This blog series explores the challenges of enabling unmanaged devices without putting enterprise data at risk. Read part 1 to learn how to enable endpoints that are not on the corporate network. This issue discusses the challenges when granting unmanaged or BYO devices access to corporate resources.

At first, BYOD seemed like a great option; businesses don’t need to pay for an endpoint that might get broken or lost, and workers can use a familiar device of their choosing. However there are hidden security issues and end user challenges that need to be confronted.

The concept of BYOD started in the mobile sector. Traditionally companies have always provisioned equipment, standardizing, securing and configuring inline with corporate compliance. But employees don’t want to be responsible for two devices nor do they want to use a device that likely pales in comparison to their own.

Enabling the use of personal devices for work seems like the obvious solution. The likelihood is, end users are probably already accessing corporate resources from personal devices, with BYOD policies being a reactive measure to employee-led BYOD adoption. Successfully providing personal devices with access to corporate applications can be as important as enabling corporate devices.

The efficacy of an access solution for end users is based on three factors:

  1. Accessibility – users may need to use different types of endpoint to be productive.
  2. Usability – to avoid bottlenecks, users need tools to be easy to use.
  3. Connectivity – users may need access to resources over any type of connection.

These factors apply in nearly every use case, we will explore them through these common roles and use case examples:

  • Salesperson – While on the way to present to a potential client, a salesperson may use their laptop to put the final touches on a proposal. During the meeting, the salesperson may receive some technical questions and quickly communicates with sales engineers via the business instant messaging tool on their phone while their laptop is displaying the presentation.
  • Mobile technician – On the road, a mobile repair person will use their mobile device for navigation and correspondence with the main office. Once they arrive at a site they use their tablet to access manuals on the company database. When the work is done, they create an invoice using a webform.
  • General manager – Late at night, while at home, a general manager may receive an urgent email on their phone, reading it they open their laptop to access some reports to send with a reply.


Access to corporate resources needs to be provided through a range of different endpoint form factors and operating systems. Mobile phones, tablets and laptops all have different advantages and use cases. For example, no one wants to write up a report on a smartphone, it’s impractical, whereas you wouldn’t want to have to go through the rigmarole of opening your laptop on a packed train to check an email from your boss.

In the use case examples above, without the ability to use different devices, the salesperson may have been left with a clumsy presentation or not been able to contact the internal team, putting the bid at risk. The technician may have had to struggle with their mobile phones small screen and been unable to quickly create an invoice, resulting in slow work and delays getting payment for the work. The general manager may have not seen the urgent email, this delay could impact important decision making or business operations.


To successfully enable an endpoint the end user experience must be seamless. Slow and unintuitive tools, like many VPN clients, inhibit end users’ productivity unnecessarily and even result in abandonment on some device types, even though access to corporate resources has been enabled on them.

Waiting for an access tool to create a connection and enable the instant messenger could mean the salesperson can not answer the technical question quickly, and instead must switch back and forth between applications on their laptop, breaking the flow of their pitch. Being unable to easily access on a mobile operating system means the mobile technician must instead use a laptop, which is power hungry in comparison to their smartphone and runs out of battery frequently meaning they must find places to charge it, disrupting their workflow. Without the ability to access reports, the general manager must leave the time critical email until the morning or drive back to work to send them. When usability suffers it is not unusual for shadow IT practises to be adopted, with 87% of senior managers admit to regularly uploading work files to a personal email or cloud account.


In BYOD use cases, the connectivity method can not be assumed, the user could be at home connected to their broadband, they might be on public Wi-Fi, or even on a cellular connection or tethered to one. Access tools that are not versatile enough to cope with these different scenarios will be ineffective in providing the needed security, as the user will be unable to access the business tools they need.

If a salesperson is connecting to a corporate resource via the client’s Wi-Fi, the IP address of their access request may not be recognized, resulting in access being denied and the salesperson being prevented from using business tools. The mobile technician using a cellular connection must frequently wait while the access tool reconnects, slowing down their work, decreasing their efficiency. The general manager struggles to download and send the large reports over their home connection and their reply is delayed as a result.

The Wandera Security Cloud

As mobile security specialists the Wandera Security Cloud was designed to enable end users in all scenarios. The Wandera Security Cloud can support all endpoints regardless of form factor or operating system, provides seamless operation with features like silent step-up authentication, and utilises advanced network protocols to provide end users access regardless of their connection. To learn more about Wandera Security Cloud and how it can help your businesses please get in touch with one of our experts.