BYOD Security: What Can SOTI MobiControl Access on a Personal Device at Work?


In the broadest sense, if your organisation provides you with a device (handset, mobile device, laptop or something else) to perform your role, expectations of anonymity or a right to privacy is low. After all, the device and supporting technology being used is explicitly for work purposes. Employee Paid Devices (EPD) are on the decline as organisations recognise the estimated 11% in cost savings to be realised with a Bring Your Own Device (BYOD) strategy. 

In today’s business world, 67% of employees use personal devices at work as corporate and government entities embrace BYOD mobile strategies. A Mobile Device Management (MDM) console and strategy enables BYOD devices to be used with confidence, especially when employees carry sensitive company information in and out of the office, regularly connect to a range of external Wi-Fi hot spots and are increasingly working remotely. Despite this, only 59% of companies have a BYOD plan in place in 2021, as the main issue around security prevents almost 40% of companies deploying a BYOD plan. 

An MDM console, such as SOTI MobiControl, offers an extra layer of security and protection of company resources, such as email and document access, whilst balancing critical access for users by profile, group (such as job function or department) and device, wherever they may be located. 

Let’s look at two of the core features end users are concerned about access of within their corporation: GPS and personal data. 


By default, SOTI does not collect GPS data from devices. The need for a company to collect this data would likely depend on an employee’s role, and this logic is built into the MDM policy and rollout plan for that group of devices or profile of users. 

For example, if you are working in transportation and logistics (T&L), GPS tracking is essential to update customers on order statuses. But in terms of office workers and tracking where they are, this is generally not a feature that is selected by IT teams nor is it a feature that employees would likely consent to their employer collecting data from, especially not on a BYOD used for work purposes. 

Employees that have a corporate owned device have little assurance to privacy relating to data on their device. However, in all cases, whether it's a BYOD or company owned device, GPS tracking will enable an IT administrator to use SOTI MobiControl to wipe the device of all sensitive information if the device is lost or stolen. This offers huge value to organisations in times of data crisis, especially where customer data or personal information is held on an employee’s device. 

Personal Data 

As with GPS, this is not collected by default with SOTI MobiControl and needs to be configured per company. Data from Facetime, iMessage’s, SMS, MMS and voice messages is of little to no value to a business, and would require a vast amount of resource to collect, store and analyse, which inflates the cost of the project. Organisations would not likely want to collect this data especially as the data would not be business relevant. Text is not often used for business purposes so there would be little business need to collect this data. 

However, application data is of value and allows organisations to drive investment decisions, analyse usage and even the peak times at which they are accessed to help drive greater network performance. Equally, an organisation may wish to restrict access to certain applications if they are deemed a security risk to the network. Adding these applications to a prohibited list in the MDM provides peace of mind for IT security teams and helps avoid costly breaches or ransomware attacks further down the field.  


Three Reasons IT Managers Choose SOTI as Their MDM of Choice in BYOD Environments 

Profiles: Groups of devices may be closed for use outside of a corporate network. Such devices can only be used whilst connected to a secured network with user profiles set up in an MDM providing access to a specific device, with secured access to a range of applications limited to that device for that user. The simple drag and drop functionality in the SOTI MobiControl console makes this easy to manage and updates as organisations require change. 

Lost or stolen devices: Wiping a device if it’s stolen or lost can be a real IT and corporate data sensitivity headache. SOTI MobiControl’s Kiosk Mode allows IT administrators to wipe an entire device in seconds, all from the SOTI MobiControl console. If an application or access rights to an application is required for a specific project timeframe, a group of devices can be auto wiped all together after a specific time has passed. This is useful for time-bound projects and critical sensitive information removal from shared areas. 

Strong relationships and technical integration with global OEMs: User profiles in SOTI MobiControl can be set up according to the company’s main goal for security, whether they are to protect against device theft or to protect a company’s data from being accessed or stolen. SOTI MobiControl works with all leading OEM and hardware providers globally to ensure access and development of hardware and software features can be enabled or restricted on each device. 

For more information or to book a free trial, please contact SOTI.