What are the types of BYOD?

BYOD stands for bring your own device. It’s an IT policy that allows, and sometimes encourages, employees to access enterprise data and systems using personal mobile devices such as smartphones, tablets and laptops.

There are four basic options or access levels to BYOD:

  • Unlimited access for personal devices
  • Access only to non-sensitive systems and data
  • Access, but with IT control over personal devices, apps and stored data
  • Access, but preventing local storage of data on personal devices.

Why is BYOD important?

BYOD policy is important because it helps organizations strike a balance between improved productivity and managed risk.

BYOD as a work practice appears inevitable. Forbes reports that 60 percent of millennial workers and 50 percent of workers over 30 think the tools they bring from their non-working life are more effective and productive than those that come from work. What is termed the BYOD market is expected to hit almost $367 billion by 2022, up from $30 billion in 2014, Forbes also points out.

Security risks and additional complexity persist. But which is riskier asks IBM security expert Jeff Crume?

“Letting employees who may know little about threats or mitigation strategies sort out what the most appropriate defenses are, install the proper tools, configure them for optimal usability/security and maintain all this in the face of an ever-changing backdrop of newly-discovered vulnerabilities and attack types.

Letting subject matter experts chart the course and enable members of the user community to focus on their daily jobs.”

Most IT organizations, sensibly, are going with option B — which makes BYOD an inevitability for them and their teams. As such, BYOD becomes more than letting somebody from finance work on quarterly results from their tablet at home. It elevates BYOD to an IT imperative challenged with enabling a mobile workforce while mitigating the risks.

Benefits of BYOD

Improve productivity

Employees are more comfortable and proficient with their own devices. They are also more apt to adopt leading-edge features, and they don’t have to manage two devices.

Boost employee satisfaction

BYOD can also boost employee satisfaction by letting employees use the devices they choose and prefer.

Cut enterprise costs

BYOD can also help cut costs by shifting device costs to the user and away from the IT budget.

Attract new hires

There is enough to acclimate to when entering a new organization, that using your own device at work can be beneficial for that initial productivity. It is also a selling point for both Android and Apple users to know that they will not be required to use a different device type or learn a new mobile OS.

Risks of BYOD

As users potentially mix their personal and professional lives on their devices, they can unwittingly expose sensitive data or create vulnerabilities to malware (malicious software) and destructive cyber attacks.

An initial concern with BYOD was loss of the actual personal device and the sensitive or proprietary data on it. According to a 2014 study (PDF, 1MB), the ability to remotely wipe lost devices was the policy most enforced by organizations interviewed.

Unfortunately, cyber attackers are opportunistic, and soon found vulnerabilities through mobile applications and operating systems. By 2015, mobile devices monitored by IBM Trusteer® showed an active malware infection rate equal to PCs. A 2018 IBM Security Intelligence article notes an example of this type of threat by reporting the rise in mobile banking Trojans (malware disguised as useful apps) linked to Marcher malware (a combination of banking Trojans and phishing — fraudulent emails that entice personal information). The Marcher malware impersonates legitimate apps to victimize millions of Google Play users. These same users may be downloading a fraudulent app one minute and uploading corporate data the next.

In addition to managing security threats, BYOD can also mean additional tasks and responsibilities for IT departments — for devices they do not own or officially control. This brings a new level of complexity to IT functions and concerns such as help desk support, regulatory compliance, provisioning, asset management, data privacy and more.

Keys to effective BYOD

For BYOD to be effective, policies need to be developed and deployed that support productivity, enforce security and operate efficiently to meet business requirements.

There are software technologies that can help.

Enterprise Mobility Management (EMM) and Mobile Device Management (MDM) solutions can help enroll users and enforce secure BYOD policies, such as identity management and authentication procedures. Unified Endpoint Management (UEM) has evolved to enable IT organizations to consolidate disparate programs for provisioning, securing and supporting mobile devices into a single solution. UEM can survey and report on devices enrolled with an IT department, and provide a single, dashboard view of their management. UEM solutions are also incorporating artificial intelligence (AI) technologies to surface anomalies in vast amounts of data and recommend actions to remediate malware and other security incidents.

Even with AI-powered software, effective BYOD is an elusive challenge, and IT organizations will need to consider help from services providers as well, according to analyst IDC (PDF, 658KB):

“As enterprises undertake or expand mobile deployments, they will need to get their arms around which deployment choices and which suppliers work best for them. Most enterprises will not be able to keep pace, nor will they have the technology, staffing, and processes in place or the ability to capitalize on mobile assets to deploy and optimize a mobile strategy to its full potential. As a result, IDC believes that the need for external IT services that can help enterprises plan, build, integrate and manage their mobility initiatives will grow in importance.”

10 Guidelines to help plan and implement effective BYOD

  1. Create policy before procuring technology by looking at key questions and factors — and considering all the key mobile players. What devices will be supported — or not? Who will pay for the data plan? What are, if any, the compliance issues of that data? What are the privacy implications for company and employee? Each organization will have their own questions and ensuing policy decisions
  2. Find the devices that are accessing corporate resources with tools that can communicate continuously with an email environment and detect all devices connected to the network.
  3. Enrollment should be simple and protected and configure the device at the same time. In a perfect scenario, users follow an email link or text to a profile on their device, including an Acceptable Usage Agreement or AUA for network access.
  4. Configure devices over-the-air to avoid further help desk requests. All profiles, credentials and settings should be delivered to the device. This is also an opportunity to create policies to restrict access to certain applications and generate warnings about data limits.
  5. Help users help themselves by enabling self-service for functions such as PINs, passwords, geo-location and device wiping.
  6. Keep personal information private by communicating privacy policies to employees and providing settings capabilities to disable app inventory reporting and location services.
  7. Separate personal information from corporate data by making sure an MDM solution can selectively wipe corporate data should an employee leave and provide the option to wipe the entire device should it be lost.
  8. Manage data usage by setting roaming and in-network megabit limits and customizing the billing day to create notifications based on percentage used.
  9. Continually monitor and address devices for noncompliance by looking for activity like “jailbreaking,” where a user may attempt to get paid apps for free; use SMS to notify of any non-compliance before hitting the wipe button; and work
  10. Enjoy the return on investment (ROI) from BYOD by examining costs associated with shifting mobile device costs to employees such as device purchase, subsidized data plans — and include the costs of mobile device management solutions and services.


Creating a successful BYOD experience

Implementation of a BYOD strategy may not be as easy as you think. Read about some of the challenges and how to overcome them.

BYOD Joins the Mainframe Party

Visit IBM Developer for mobile application development and get the tips, tools and techniques to integrate mobile in the workplace.

Android Enterprise BYOD Enrollment

A quick demo of Android Enterprise BYOD (formerly known as Profile Owner or PO) enrollment

Gartner: IBM named Magic Quadrant leader

For the 6th consecutive year based on its ability to execute and completeness of vision, IBM was recognized as a Gartner Magic Quadrant leader.


Enterprise Mobility Management (EMM)

Enterprise Mobility Management is a set of services and technologies designed to secure corporate data on employees’ mobile devices. 

Mobile Device Management (MDM)

Mobile Device Management (MDM) solutions can help enroll users and enforce secure BYOD policies.

Managed Mobility Services

Manage, containerize and optimize laptops, tablets, phones and more.

Digital Workplace Services

A single platform to manage and secure endpoints, including personal and corporate-owned devices across iOS, macOS, Android and Windows.

BYOD with MaaS360

Harness the power of AI for unified endpoint management