As an email management vendor with its own mobile offerings, Bauer says Mimecast has a unique situation. Employees naturally use a broad range of devices to test for compatibility with their apps, as well as completing their own tasks. In order to support this environment while reducing risk, Mimecast's BYOD policy includes a comprehensive list of approved devices employees can use for work purposes, including iOS, Android, BlackBerry and Windows Phone. As a protective measure, when employees want to use a personal device for work, they have to register it with the IT team so the remote wipe capability can be synced.
"As companies are having to expose their IT services broadly on the internet so that all these devices that users are trying to access from can actually get to the IT applications, portals, email services or run business applications, the access control is enforced on a per-device basis," Bauer says. "So you can bring your own but it doesn't mean that you can just go and use somebody else's device or pick one up without actually going through a registration process with a company."
Bauer says Mimecast's BYOD policy is not written in stone, and is "going to be a work in progress." As new mobile management tools come to market, and mobile app developers continue to cater to the increasingly mobile worker, management policies in general will need to bend accordingly.
It comes as no surprise, then, that 74% of DevConnections attendees responding to Mimecast's survey said the biggest challenge in the age of BYOD is managing information security. When it comes to enterprise mobility, the most effective approach will be to keep mobile devices on a short leash until further trust can be justified, Bauer says.
"We need to start with an approach like this and then see how it works, and then modify it once we've seen more," Bauer says. "Generally, it's about having tighter controls initially and then loosening them up a little bit when we understand more of the implications."
Colin Neagle covers emerging technologies, privacy and enterprise mobility for Network World. Follow him on Twitter https://twitter.com/#!/ntwrkwrldneagle and keep up with the Microsoft https://twitter.com/#!/microsoftsubnet , Cisco https://twitter.com/#!/ciscosubnet and Open Source community blogs. Colin's email address is firstname.lastname@example.org.
Read more about anti-malware in Network World's Anti-malware section.