888.624.6737

syse-blog-header

Mobile Application Management: Secure Critical Data on BYOD

September 18, 2020 | Posted in:

Workforce Enablement, Cloud Security

Now more than ever your employees are working on personal devices. A recent Microsoft study reported that 67% of people use personal devices in the workplace. Tasks such as sending emails, reviewing documents, accessing applications, and other business productivity actions are performed on personal devices daily. Employees work on their own devices as a matter of convenience and, for the business, the productivity benefits are appealing. Be informed about the benefits and risks of this growing trend, and learn how you can manage and secure your sensitive company data.

The trend of using personal devices for work-related activities is known as Bring-Your-Own-Device (BYOD). In recent years, the BYOD security market size has increased at a CAGR of over 25% from 2016 through 2023, according to Global Market Insights. More recently, the business climate born from the global pandemic further spurred the BYOD trend. This event was a paradigm shift for how business gets done, and many companies were thrust into supporting a remote workforce overnight. Organizations scrambled to quickly deploy devices and apps to keep employees up and running. At the same time, employees used whatever tools and programs were available to remain productive. What many thought to be a short-term experience has turned into a fundamental change, introducing a new level of risk companies may not have had before.

The benefits a company can realize with BYOD include reduced company hardware expenditures and increased productivity for employees. On the other hand, BYOD's underlying risk is opening up more ways for a cybercriminal to breach your network if not properly managed.

One critical component of a mobile workforce strategy is Mobile Application Management (MAM). This solution protects your company data at the application level on an employee's device. MAM should not be confused with Mobile Device Management (MDM), used to manage organization-owned devices such as laptops. BYOD can offer many benefits, but organizations need to understand and address the risks when implementing a BYOD program.

Workforce Enablement Mobile Application Management_BYOD Security

Bring-Your-Own-Device Benefits and Risks

To help decide whether employees can use BYOD for work is to conduct a due diligence exercise. Evaluate the benefits versus the risks of BYOD and understand how much control you need over your data and apps to meet your security obligations. When conducting this exercise, consider employment law and whether you need different BYOD policies for exempt and non-exempt employees.

Potential benefits of BYOD:

  • Increased employee satisfaction- Convenience and flexibility to work where and how they prefer leads to a happy, more productive workforce. 
  • Manageable costs - Employees own their devices, manage their own data plans, and are responsible for their own smartphone upgrades. No need to administer corporate data and equipment plans.
  • Improved productivity- Your budget can now focus more on deploying apps that work seamlessly between the desktop and mobile devices.
  • Employ cloud security tools – With mobile devices, businesses can proactively implement the latest authentication technologies to prevent cyberattacks such as phishing, password theft, etc.

Potential risks of BYOD:

Know the risks of allowing unsecure or unmanaged devices to access your organization's critical data so your BYOD program can address them.

  • Data Leakage – The use of personal devices for work inevitably creates unauthorized transmission of corporate data. Whether intentional or not, this could be as simple as an employee downloading a document on to their phone. It is vital to stay in control of data by regulating the unauthorized download, copy, and export of sensitive materials.
  • Data Theft - This can be an issue if unencrypted company data gets transmitted over an unsecured Wi-Fi network. Airports, coffee shops, and even hotel Wi-Fi networks can leave data vulnerable to cyber hackers.
  • Malicious Apps – With unmanaged BYOD, you have no control over the quality of apps your employees install on their devices. Once a malicious app is installed, cybercriminals can access their phones and, ultimately, your data.
  • Lost Device - If an employee loses their device without proper security protocols and management in place, this can become a significant threat. In the wrong hands, the device can be hacked and expose critical company data.
  • Shadow ITThis is when an employee uses technology outside the purview of your IT department to get their work done. Unauthorized solutions like cloud storage, video collaboration tools, or messaging can be used for convenience to exchange sensitive company data. When your IT department has no visibility of these programs, they are unable to properly manage the security level and sharing capabilities to protect sensitive data.

It is especially important to consider the above risks with increased caution if your company is accountable to legal and regulatory compliance obligations such as HIPPA or the SOX Act. Any BYOD efforts put in place need to meet external security and privacy requirements, so your company does not fall out of compliance.

Mobile Application Management, Secure BYOD

Mobile Application Management Secures BYOD

If you decide BYOD is right for your company, the next step is to employ a Mobile Application Management (MAM), Mobile Device Management (MDM) or a combination of the two. MAM has become a good experience for both the employer and employee wanting to use BYOD in the workplace. It allows the business to have control over their apps and the data without impacting how the employee uses their personal device. In addition, the employee no longer needs to worry that the employer has total control over their device (MDM) and that all their personal data will be wiped if the employee leaves the company.

Where MAM shines is in its ability to track and control data within an application or in transmission. These actions are critical when protecting your company data while enabling employees to work how and where they want. IT admins must have control and visibility of corporate apps and data on BYOD used by employees. A MAM solution, such as Microsoft Intune, gives IT the option to manage the apps that contain corporate data while leaving personal data untouched.

MAM benefits organizations can realize:

  • Protecting your company data at the app level vs device – Management is centered on the user identity, so MAM does not need control of the whole device. You can now protect company data on any device.
  • Applying policies only in a work context – This gives you the ability to protect company data without touching personal data.
  • Enforcing App-layer protections –For example, you can:
    • Require a PIN to open an app in a work context.
    • Control the sharing of data between apps.
    • Prevent the saving of company app data to a personal storage location.

There are many decisions to make when adopting a long-term BYOD strategy. Factors such as compliance and user experience will drive the solutions that will enable a successful BYOD program. With BYOD becoming the way more business gets done, embrace it, but more importantly, secure it.

Secure my Mobile Workforce 


If you would like to learn more about how MAM can bolster your remote workforce's security posture, contact us at info@systemsengineering.com or call 888.624.6737 to speak to a Systems Engineering representative. Clients, please reach out to your Account Manager.