Let's talk a little about the BYOD phenomenon. Ever since the beginning of the smartphone era, owners have wanted these devices on their business networks. Then, in 2007, along comes the iPhone, and the "touch" era begins. No one is looking back. In fact, some IT directors may be afraid to look forward.
The initial struggle was to overcome the real fears IT directors had over data and network security. After that it was concerns about integrating the highly popular (and, at the time, new) Apple products into a PC-centric infrastructure. Then it was about supporting iPhones, and the (seemingly) rapid and endless updates to the product and the OS.
Of course, it was the senior executives and high-status managers who demanded full integration of the iPhone, and later, Android devices, into the enterprise network. The revolution was occurring from the top, and that meant that IT directors were forced to play the game of BYOD. The flood doors were opened, and the evolving mobile ecosystem was built around that notion that people, in the search of productivity and convenience, will support the cost of a mobile device if it provides what they want. Internal costs, security concerns, etc. be damned!
The Bring Your Own Device (BYOD) era was born over the years spanning between 2008 and 2011. By 2012, MDM software had grown up, enabling full enterprise integration, custom configuration, unique grouping and permissions, and remote securitization features, all of which had been virtually unimaginable in 2009.
But even as BYOD continues to become commonplace, it still carries risks. Connecting employee-owned devices to the enterprise IT infrastructure creates potential security leaks, and employees may risk personal data as well. There are potential threats in employee-installed applications, and the threat that devices will be hacked. And, of course, there are more practical problems, like too many devices, form factors, and OS's to manage effectively, (if they can be managed at all). It's the IT director's worst nightmare realized.
Enter CYOD. IT directors in the enterprise are slowly adopting a Choose Your Own Device (CYOD) strategy. This enables employers to offer employees a choice of pre-approved devices. One of the main advantages of CYOD, often viewed as a more manageable version of BYOD, is that the company owns the devices and therefore controls the security. Here we'll take a look at the newest version of BYOD and what it means for IT. (Get some background on BYOD in BYOD: What It Means for IT.)
EMM: The Key to CYOD's Success
An enterprise mobile management (EMM) solution is a necessary first step in CYOD, helping to secure, monitor and manage a fleet of mobile devices regardless of carrier or type, and implementing policies and security measures to prevent data loss or security breaches. Without the mobile device management (MDM) component of an EMM, organizations must risk having unmanaged, unsecured devices and must deal with the administrative burdens associated with running multiple operating systems. Another advantage of an MDM application also means that organizations can ensure all devices contain software to wipe sensitive data should they be lost or stolen, as well as easily replace the devices. (Read more in Mobile Device Management vs. Mobile Application Management: The Big Fight Continues.)
An intriguing aspect of the use of EMM in a CYOD environment is a "mobile device configurator", where employees are given a "mobile device credit" that can be used up to a specified dollar or credit limit. For example, an employee could be directed to a location on the company intranet to select a device. Once selected, the employee chooses options such as internal and external storage, data plans, accessories and other components. Following the selection of a device, CYOD users might continue with provisioning the device, relying on pre-set permissions, security requirements, and a trip to the enterprise app store to select communications and productivity apps. EMM software can help to control mobile data costs, and provides more complete visibility into utilization data, such as ongoing visibility in bandwidth and data use.
Of course, managing devices is made easier when companies exert this much control. The obvious downside to CYOD, however, is that employees may not necessarily agree with the approved list of devices and apps, and may prefer using their own personal device for work purposes. In addition, unlike with many BYOD agreements, in this case the organizations generally incur the cost of the devices being used.
CYOD and Security
If you're thinking about CYOD in terms of security, you may be on the wrong track. IT security professionals need to think in terms of mobile application management, rather than device management. Security should be applied to the app not the device, and should be integrated vertically into the security management plan for the entire application. When you look at it that way, the difference between BYOD and CYOD is not about security, but about who owns and supplies the equipment.