Can IT COPE with BYOD? Apparently Not!

By Rob Patey 

In our acronym-happy world, Corporate Owned Personally Enabled (COPE) is simply a new way of saying  “mobility as it has always been.” Basically, the company owns the employee’s phone and decides exactly what is and is not permitted on the device. From apps to encryption, IT makes the majority of the rules. While some personal freedom exists for the employee, the limitations are greater than the liberties.

Bring Your Own Device (BYOD) is the upstart concept that gained notoriety when tablets hit the scene, smartphones got smarter with connectivity to corporate resources like email and Wi-Fi, and data plans became infinitely more affordable. While many companies showed boons in productivity from BYOD, security concerns and support of multiple mobile operating systems caused much consternation for IT.

Mobile Device Management became the great mediator in this debate. With MDM, IT finally had the ability to identify the devices connecting to resources and then apply policy rules to rein in any rogues on the network. Technically speaking, with MDM in their arsenal, IT could apply controls on email and apps to BYOD devices as easily as they could to devices they procured for employees. But that’s technically speaking. Persnickety little things like freewill and the mantra of “not on my device” has apparently left many BYOD devices far more open than their COPE counterparts – and now we have the data to prove it.

BYOD Freedom

Fiberlink recently pulled data on their security policies to see whether BYOD devices were being held to the same security standards as corporate owned hardware. As you can see from the chart below, BYOD workers retain far more personal liberties with their devices.

Again, while it’s technically possible to impose the same rules for all devices, many organizations still respect their employees’ ability to make sound choices with their own devices. Now, with personal liberty kudos out of the way, we can ask whether IT is making the right choice in this regard.

Security and control are issues that must be examined industry by industry and company by company. While certain tenets like email encryption should be applied across the board, other facets of mobility like apps, YouTube access and cloud file sharing get a bit stickier. In highly regulated industries like finance, healthcare and government, access to applications like Dropbox should be a concern on any device. However, for an SMB working on a lean IT budget, Dropbox becomes a must-have to keep the business growing and information flowing amongst employees. Likewise, with YouTube and other apps, restricting marketing access is a serious impediment to employees’ jobs as they look for inspiration to create campaigns. Folks in finance though, could probably live without access to a million silly cat videos.

As the data shows, COPE is still a more secure option, but that’s a cultural choice versus a technological imperative. At the end of the day, you need to decide what is right for your business and your employees’ well-being and productivity. Whether you choose a more stringent or more lax approach is up to you. Just know that MDM solutions are available to accommodate the security and control you need along whichever path you choose.

COPE-BYOD Infographic