I'm currently implementing Mobile Application Management (MAM) in my organization, and while it's going fairly well, navigating the various complexities and different use cases is quite challenging. I'd like to know: what solutions are you using to secure your Bring Your Own Device (BYOD) users? Also, are there any alternatives that might be better than Intune?
5 Answers
Just a heads up, while MAM handles data protection on devices, it doesn’t secure user identities. Users can still authenticate on potentially compromised devices, which is a risk you need to consider.
If you're an MS shop, MAM is pretty solid. However, I’m curious to know what's causing issues for you with Intune. It seems like an all-or-nothing situation—you either need MAM or full device enrollment.
For mobile devices, MAM is a suitable solution as it encrypts and encapsulates required apps with some user safeguards. But if you’re considering BYOD for desktops, I’d recommend looking into a Virtual Desktop Infrastructure (VDI) solution instead.
Honestly, we don’t allow BYOD at all. All devices—whether laptops or phones—are provided and managed by the company. This way, we can standardize our approach and keep things manageable with the appropriate support.
It really depends on your organization’s size and culture. The safest route is to prohibit BYOD. However, for smaller businesses or those embracing hybrid work, you might want to explore more flexible options.
I’m struggling with user compliance and device security violations. Keeping track of everything from a management standpoint seems tough.