In the middle of the last decade, some companies adopted the Bring Your Own Device model, which became known by the acronym BYOD. This strategy encourages employees to use their own devices (laptop, tablet, smartphone, etc.) in the corporate environment. The effects of BYOD soon caught the attention of large companies. Increased productivity, employee satisfaction and resource savings were some of the consequences of adopting the model.
Following the initial success of the BYOD model, criticisms have emerged, particularly with regard to confidential data security aspects. Then came a new conception of device use in the workplace, COPE, for Corporately-owned, personally-enabled. This system seeks to guarantee many of the advantages of BYOD, but with greater control of the equipment. The company provides laptops, tablets and smartphones. They meet user preferences, which can use them for personal purposes (access to private email, social networks, download photos, etc.). However, the devices run under the homologation of the IT area of the company and follow safety standards.
In the case of BYOD, the main advantage is to guarantee the freedom to choose a device. Productivity gains and team satisfaction come as quickly identified benefits. The company, besides the economy regarding the purchase of equipment, takes advantage of having a team motivated and able to work remotely.
The main disadvantage of BYOD concerns security issues. IT staff faces the challenge of dealing with a multitude of devices, operating systems, applications and services. Framing these points in a security strategy that preserves the integrity of sensitive data is a big challenge for CIOs. If for the employee, BYOD represents a great differential, for the IT team the model is cause for concern.
The adoption of a BYOD model requires the implementation of security deployments, with a focus on perimeter and endpoint. In addition, the company must contract specialized services for the security of its systems and, consequently, for the preservation of sensitive information. A BYOD environment, due to the multitude of elements that can be infected by viruses and malware, must have an effective structure to minimize security incidents. In addition, the company must establish policies for the use of technological resources in order to formalize the use of these devices in a corporate environment.
In turn, the COPE model brings a bit more security compared to BYOD. Approval of all equipment and the definition of more consistent safety rules give the model a higher level of safety. Application integration and control can prevent sensitive information from being available outside the perimeter. There is even the possibility of using resources for remote management of files in case of loss of equipment. In this way, third parties cannot access sensitive data.
The COPE model can add two important features. The first one refers to the set of devices, applications, and services that will be used. The other is maintaining the personalization of equipment and content, according to the preferences and needs of the employee.
Even considered as an evolution of BYOD, COPE has some limitations. The biggest one is the loss of freedom for the employee to choose which equipment to work with. Some COPE critics say that the gains in terms of security do not compensate the loss of productivity and, especially in tasks performed remotely, of agility.
Regardless of the model chosen by the organization, the security issue remains critical. Both options still pose risks to the preservation of sensitive corporate information. It is up to the company, through the IT area, to outline strategies that guarantee data integrity and confidentiality, taking into account the adopted model. The established safety guidelines must be constantly evaluated in order to correct possible faults.
Do you want to know more about the BYOD and COPE models? Do you have any questions about this? Contact us or leave your opinion here.