Having a bring-your-own-device (BYOD) program often reduces costs and improves productivity by allowing contractors and employees to easily access information and communications no matter where they are. However, using personal devices can come with a higher risk of losing or compromising sensitive information. Having a solid data loss prevention (DLP) strategy in place is critical to protecting your company, your employees, and most importantly, your customers.
A large Midwest banking corporation needed a BYOD program, but they faced two key concerns:
- Keeping their data secure, and
- Allowing employees to work on their personal devices without intrusive device control or a burdensome program enrollment
While a mobile device management (MDM) solution would solve the concerns surrounding data security and industry compliance, it would require more management over their employees' devices. Instead, the financial company wanted to focus on a data loss prevention solution that would manage their enterprise applications to keep sensitive financial information secure and in compliance with industry regulations without requiring an overhaul of their infrastructure or an excessive financial investment. They partnered with New Era Technology Alliance to find and implement the right solution that would meet all their criteria.
Our client wanted to control access and security for their applications while minimizing their oversight over the device, and explained their goals to our team. After completing a security assessment, recommended Microsoft Intune's mobile application management without enrollment (MAM-WE) solution and provided them business cases and a roadmap to implement it.
Intune MAM-WE allows them to manage any application that contains sensitive corporate data on almost any device, including employees’ personal devices they also use for work. It also also allows this bank to manage application protection policies to ensure corporate data is protected within the application and not accessed by or shared with any unauthorized person or program.
By choosing this solution over an MDM, our client can maintain control over their data without requiring their employees and contractors enroll their personal devices into a program. This offers multiple benefits to the company, their customers, and their employees, including:
- Saving time and resources
- Offering the bank the flexibility to control corporate data in their applications on non-employee devices
- Protecting sensitive financial and personal information
- Protecting employee and non-employee privacy over their devices
Our team implemented Intune MAM-WE within our client's IT department and worked to define the conditional access for applications. As they deploy the data loss prevention solution company-wide, they can control access and security for their data and applications without having to control and manage hundreds of devices.