"Four or five years ago, it was all about the mobile elite," says John Herrema, senior vice president of corporate strategy for Good Technology, provider of secure mobile solutions. "They had company-owned devices to do some pretty basic things around email, browsers and PIM. Apps never really took off on that platform for a variety of reasons. But what we're seeing now is these BYOD devices have a ton of corporate use. Users are self-reporting that they're doing the equivalent of an extra week of work a month on their mobile devices by doing things like checking their email before they go to bed. The devices are out there. The users want this access. The more you give them access, the harder and longer they work. If you can't find a way to overcome [the security concerns], you are leaving massive amounts of productivity on the table."
Secure the Data With Mobile Application Management
Several different strategies are emerging to help organizations control their data in a mobile environment. One of the more popular strategies is MAM, often associated with the creation of curated enterprise app stores. The idea behind MAM is to focus enterprise resources on managing what's really important to the business-its data-by taking charge of the apps that can access that data while leaving employees in control of the devices they own. MAM allows organizations to mandate encryption, set and enforce role-based policies for applications including how they store and share documents and even remove data and deprovision apps when an employee leaves the company (or loses a device). In other words, you can ensure that sensitive data never leaves your customer relationship management app without preventing salespeople from playing Angry Birds on their own devices during their own time.
"I'm not going to access proprietary data by opening Angry Birds," says Brian Duckering, senior manager of Enterprise Mobility at Symantec, which has also adopted the MAM approach. "So do I need to manage Angry Birds? Probably not."
"We've always believed that ultimately security and compliance boils down to being able to control the data," adds Herrema. "Trying to control the device, in a lot of cases, is neither necessary nor sufficient. A lot of the typical device management methods don't work anymore in a BYOD world. You can't tell a BYOD user who owns an iPhone 4S that they can't use Siri or iCloud or that they can't use the App Store. At the end of the day, if you have control of your own data and make sure that your data isn't leaking off into personal applications and services, you don't have to touch the rest of the device. I don't have to tell the user that you can't use Dropbox. I just have to make sure that none of my sensitive corporate documents wind up in Dropbox."