Secure work environments, containers, and identity management tools address the issues that arise when employees use the same devices for personal and business purposes. These technologies have been able to give CIOs the peace of mind they need to open more apps for their mobile users, but they’re not for everyone.
Privacy and legal issues make it difficult to use handsets for both personal and business purposes, in chilly organizations and in highly regulated industries such as aviation, financial services and healthcare. For these reasons, a significant proportion of workers still carry separate mobile terminals for their personal and professional use. And many of them would like to do without their second smartphone.
This leads directly to devices with dual personality: an attractive alternative to separate personal assets from professional assets in the same device. This technology makes it possible to provision and maintain two discrete and autonomous user environments on a single device.
For a job, having a personal device while having access to its business applications is very attractive. And the isolation of the business environment ensures there is no risk of business data leakage to personal applications. Add to this shared billing and organizations can make sure they only pay for voice and business data.
Rules too heavy
Business lawyers are just beginning to understand the legal ramifications of the combination of personal and business tasks on the same terminal, and the responsibilities that may be involved in the absence of appropriate rules. BYOD policies that do not address specific restrictions related to cloud services or ways to access the internal network are no longer sufficient.
Organizations need to enforce the use of strong passwords and encryption, require their employees to immediately report theft or loss of devices, and reserve the right to lock or erase remotely compromised devices.
These policies should also include statements emphasizing that employees should not expect any form of privacy with respect to company data on their device, or personal data transmitted via the company’s network. business, like e-mails. Obtaining employees’ consent to monitor the data they store, transmit or receive on the device is also common. But such rules may be difficult to accept for employees using their own devices.
Dual-personality tools provide an attractive way to manage the duality between personal and corporate data, but large deployments of this technology have been limited. It seems more suitable for enterprise-owned device deployments, where organizations have the right to implement the security policies they feel are needed. But even there, it is not sure that employees choose to use the personal device.