Managing Employee Owned (BYOD) Devices
  • 14 Jan 2025
  • 4 読む分
  • PDF

Managing Employee Owned (BYOD) Devices

  • PDF

The content is currently unavailable in Ja - 日本語. You are viewing the default English version.
記事の要約

The smartphone market share has been growing steadily each quarter, giving consumers a wide array of options. As a result, your employees are likely to own high-end smartphones and may be reluctant to carry an additional phone for work purposes.

In such cases, it is crucial to allow them to use their personal phones for accessing work data, while ensuring corporate data remains secure and the personal user experience is unaffected. This article will guide you on using Scalefusion to manage both employee-owned and personal devices, supporting your BYOD strategy.

Privacy Safeguards

  1. User disclosure: To ensure employees understand the management software's or profile's effects on their devices, Scalefusion MDM mandates obtaining their consent through a Terms of Use policy during enrollment. This ensures employees are informed about what data will be monitored or accessed and how it will be handled. The IT admins are advised to list a proper disclosure of the terms of use policy.

  2. Protecting Identities: To safeguard employee privacy, Scalefusion provides compliance checks. IT Admins can selectively gather and display essential device information while opting not to collect sensitive personal data like location. Users can choose to exclude from tracking device location information. IT Admins can also disable remote commands for remote troubleshooting.

  3. Safeguarding Data: To safeguard identity data, the information collected from devices is exported from the server with masking or encryption to prevent unauthorized access. When an employee departs from the organization, all data collected from their device stored on the server, except for the username, is deleted. Scalefusion offers multiple authorization modes for technicians accessing the Scalefusion server, and all activities performed on the Scalefusion console are logged to prevent unauthorized actions.

  4. Secure Remote Actions: To execute commands remotely such as remote view, Scalefusion mandates user acceptance of session invitations. Consequently, IT Admins cannot initiate a remote view session without user intervention. Similarly, remote actions like wiping are limited to the device's corporate data. This ensures that IT admins can remotely wipe only corporate data, leaving personal data unaffected in the event of a lost device or employee departure from the organization.

    Scalefusion offers controls over permissions and data collected from end users' devices, as well as how it's utilized. The deployment of Scalefusion MDM in your environment is determined solely by the IT Admin, based on the organization's security policy. Scalefusion does not take responsibility for policy implementation. Users are requested to contact your IT Admin to learn about your organization's security policies

Essential elements of a BYOD Policy for safeguarding data privacy

Key features of a BYOD policy to ensure data privacy include:

  1. Containerization to separate work-related data from personal data on employees' devices.
  2. Mandating strong authentication methods like complex passwords or biometric verification for accessing work applications and data on personal devices.
  3. Data encryption on personal devices to protect sensitive information from unauthorized access or breaches.
  4. Ability to remotely wipe only work-related data from a personal device if it's lost, stolen, or when an employee departs from the organization.

In this guide, we will explore the various features Scalefusion offers for managing employee-owned devices. Click on the links in each section to access the relevant help documents.

Overview

To start managing employee-owned devices as an admin, you have to complete some steps on the Scalefusion Dashboard. These are,

  1. Android for Work Setup
  2. Updating Organization Info
  3. Creating a BYOD Profile
  4. User Management
  5. QR Code Configurations
  6. Inviting the Users

On the device once the employees start enrolling their devices, an Android Work Profile is created. A Work Profile is a secure Android container that makes sure that the data from the work apps is separate from the personal apps and stored in separate encrypted storage. The work apps will start showing a briefcase icon indicating that they are work apps. Scalefusion client provides a unified Workplace, which can be used as a quick place to interact with the work apps.

Feature Support

FeatureDescription
Android for Work SetupThis is the common step to effectively manage your Android 6.0 devices and above. This requires a G-Mail account (non-G-Suite) for your organization and some easy steps on the Scalefusion Dashboard. If you are using devices less than Android 6.0 or you are using devices that are not Android Enterprise ready, then you can skip this.
Organization InfoUpdate your organization information like name, contact numbers, support emails, and Terms of Use, which will be used once your employees start enrolling their personal devices.
Personal/BYOD Profile for Android DevicesBYOD Profile is a Scalefusion entity that allows you to group your policies like application policy, a special password for your work apps, compliance rules, and a bunch of settings.
User ManagementStart adding/importing users that can enroll their personal devices. Additionally, send invites to them to enroll and control how many devices they can enroll.
QR Code/Enrollment ConfigurationsOnce you have created a BYOD profile and added the users, it is time to create an enrollment configuration. You can use these configurations to invite users in bulk.
Enroll a Personal DeviceLearn how to use the invite emails and enroll a personal device. You can share this document/video with your employees for smoother onboarding.
Device Password PolicyEnforce enhanced security on personal devices. Devices by enforcing a device-level password. This ensures that your corporate data is secure, even if the device is left unattended or stolen.
Application ManagementLearn how to search and distribute applications directly from the Google Play Store. If your organization has private enterprise apk's, Scalefusion offers an enterprise store where you can upload your apk's and publish/install them on Android devices.
Control Permissions for ApplicationsThis guide explains how you can control application permissions at a global level and at an application level.
Application ConfigurationsYou can remotely configure an application that is distributed from Scalefusion's Play for Work apps. This may include remotely configuring the Email or setting up Chrome usage policies.
Configure Exchange ActiveSyncIf your organization uses an Exchange-based email server, then you can use Scalefusion to configure the devices with your Exchange settings.

この記事は役に立ちましたか?