Mobile endpoint security: What enterprise infosec pros must know now
A comprehensive collection of articles, videos and more, hand-picked by our editors
There's a new debate when it comes to enterprise mobility: BYOD versus COPE.
It seems that the bring your own device (BYOD) trend isn't panning out the way some people had hoped. BYOD brings with it a number of security and manageability concerns. When mobile devices don't belong to the enterprise, workers use them for whatever they want, and it's nearly impossible for IT to police.
COPE, or "corporate-owned, personally enabled," promises to clean up some of the mess that BYOD has created. The COPE model offers businesses a new way of acknowledging and embracing consumerization by giving some control back to IT without depriving users of devices that make them more productive.
First, there's the corporate-owned part. In the COPE model, workers use devices issued and sanctioned by the organization instead of using their own devices for work. Though that idea may sound like a throwback to the thumbscrew days of IT domination -- one of the things BYOD seeks to eradicate -- the personally enabled qualifier means IT loosens its reins a bit. With COPE, employees can use corporate devices for personal tasks. Workers can post, text, tweet and launch cartoon birds to their hearts' desire.
Evaluating BYOD vs. COPE
Many consumers love their smartphones and tablets, and that's probably not going to change anytime soon. According to a 2013 Consumer Electronics Association study, the annual rates of smartphone and tablet sales are increasing faster than those of any other household electronic products. So in love are consumers with their gadgets, they gladly tote them into the workplace.
Many organizations have embraced the influx of electronic devices and tried to accommodate them as best as they know how, appeasing gadget-gathering workers who want to choose the devices, apps and services that best meet their personal and business needs. Some companies have seen happier, more productive workers and cost savings. Other organizations have been so pleased with their BYOD programs that they subsidize employees' mobile habits.
BYOD vs. COPE
Part 1: A corporate ownership comeback?
Part 2: The challenges of the COPE model
But at its most untamed, BYOD leaves IT to manage and control a chaotic mix of apps, services and device types, forcing administrators to find ways to ensure compliance and data security. There have been great improvements in the area of BYOD management, but security still remains an immense concern.
The COPE model aims to ease some security concerns by making it easier for IT to monitor and protect devices, because they're corporate-owned while still offering many of the benefits of BYOD. With COPE, employees can still select the devices, services and apps they want to use, but IT gets to limit what those choices are, how they're implemented and the cost thresholds associated with them. Rather than trying to carve out a space on a personal device for secure data and device management -- as IT would with a secure container or dual persona technology in a BYOD scenario -- COPE lets admins create space on a fully managed device for personal uses.
The COPE model can also help IT work within legal and regulatory parameters. For example, some European countries prohibit companies from wiping data on personal devices; if an employee loses a device, IT can do nothing to prevent sensitive data from being compromised. COPE eliminates this concern because the device belongs to the organization, so IT has every right to remotely wipe it if and when such action becomes necessary.
Organizations can also install management software, apply patches and enroll the devices in MDM systems more easily under COPE. This model also puts organizations in a better position to negotiate service contracts, pool minutes, buy devices in bulk and reap other cost-saving benefits. Companies can even determine which devices, services and apps they'll support. Although BYOD programs might provide these types of controls to a limited degree, IT still has a difficult time preventing workers from using services and apps that could compromise devices and line-of-business applications.