a t s
from unsecured endpoints. For many
organizations, this logjam meant failure
for their BYOD program.
Security matters to IT
For the IT manager, the idea of unfet tered
One solution to satisf ying both concerns
access to internal resources from personal
is to rethink the role of MDM as it applies
d e v i c e s w i t h u n k n ow n c o n f i g u r a t i o n a n d
to BYO D. I n s te a d o f a o n e - s i z e -f i t s - a l l
security controls is the stuff of sleepless nights.
approach, IT managers can choose an
Smartphones are a common target for malware
MDM tool that’s designed for BYOD, with
and present a potential vector for intrusion
privacy protections to satisf y the employee
when connected to an organization’s network.
a n d s t r o n g s e c u r i t y c o n t r o l s to s a t i s f y
t h e n e e d s o f g o o d I T securit y.
Without any visibility or control of the endpoints,
good IT security is an impossible task. The need
Simpler is better
for security is what pushed many organizations
A simple approach to managing devices in a
to u s e M D M f o r t h e i r BYO D p r o g r a m , a n d
r e q u i r e e m p l o y e e s to e n r o l l t h e i r p e r s o n a l
device to gain access to the internal network,
m a i l, c a l e n d a r s, a n d V PN.
BYOD environment helps IT and the user be
more successful. Unnecessary complexities
such as dual personas or segmented data
containers change the native user experience
on the device—of ten for the worse—and
BYOD, without unnecessar y complexities
inhibits user adoption. MDM tools that are
and added costs. This approach still gives
sold as the solution to BYOD security may
IT all necessar y securit y controls, and
end up driving users away due to this
p r ote c t s t h e u s e r ’s p e r s o n a l d e v i c e by
overburdensome complexity. Once users
a l l ow i n g t h e m to s e e ex a c t l y w h a t t h e
opt-out of device management, IT security
I T a d m i n c a n a n d c a n n ot d o.
becomes an impossible task.
Example BYOD management controls
T he alternative is a tool that is designed
IT admin can:
for BYOD management and eliminates the
• L ock the device and remove a passcode
complexit y of one-size-f its-all MDM. T his
• A pply institutional configurations, like Wi-Fi,
preferred method does not require multiple
VPN, mail, and passcode requirements
tools or apps to enforce corporate policies,
• I nsta ll a nd re move insti tu tio n a l a pps
and the data used by those apps
and eliminates distractions and unnecessary
steps both for IT admins and users. The goal
for a successful BYOD program is safe, secure
IT admin cannot:
• E rase private data like photos, personal
m a il, o r c o ntac ts
access to corporate resources—not additional
hindrance and complexit y.
• R emove any personal apps
• V iew any private data including the
n a m e s of p e r s o n a l a p p s
MDM for BYOD
• R estrict the usage of the device or limit
To satisf y this need, leading organizations
the personal apps that can be installed
choose a feature set built specifically for
Conclusion
A successful BYOD program is a benefit to employees and IT admins alike.
Users get easy access to critical resources like mail and calendars without
sacrificing personal privacy, and IT admins can preser ve good IT security with
personally owned devices. With the right MDM solution, IT can concentrate on
addressing critical enterprise needs without friction from the technology itself
or from users. And users receive comfort and familiarity with their own device
without intrusive IT involvement.
Visit jamfsoftware.com/byod to learn
about the Casper Suite BYOD solution.
[email protected] | 612.605.6625 | www.jamfsoftware.com
©2014 JAMF Software, LLC. All rights reserved.