The Bring Your Own Device (BYOD) movement has morphed from being a “nice to have” to being a “must have” in the enterprise. Gartner predicts that half of employers will require employees to supply their own device for work purposes by 2017.In fact, in 2012, VMware required all of its 6,000 employees to use personal smartphones for work. Fast forward to present-day, where BYOD is so commonplace that the state of California made it a law that all employers have to reimburse employees a portion of their personal cell phone bills for requiring their usage on the job.
While BYOD is convenient for employees, it can also be a nightmare for IT organizations. Moving data across different devices – corporate and personal – increases security risks to the corporate network and can expose sensitive corporate information to leaks. There are a greater number of potential exposures, as employee-owned mobile devices are often beyond the scope of control of internal IT departments. When these devices bypass security controls that are applied to other corporate devices, they can potentially introduce malware to the corporate network. Personal devices that do not have outbound controls increase non-compliance with data privacy laws. As an interesting fact, a recent Gartner survey estimated that one-quarter of BYOD users surveyed have had a security issue with their personal mobile device at work, and only 27 percent of those victims reported the incident.
There are ways; however, to maintain control within the enterprise network while embracing BYOD. It is of key importance to achieve full visibility into the network, after all, Ken Pfeil from Pioneer Investments said it best – “You can’t manage what you are blind to and that creates risk.”
Forescout customers reap the benefits of being able to embrace BYOD while preserving security. For example, our Mobile Security Module lets you manage the configuration of Apple iOS devices. The solution leverages Apple’s built-in MDM API to control most aspects of the device, using Apple’s policy framework, which is built into the iOS 4 and later operating systems, and does not require the installation of an agent on the Apple device. The visibility and control is provided natively from within the iOS operating system, using Forescout CounterACT with Forescout Mobile Security Module. You can directly set the password policy, wipe the data, and many other functions. But, don’t just take our word for it. Check out what our customer, Bremer Bank said in this article in American Banker and in Bank Systems and Technology.