When it comes to outfitting a remote workforce with up to-date, secure computing devices organizations have to take a large amount of factors into consideration. Before the COVID-19 pandemic, IT teams had a relatively standard playbook when it came to distributing and managing computers, but companies going remote-first added new wrinkles to the device management equation. Now, organizations have a variety of options in their toolkits to enable employee success when it comes to devices, each with their own distinct sets of pros and cons. Today we’ll review three distinct models: BYOD, COPE, and COBO. You’ve probably heard some of these acronyms before, but might not know the ins and outs of these device programs. Let’s break them down one by one.
COBO:
A COBO, or corporate-owned, business-only, device program consists of an organization distributing devices that they purchased and are managing, usable solely for business tasks as opposed to personal computing. This, in general, is the most restrictive and I&O work intensive option, with employees sticking to work functions and IT teams responsible for distributing, wiping, retrieving, and managing devices. COBO devices also tend to be the safest devices, as managing DLP policies and security softwares is easier and less invasive on company property. Legally they’re also often attractive to organizations because ownership of the device and all data on it is very clear, as well as avoiding negotiating privacy and data storage regulations, like GDPR.
However, remote work means it’s no longer simple for IT and InfoSec employees to get their hands on devices, making management a more difficult prospect. Employees who need repairs on company PCs generally aren’t invested in those devices if they’re work only, making the process of mailing computers for fixes and upgrades expensive and inefficient. It’s also very hard to restrict personal use without the right solutions, and employees usually end up using devices for personal use anyway. Finally, having corporate-owned, business-only devices means employees will have to constantly carry two devices when traveling, as well as making space on a desk for two PCs.
COBO Pros:
- High level of control for security focused organizations
- Most secure option for device management
- Resolves legal issues around data and device ownership
COBO Cons:
- Difficult to manage and distribute devices with a remote workforce
- Expensive device refresh cycles
- Employees are stuck with two devices
COPE:
A corporate-owned, personally enabled device management program consists of the organization distributing devices for primarily work functions, but with allowed personal use. As long as employees are using their corporate-owned devices in a reasonable manner that doesn’t negatively impact the company they’re operating within a COPE program. Common uses are checking personal email, installing non-work related apps, personalization, and more. COPE allows employees the flexibility to use one device for both work and personal use, and eliminates the two computer issue as discussed with COBO. As our research has shown, 50% of office workers say they now see their work device as their own personal device and 46% admitting to using their work laptop for “life admin.” A well administered and clearly defined COPE program allows employees the flexibility to use a corporate device for personal work without infringing upon strict COBO requirements.
However, COPE isn’t a catch-all solution as it also has its share of shortcomings. Like all solutions, balancing privacy, security, and performance requires some compromises. COPE does allow for implementation of security solutions as it is a corporate-owned device, but allowing employees to use their devices for personal work opens up new safety risks. Phishing attacks on a personal email, risky downloads, or a password leak from a non-business website could jeopardize an organization’s network and data. Further, as is the case with COBO, device refresh cycles can be particularly costly. In addition, distribution of devices to a distributed workforce, particularly one with 1099 or other contract employees, could prove to be logistically problematic and expensive.
COPE Pros:
- Employees have the flexibility to manage work and life from one device
- Resolves legal issues around data and device ownership
- Relatively secure with the right solutions in place
COPE Cons:
- Difficult to manage and distribute devices with a remote workforce
- Expensive device refresh cycles
- Less security that COBO due to employee personal use
BYOD
A BYOD, or bring your own device, program consists of an organization having its employees use their personally-owned devices for work functions. Instead of issuing corporate-owned devices, organizations instead deploy solutions onto employee devices that allow them to use their own phones and computers for work. One of the most apparent advantages of a BYOD program is that employees are able to use the devices they know well and have personally chosen for life outside of work. Leveraging pre-existing employee device comfort levels and technical infrastructure ensures your employees will work at maximum efficiency on their chosen device. Rather than forcing employees to use operating systems and device configurations they don’t know, BYOD helps limit employee device choice friction. Further, leveraging existing tech helps companies save on costs related to device acquisition, management, and deployment, as IT professionals no longer need to physically handle employee devices.
However, BYOD does not come without its own set of complications and drawbacks. For extremely security focused organizations BYOD might not be a solid choice, as employee devices are harder to control and protect than owned devices. Legal and ethical concerns about device monitoring, data permissions, privacy rights, and more come into consideration when installing company applications onto personal devices. In addition, while some costs like device acquisition will be mitigated, support costs and potentially stipends or reimbursements will still cost an organization in the long run.
BYOD Pros:
- Employees have the flexibility to manage work and life from a device of their choosing
- Lowers onboarding friction
- IT teams no longer need to physically manage devices
BYOD Cons:
- Less secure than purely corporate-owned, managed devices
- Legal and ethical concerns around data protection and privacy
- Lack of standardization across workforce
Device Management for Organizational Goals
Now that we’ve looked into several options for device management you’re probably beginning to speculate about how your organization could improve their device programs. Starting out by identifying business specific use cases, company pain points, and employee feedback will help provide more clarity on what type of device program will work best for each company’s needs. At Venn, we’re excited to provide the solutions needed to help modern organizations develop device policies that allow their employees to thrive. Our new secure remote workspace is powered by LocalZone™ technology and keeps work data safe from personal use on the same computer. Whether it’s COBO, COPE, or BYOD, Venn has the solution you need to enable your remote employees to seamlessly toggle between work and life, all on one device. Want to know more? Sign up for a demo here!
