BYOD or COPE: Which mobile company strategy to choose?

The use of mobile devices has clear advantages for business, but at the same time comes with increased risk. There are predominantly two mobile strategies that companies can employ. However, each come with advantages and disadvantages making it very important to understand each when determining which option is right for your organization. This article will discuss the pros and cons of BYOD – Bring Your Own Device and COPE – Corporate Owned Personally Enabled

The BYOD model (Bring Your Own Device) – allows employees to introduce their personal devices (laptops, tablets and smartphones) into their workplaces and use these devices to access company data and resources.

There are several advantages in implementing BYOD. Employee’s working environments are enhanced, as they are able to utilise tools with which they are familiar, as opposed to having an unfamiliar device to use in addition to their personal device. As a result, adoption time is much quicker and less training and technical resource is required which leads to increased productivity. Employees tend to update their devices on a more frequent basis than would be typical for a business, giving the company the opportunity to take advantage of the most up-to-date technology. Significant cost savings can be realised as the costs of frequent upgrades, carrier negotiations and management are minimised.

Alongside the many advantages of BYOD comes the increased risks of securing and managing disparate devices, operating systems and applications. Data leakage, security settings and use of unsecured WiFi networks outside of the office, are amongst the real threats that can keep a CIO awake at night. Although the BYOD approach reduces easily identifiable cost savings, without the right policies in place, a company could expose itself to significant hidden costs. IT costs can spiral as administrators struggle to manage diverse devices, trying to allow appropriate access to data, whilst at the same time ensuring the security of that data and minimising security hacks and threats. All CIO’s are aware of the potential losses a company can suffer to its brand and reputation from the theft of data. Many of these security challenges can be avoided, if an organisation choses the COPE approach.

The COPE (Employee-Configured Corporate Device) model is a model in which an organization buys and provides mobile devices to be used by employees. This approach facilitates the organization’s mobile device management (MDM) and mobile application management (MAM) tasks and provides the organization with greater opportunity to protect its data both technically and legally. As the company provides the device at its own cost, it can dictate its usage, access to data, security and other aspects such as control of the time and location of its use. 

The primary challenge of the COPE approach is the level of freedom that organizations allow employees to download and use applications for personal use, and convincing employees that their usage of social media, for example, will remain private and not be exposed to their employer. If an organization permits employees to freely download applications from third-party application stores, the chances that malicious programs or code may penetrate corporate devices and create a threat for data hacking increases exponentially. Since mobile devices have become the main targets for cybercriminals, it is critical that the solution which is used to manage and protect mobile devices, has the functionality, that allows the application of “black and white” lists policies. It is also vitally important that corporate data can be containerised and encrypted on the device and kept distinct from purely personal usage. This is equally important for both approaches: COPE and BYOD, as personal and corporate data should always be separated on any device.

The clear advantages of COPE include the ability to manage and control under what conditions the device can access certain applications, sites, services, networks and resources. In addition,  conditions for access can be limited, for example, in restricting the use of social network applications at work, or using geolocation functions, limiting access to resources based upon location or even motion. Data can also be wiped from the device should it be lost or stolen, or if an employee leaves an organisation without returning the device. 

Many companies adopt a mixed approach. In such environments it is important that the solution which manages mobile devices, is agile and can provide full control over a fleet of smartphones and tablets, regardless of device model or operating system. Proget Mobile Device Management is a solution that supports mobile platforms based on iOS, Android and Windows. Proget MDM meets the modern standard for an architecture based upon open source software, the hardware requirements being amongst the lowest among solutions of this class. A variety of security features and extensive customisable options ensure peace of mind and the level of proper control in any company, regardless of the model that they chose.