BlogData Security in a BYOD World


IT departments continue to struggle with unmanaged devices that employees bring to work and connect to their corporate networks. In particular, data security is one BYOD concern, and for good reason. IT departments usually can’t test every type of mobile device to determine if it’s up to par in terms of their organizations’ performance and security standards.

Virtualization technology, particularly VDI, doesn’t always translate well into mobile environments either. Generally, the applications aren’t optimized for touch interfaces, resulting in a less-than-ideal user experience. Also, not all mobile devices support the same VDI clients, so administrators have to manage multiple client-based access apps on the endpoints.


A critical component of a BYOD—or any mobile device reference architecture—is Mobile Device Management (MDM). MDM offers a view of devices on the network in terms of attributes, capabilities, and constraints. MDM allows IT departments to monitor how employee-owned devices actually function in the enterprise environment.

With MDM solutions, administrators can address the diverse set of endpoints simply by sending emails, text messages, or URLs to users. When users click on the URLs, they automatically get their devices configured for access. They don’t need to worry about downloading the right applications, entering the right settings, or encountering any setup issues.

Unfortunately, some applications just don’t work well in a smartphone/VDI-only type environment—like office productivity suites, for example. In these cases, administrators must use MDM to push out and configure specific mobile applications functioning in the users’ environments. This process uses the same push methods described above and requires no user interaction. In fact, it’s sometimes called the ‘zero touch’ method because users don’t need to know anything about their environments. To get their devices configured, users simply open the links their administrator sends them, and then they submit their usernames and passwords when prompted.

Ultimately, IT departments are using VDI to handle application security and user context, while using MDM to manage device provisioning and user settings. It will be interesting to observe and help shape this balance as BYOD and mobile productivity continue to ramp up.

Photo credit to Billy O’neal.

About the Author

Dustin Smith

Dustin Smith, Chief Technologist

Throughout his twenty-five year career, Dustin Smith has specialized in designing enterprise architectural solutions. As the Chief Technologist at ASG, Dustin uses his advanced understanding of cloud compute models to help customers develop and align their cloud strategies with their business objectives. His master-level engineering knowledge spans storage, systems, and networking.