3 Reasons Government Should Rethink Using Mobile Device Management For BYOD

There doesn’t seem to be a middle ground between government-grade security and end-user happiness with MDM in BYOD. Rather, a completely different approach is needed in this situation.

Government agencies and their employees like BYOD because it gives employees mobile access to work email and documents, on their favorite devices, without having to allocate IT funds for hardware.

Mobile device management (MDM) solutions have been touted as the simplest, most cost-effective way to reduce security threats from BYOD phones. Yet many government IT pros who’ve deployed MDM regret what was supposed to be a cost-cutting measure once they realize all the tradeoffs they’re making, including in the area of security.

Here’s three reasons why BYOD and MDM simply don’t go well together in government.

Check out this insightful post from Inside BlackBerry Blogs'  on why some Governments should really rethink ssing MDM For BYOD situations:

MDM Is a Great Solution for Some, Not All

MDM does exactly what the name says: it manages a mobile device through commonly provided APIs, with a single policy for personal and work use of the device. But it’s not the device that cybercriminals and spies are after: it’s all the data on that device that they want, including behind-the-firewall data accessible from the applications on the device.

Since MDM manages your device as one security perimeter, it fits use cases where there is one owner of data: a corporate-liable device either as COBO (corporate-owned, business only), CYOD (choose your own device), or even COPE (corporate-owned, personally enabled). It treats the whole device as part of the corporate policy (albeit relying on native device security), with no differentiation between personal and business data, applications, and perimeters.

In BYOD, however, users will complain about having to enter your mandated complex enterprise password just to answer a personal text or play a game on their phones. The great benefits of two-factor authentication for access to work apps will be offset by all the inconvenience for personal use. Also, if a BYOD user unlocks the device just to let a friend or family member make a quick call, you will find your corporate gates open and your security exposed.

With MDM, you’re also relying heavily on device-level security, so if users are bringing a mix of Android, iOS, BlackBerry, and other devices, you end up with a complex and uneven security posture and increased security risks or costs to manage your mobile security.

There doesn’t seem to be a middle ground between government-grade security and end-user happiness with MDM in BYOD. Rather, a completely different approach is needed in this situation.

Dual-Owner Dilemmas

MDM can’t address the fact that there are two owners of data in a government BYOD scenario: the user owns personal data, and the agency owns the work data. Each type of data has different requirements for security controls, privacy, and usability, and by putting a barrier around the entire device, there’s no way to separately meet those requirements.

... (article continued in source link below)

 

Read The FULL Article By Clicking Here