Office Solutions IT | Blog

Do companies need to have full control over your devices to secure it?

Written by Teng Yew Ang | Sep 6, 2022 2:00:00 AM

Companies take extreme measures to protect their confidential data. And when they have a Bring Your Own Device (BYOD) policy for their employees, there will always be issues regarding lost devices or data security.

So, in cases like a lost/stolen device or if the employee leaves the company, they want to ensure that their app data will no longer exist on the device because of its sensitive nature.

But one problem with this is there can be times that an employee’s data gets deleted along with the confidential data on their computer or phone.

In the case of Microsoft, they only allow companies to control and remotely wipe business applications. This functionality limits a company’s control over your devices. So, in cases of stolen devices or you decide to part ways with the company, they have the functionality to wipe their business applications data and not personal data.

Many are still concerned over the “remote wipe” functionalities of companies for employees’ devices.  Although doing so is not technically against any laws, it somehow oversteps employee boundaries.

That’s why companies need to consider this kind of policy carefully, since it may also affect their data even if they aim to prevent unauthorised individuals from accessing confidential information when the employee leaves the company or their device gets stolen. But only by embracing innovative solutions - either with the help of your internal IT team or a reputable cyber security service provider - you can enhance protection without compromising user independence.

What your employer can see on your device

It’s important to know that your employer can’t see your actual data once they enrol your device under their Microsoft platform. However they do see information about the device, such as its model, manufacturer, and operating system. This information will be visible to your employer’s IT team, specifically the administrators and people with sufficient access. 

Here’s a list of what your employer can see on your device:

  • Device Information
    • Owner
    • Name
    • Model
    • Serial Number
    • Manufacturer
    • Operating system and version
    • International Mobile Equipment Identity (IMEI) number
  • Work and school app inventory (for personal and corporate-owned devices)

Here’s a list of what your employer can’t see on your device:

  • Emails
  • Text messages
  • Phone numbers
  • Contacts
  • Browsing history
  • Call history
  • Photos and videos
  • Locally stored files
  • Apps
  • Calendar
  • Usernames and passwords

Higher security risks you need to consider

Devices are always at risk of theft and misplacement, whether it is personal or corporate-owned. And the risk goes up when you carry around your device in and out of the office. Lost and stolen devices are one of the primary causes of data breaches. And your data will be easily accessible through an unlocked laptop or an unencrypted external hard drive.

If a company has a BYOD policy, they have little to no control over their employee’s devices. They have no say in who can use it, which leaves the device highly at risk of phishing and malware. They also have no control over confidential information that gets leaked through various means.

That’s why companies implement various protection methods and policies to keep their data safe, which, according to Time Doctor, typically includes mobility, device, and application management.

What you can do to increase your device security

If your device gets lost, stolen, or held for ransom, your data is as much vulnerable as your employers. And you should have these solutions in place to secure your and your employer’s data.

1. Use long and unique passwords

One of the best ways to prevent anyone from gaining access to your computer or accounts is to use long and unique passwords throughout your devices.

If you are someone who has trouble remembering passwords (especially long and complicated ones), you can always use the help of a password manager to secure all your passwords for you.

2. Routinely backup your data

It’s not just companies who are liable for data loss, so are you. And to prevent that from happening (whether you were hacked, or your data got included in your employer’s “remote wipe” policy), you need a reliable backup strategy where you can quickly restore your files and data without issue.

3. Use anti-virus software

Just because you’re not using a company-owned device doesn’t mean it’s not vulnerable to a data breach. And one of the best ways to prevent that is to use trusty anti-virus software that can detect malware when present.

4. Be up to date with your cyber security education

Security awareness training isn’t just for business data safety. It’s for your safety as well. And since it is your device, you’re 100% for keeping it safe from bad actors. One of the best ways to do that is to know the latest scamming tactics and the best ways to spot and fight scams.