Mobile Device Management, BYOD
Posted 18 Aug at 9:08 pm in Productivity
What is Mobile Device Management?
Mobile Device Management (MDM) is a technology/practice used to manage and control mobile devices, such as smartphones and tablets, within an organization or workspace. MDM involves the deployment of software solutions to oversee and maintain these devices remotely while ensuring proper data protection of work-related data.
Mobile device management certainly has its perks: enhanced security, more seamless configuration, application management, compliance assurance, and remote troubleshooting to name a few.
Bring Your Own Device (BYOD)
One thing that seems to be becoming more common in the workplace, is bringing your own device and conducting some level of business from it. This could be anything from joining a Teams meeting, checking your email inbox, or handling particular business matters. This serves as a viable solution for both the employer and employee as it is oftentimes cheaper than configuring a brand new phone(s) and allows the employee to stay connected on a device they are familiar with.
MDM: The Process
BYOD MDM involves implementing specialized mobile device management solutions to effectively manage and secure these personal devices when they are used for work purposes. Here’s how it works:
Device Enrollment: When opting to use their own device, employees will be required to enroll their device in their organizations BYOD MDM program. During this enrolling, the device will be configured to adhere to particular security policies and settings that have already been determined by their employer
Security Policies: The organizations IT department, or MSP, can/will enforce policies on these enrolled devices. Generally, these policies are more-or-less best practice for cybersecurity, such as requiring strong passwords (character limit, special characters, etc.), data encryption, and ensuring software updates are seen regularly.
Application Management: Mobile device management also may push out the installation of certain applications that your company requires you to have on your mobile device whether this be a company portal or Microsoft Teams, Office, etc.
Data Protection: BYOD MDM helps safeguard sensitive organizational data by enabling measures like remote wipe, selective data wiping, and data encryption. This is crucial in case the device is lost, stolen, or in the event of an employee leaving the organization.
Separation of Work and Personal Data: One of the challenges with BYOD is separating work-related data from personal data on the device. MDM solutions can create containers, or profiles, on a device that may keep your business-sided software totally sepearate from that of your standard applications.
Android devices will offer a totally separate profile, similar to that which you’d find on a PC.
Apple devices will keep everything separate, in terms of permissions, security measures, etc., but they will all be found in the same location (somewhere on your homescreen).
Monitoring and Compliance: Organizations can monitor the usage and behavior of devices to ensure they comply with security policies and industry regulations. This includes tracking device health, identifying potential security threats, and responding to security incidents.
User Privacy: Balancing the security needs of the organization with the privacy of the user is crucial in BYOD MDM. Organizations must implement measures that protect company data without overly infringing on the user’s personal space.
What Can My Employer See?
Your employer should only be able to see the applications they have pushed onto your phone. For example, if you are doing your personal browsing in the Microsoft Edge browser that your employer had installed via MDM, then they likely can see what you are up to. With that being said, if you instead browse on a different browser, such as your phone’s native browser, you’re likely to be fine in terms of keeping your data private.
Your employer cannot read your text messages. But, your employer may be able to read your Microsoft Teams chats if you are on a work profile.
Your employer cannot see your photos. But, your employer may be able to see your photos you backed up to your company managed cloud service.
In short, keep your personal data off of the apps that your company controls and you are likely fine.
What if I Lose My Phone?
If you lose your phone, let your IT team know as soon as you can. In the event of a lost, broken, stolen, etc. phone, your personal data will not be wiped/deleted but, your company data will be revoked from the phone (still accessible in some capacity, likely from your laptop).
MDM BYOD TLDR
Mobile Device Manage, in short, is a process that allows your organization to push out certain apps to your device (or their provided device if it’s not a BYOD). The apps are managed by your employer and kept separate from the rest of your phone Your employer, or tech team, likely is not concerned about what it is you have on your phone. Instead, they are primarily interested in ensuring that the company’s data is safe.