MDM 'not suited' to pure-play BYOD
MDM solutions too invasive for most employees, more suited to corporate devices, says analyst
Mobile device management (MDM) solutions are not that well suited to BYOD programmes, as many employees find the capabilities of these offerings too invasive, according to Richard Absalom, senior analyst at Ovum Research.
Speaking at the Aruba Networks Atmosphere conference in Italy today, Absalom said that because MDM solutions can effectively monitor every activity on a mobile device, users bringing their personal devices to work are wary of allowing MDM clients on thier smartphones or tablets. He pointed out that, if the user is not properly informed of MDM use on their devices, it could even result in an internal lawsuit.
"With these solutions, you're able to monitor and secure and lock down devices, you can track and monitor all the activity on the device, and you can even have GPS tracking. That's pretty basic, and what most IT organisations want as a starting point when it comes to MDM," he said.
"The real drawback for MDM is, if someone is bringing their own device to work and you put a client on it that can monitor and delete information, people don't like that. They don't like the idea of it."
Absalom explained that, if a company did want to monitor employees' personal devices at work, it should be explicitly written in a corporate contract. If an invasive MDM client is placed on a employee-owned device without their knowledge, he said, it could result in a lawsuit.
"It's essentially illegal throughout the world; you can't do that without fully informing people that the software is very powerful and that it has all these capabilities," he said.
Absalom added that, while there were certainly benefits to MDM solutions, they were much better suited to what he called COBO (corporate-owned, business-only) devices. This way, he said, the employee would be clear over what the device should be used for, and what monitoring tools the organisation would be deploying.
On the question of mobility in general, Absalom said that enterprises should be looking at adopting one of three various mobility programmes. For high-security organisations, the aforementioned COBO would be most suitable, he said, while BYOD could be applied to employees who do not have access to overly sensitive information. The third option he suggested was CYOC (choose your own device), whereby organisations provide various choices for which devices employees can use, provide the device, and allow the employee to use it for both work and personal purposes, with certain provisions.
According to Ovum research, the idea of CYOC is very popular among non-IT employees, though only some organisations will commit to such an idea as it will require thinking about mobility as a strategic investment, Absalom said.