BYOD (Bring Your Own Device)

Top 10 BYOD Pitfalls

With more business being conducted on smartphones and tablets than ever before, IT departments are seeing an increasing amount of software being downloaded onto employee owned devices. The shift to Bring Your Own Device (BYOD) and provisioning the best supporting infrastructure presents several challenges for companies. IT professionals are now faced with growing pressure to integrate employee mobile devices into existing policies, network, and regulatory frameworks.

In light of this rapidly growing trend, the IBM MaaS360 customer platform services team has identified the top ten pitfalls and the necessary solutions that IT professionals should be implementing when adopting a BYOD programme for a new mobile workforce.

Top 10 BYOD Pitfalls

  1. Not communicating with employees – Without open communication with employees, no BYOD programme can be successful. A BYOD rollout should flow downhill. Executives should enroll their devices first, communicating the capabilities and privacy features before deploying throughout the organisation. That way, employees are aware of what the solution can actually do before they are using it themselves, and see that the management team is committed to implementing BYOD.
  2. Not enforcing passcodes on devices – Today’s BYOD devices house all sorts of sensitive corporate data. Documents, emails and more are all susceptible to being lost or stolen if the simple step of setting a password is not taken. Although it seems self-explanatory, many companies overlook this key step in making sure a BYOD program is successful. Once devices are enrolled, be sure to enforce passcodes with a relatively high level of complexity to keep that corporate data safe from prying eyes.
  3. Not protecting ActiveSync – Most mobile devices on the market today have ActiveSync enabled. There are certainly benefits to the service. The problem lies in the fact that IT administrators have limited control and insight when it comes to ActiveSync. If a device is lost, for example, administrators have to rely on employees to tell them, giving thieves plenty of time to access sensitive corporate data. With an EMM solution, administrators are enabled to manage devices in the cloud, auto-quarantine devices and approve or block devices in the cloud.
  4. Not managing email profiles – Consider this one the ghost of email profiles past. Oftentimes, email profiles remain active even after an employee leaves a company, leaving sensitive information exposed. To combat that, most administrators are faced with completely wiping devices. With an EMM solution, however, administrators are able to configure and manage profiles, meaning they can selectively remove the profile from a profile device without touching the other information on the phone.
  5. Not enforcing encryption – Even with a passcode enabled on a device, intruders can still get in. Encryption exists to protect data in that case, but unfortunately many companies do not take advantage of it. Thankfully, there are various encryption options for IT administrators to consider, whether it’s the whole device or just a corporate container.
  6. Not providing education/training to end users – Organisations today are sensitive to users that do not choose to enroll in EMM for privacy reasons. Unfortunately, administrators stand to gain important insight from some of the most sensitive tools, such as keeping lists of downloaded apps and keeping track of the location of a device. The key here is to communicate openly with employees and let them know what is being tracked and to allow them to opt out if desired.
  7. Not setting minimum requirements on OS versions – With new operating systems coming out what feels like every day, employees are sometimes behind the curve when it comes to downloading the latest version for their BYOD devices. This is bad news for employers, as older versions may have vulnerable apps or information, making any older device a weak link. To combat this, administrators need to be able to monitor and enforce updates, and be able to employ tactics like blocking emails if devices are not updated.
  8. Using the same Apple ID for everyone – This happens more often than you would think, even though Apple urges against using the same Apple ID for multiple people or devices. However, some organisations still do this, making it difficult to identify devices and control app purchases. Administrators need to enforce separate IDs for each user, and should push apps to individual IDs.
  9. Not restricting corporate data flow – Whether administrators like it or not, employees use data sharing apps like Dropbox in the majority of organisations. Even if the app is managed, employees are still able to transfer internal information. The key here is to integrate fully with a container based approach where content is directly pushed to a container app on the device that can be controlled by restrictive policies. That way, administrators can remove corporate content on-demand from these devices without having to worry about data leak.
  10. Not doing due diligence when considering BYOD  – Many organisations don’t take the critical step of figuring out why they need BYOD before they implement it, and don’t consider how employing a management solution will affect the current state of things. Therefore, many groups are surprised when old capabilities are suddenly blocked. Administrators need to be sure that EMM is meeting needs and not impeding them, and evaluate and identify the requirements of workers before moving forward.

As mobile threats evolve, enterprises should continually review their security policies and features to ensure they’re staying one step ahead of the game. By implementing the right EMM solutions there should no longer be a barrier to mobile working.


By Kumar Ananthanarayana, the Senior Customer Success Manager at Fiberlink’s IBM MaaS360 customer platform services team


« A New World Wired by the Internet of Things


How to Keep Your Global Tech Workforce Engaged »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?