As consumers, most of us now use mobile devices for everyday tasks such as shopping and even banking—so why not simply add some business apps for professional purposes? Often referred to as bring your own device (BYOD), these BYOD programs can be perceived as an attractive solution given how many organizations are embracing remote work or hybrid work environments.
Determining the right approach has often come down to two choices: issuing staff corporate-liable devices or allowing staff to bring their own devices to work. Companies have to balance the need to drive productivity and a positive employee experience with enterprise mobile device security. When mobile devices are compromised, the consequences can be severe.
To businesses, BYOD might also seem like a way to save some up-front costs on purchasing devices, but there are vulnerabilities to consider.
BYOD: Hidden costs and corporate mobile security risks
In a 2021 executive brief, market research firm Frost & Sullivan said BYOD programs could lead to a range of enterprise mobile device security risks. This includes failure to keep up with security patches or use effective device protection, such as strong passwords and biometric authentication. These programs may also assume that employees know all the other guidelines for managing and securing mobile devices in the enterprise, but that isn't always the case.
The fallout from these risks could be significant. Verizon's 2021 Data Breach Investigations Report found that the cost of all breaches can reach into the millions, and breached companies underperformed in the stock market by approximately 5%.
Corporate-liable devices: What it means and key benefits
Contrast the BYOD approach with corporate-liable device programs, which go far beyond having employers hand team members a smartphone. In support of enterprise mobile device security, corporate-liable devices can allow the IT department to configure devices based on business requirements, enroll them in mobile device management (MDM) platforms and safeguard apps and data with security technologies and enterprise-grade policies.
This means when devices get lost or are stolen, keeping customer, company or employee data out of the wrong hands can often be handled remotely by the IT department. Beyond service and support, a corporate-liable device can be more easily integrated with back-end systems and apps that ensure they perform as expected. This helps to boost productivity and minimizes the need for employees to ask IT for help.
Having a more hands-on role in managing corporate-liable devices also allows IT to ensure employees are kept on the latest versions of the apps they need. In addition, IT can provide business continuity by backing up devices in the event they break down. Finally, corporate-liable devices can make it easier to comply with industry regulations such as PCI DSS.
Guidelines for managing and securing mobile devices in the enterprise
Even if companies do not opt for corporate-liable devices, they should still follow best practices and guidelines for managing and securing mobile devices in the enterprise. This includes using an MDM platform, endpoint protection, managed detection and response solutions, and ongoing security awareness training to ensure employees recognize common cyber threats.
IT departments can also bolster enterprise mobile device security by implementing two-factor authentication, separating work and personal content by utilizing allowlisting and blocklisting apps and by keeping their policies current.
Do you need assurance your organization is staying on top of the latest guidelines for managing and securing mobile devices in the enterprise? Learn how the right partner can help build security directly into your enterprise device plans and can help meet all your enterprise mobile device needs.
The author of this content is a paid contributor for Verizon.