Once upon a time, we all used company-owned devices for work. These were connected to the network and managed by IT. But the world has changed. More of us than ever before are remote workers — and we want or need to use our personal devices for work.
Privately-owned devices, not managed by IT, introduce new security risks. Devices are out in the world, travelling, mobile, and in the homes of employees, exchanging company data on personal devices using unsecured Wi-Fi. And IT departments need strategies to manage the risks.
With COVID-19 and the acceleration of remote working, having a strategy in place is even more critical. COVID caused a very sudden, almost overnight, need for many more people to work away from the office, meaning companies had to work very fast — sometimes at the expense of making the solution secure.
How to manage remote devices — securely
There are two high-level strategies companies can adopt to manage remote working: device management or secure containers. It's not a competition between the two strategies. It's about using the approach that best fits your needs, your users and your devices — and for some companies, a hybrid approach is the best way forward.
Let’s explore the two approaches in more detail.
Device Management explained
Device management essentially means IT manages the endpoint, which could be a PC, workstation, mobile phone, tablet or any other device connecting to the network. Companies usually provide remote workers with necessary devices, which already have the required business software installed. The device is managed from inside the network, meaning IT still has control.
But this approach is expensive for the business. You have to pay for the device. You have to buy software to manage it. You have to control it. You have to think about and mitigate all the risks in all the places.
For the user, device management also has downsides. The device is a business PC. If they want to use it for personal reasons, it probably isn't allowed. And if they change jobs, the computer likely will need returning, meaning if they have used the device for personal use, they might lose personal data or IT management could lock them out.
Users often end up having two devices - a personal device and one owned and managed by the company - as using the business PC for personal use is risky. The alternative to supplying devices is getting people to use personal devices for business purposes. However, this isn't ideal. When companies put device management software on personal devices, they can see who the user calls, what they do, and the apps they install, which is a privacy invasion. So what else can companies do? This brings us to the second strategy: Using a secure container.
What exactly is a secure container?
A secure container is an application installed on a device. The user installs the app on their device and allows the company to control that app — but, importantly, not the device. The secure container partitions the corporate data from the rest of the device. By doing this, IT maintains full control over the data inside the container, while keeping corporate data separate from other (personal) data on the device. This technique prevents corporate data leakage to the device and reduces the risk of data contamination by viruses or malware on the device.
Even if the device isn't secured, unauthorised users can't access the data inside the container. The company controls the container and configures the security settings. They can lock users out after 10 seconds, ask for a PIN code or require two-factor authentication. All data inside the container is encrypted, and data can be wiped remotely. Even if the device is compromised, the corporate data inside the container is still secure.
Secure containers are much cheaper and faster to deploy than device management. But more importantly, it's non-intrusive to other apps or data on the device. Companies cannot view or accidentally delete personal data on devices, which would breach privacy laws in some European countries.
COVID and the remote working surge
Scaling fast has been key to making remote working a success during COVID. If you have a very complex architecture, like with device management, scaling becomes a challenge. It stands in the way of business agility.
With COVID, many organisations already using device management tools wanted employees to use personal devices to enable remote working. But they couldn't, as users did not want their employer managing their device. In many cases, companies were desperate. They already had remote working capabilities, but couldn't scale it up quickly enough. It was too resource-intensive.
Those invested in container solutions could scale-up fasters. It was straightforward for IT to manage, with fewer considerations to bear in mind. And that is a huge advantage for businesses — especially when agility is critical.
“It’s okay, we’re already setup for remote working”
So now we’ve explored the two approaches, you might be thinking that’s all well and good, but you already have a solution in place. But the real question to ask: Is the solution secure? Earlier this year, IT teams had to move astonishingly fast to increase remote working capabilities. COVID caused a mad rush; many companies scaled up without having time to consider all the consequences.
Now, many companies are starting to reflect on their approach to remote working, and think about future-proofing the way they've scaled remote working capabilities. People are now beginning to think, we have done this, but it's complicated or insecure. What can we do to improve?
Ready to find out more? Check out our white paper here: