The BYOD movement has become an acceptable way of doing business nowadays, with more and more employees using their personal mobile devices for work. But when it comes to BYOD privacy concerns, there are two sides to consider: the employees using their personal devices for work, and the IT administrators tasked with protecting corporate data.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
IT administrators deploying enterprise mobility management (EMM) systems might say that, no, BYOD users do not deserve privacy. Admins enact policies on devices that grant access to company data, email and apps; it's up to the BYOD user to sign that policy to gain access to those items. Companies that subsidize the devices employees use for work could argue that IT should be able to access these devices, potentially hazardous apps and company email and data stored within those apps.
But does this mean the enterprise should have access to all the apps on an employee's device, or just the ones associated with work or downloaded through the company's app store?
Any IT admin who has deployed EMM would likely find that employees are pretty passionate on the subject of BYOD and privacy. They might be really excited to be able to do work from anywhere, but also extra suspicious of the company's ability to see what they are doing on their mobile devices. From an employee's standpoint, he could say it's his device; since his employer is requiring him to access company resources and do work from anywhere, he should be entitled to privacy.
Both sides have a substantive argument. Users should have BYOD privacy for their own apps, email, photos and personal data, but not for company-provided apps, company email and data. IT can appease both sides by sandboxing corporate email, apps and data; sandboxing may require a separate login, but makes it clear for the user that company applications are separate from their personal items. Android for Work, for instance, only allows IT to control an employee's work profile.
What about concerns of companies spying on their employees' devices? BYOD users should keep in mind that those on the corporate side have little interest in messing with their personal photos and data. Admins also have personal photos and data on their devices and do not have the staff or time to mine every app on an employee's phone. IT's goal is to simply protect company resources against security threats, meaning employees using their own devices for work must surrender some privacy.
Why companies need a BYOD policy
How to balance BYOD security and privacy
IT's guide to BYOD management
Dig Deeper on Enterprise mobile security
Related Q&A from Matt Schulz
It's important for organizations to stay current on what's new in mobile malware and to develop security policies to combat these vulnerabilities. Continue Reading
Changes to how IT can enroll Apple devices in mobile device management and how users can multitask will provide a boost to iOS 11 in the enterprise. Continue Reading
With so many mobile security challenges around the bend, admins may worry they'll never see the finish line. IT can achieve security success by ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.