One of the biggest challenge in BYOD is to keep company’s data secure and isolated from user’s personal data. You need to preserve user’s privacy while maintain corporate information available and secure in the same device. EMS leverages Azure RMS capabilities to provide data classification and protection, which means that even if the data is located at the user’s device it can still be protected. Below you have an example of a BYOD Template created to restrict access to documents:
The BYOD Policy above is very restrictive and it will only allow users to view the content of the document:
You can also leverage Microsoft Intune to create a custom policy and enforce device encryption as shown below:
While creating a custom policy at Microsoft Intune you can also leverage some other options available to assist you to mitigate potential data leakage, such as (but not limited to):
There are many other settings that you can use, however the restrictions that you add may impact user’s productivity, therefore you need to evaluate each option and how these options will impact your user to get his work done. Make sure to read our BYOD Design Considerations Guide (https://aka.ms/byodcg) for more information regarding important considerations while planning you BYOD strategy.
I would like to take this opportunity to also announce that my friend Jeff Gilbert and I are working in the first EMS Book to be released by Microsoft Press. The table of contents of this book is available below:
We are going to work hard through this holiday season to get this book done so you can have it in the first semester of 2015.