Stack of smartphones of various sizes

BYOD and Alternatives—Choosing the Right Device Policy

As the movement towards a remote or mobile workforce continues, managers and employees alike use mobile devices to store more company data than ever before. To secure the valuable information in these out-of-office devices, it is important for any business with a remote workforce to have a device policy in place. A clear device policy will prevent the theft of information by hackers, and it will also help employers to remove data from a stolen device. There are three types of commonly-used mobile device policies: BYOD, COPE and, CYOD. All three types have their advantages and disadvantages. Companies should choose the device policy that suits their unique requirements.


BYOD (Bring-your-own-device) allows employees to choose and bring their own device. This policy is useful for small companies and startups.

A BYOD device policy is beneficial because the company can save money on purchasing and giving employees devices. This eliminates the need for employees to learn how to use new devices, as they’ll be comfortable using devices they’re already familiar with. Employees will upgrade their devices and improve company communication.

BYOD polices are not without their disadvantages, however:

  • Employee and company privacy is jeopardized
  • All employees may not have their own device
  • The risks of security breaches are higher
  • Employers may need to provide IT support for some devices


COPE (Corporate Owned Personally Enabled) is a device security policy where the employer provides devices to employees for their personal use and for work. This device policy is used by larger companies, healthcare organizations, and financial institutions which require greater information security than startups and small companies.

The benefits of COPE include:

  • Device management is more efficient
  • The company or organization can run more smoothly
  • The IT support required is minimal
  • IT will constantly upgrade the security of the devices
  • If one device fails, the company can quickly start using alternative devices

The disadvantages are:

  • COPE is expensive, as companies need to buy devices
  • There are more compliance requirements
  • It may not serve all the purposes of the company
  • Devices belonging to companies need to be insured


CYOD (Choose Your Own Device) is a device security policy where the company approves and lists corporate-liable devices, and employees are asked to choose devices from the list. Employees need to purchase the device, but the company owns the sim and the data in the device.

The benefits of CYOD are:

  • Easy device management by IT
  • The company can manage data across devices easily
  • The costs are much lower than a COPE device policy
  • Companies can keep an effective remote wipe policy in the event the device is stolen or lost or if the employee leaves the company
  • IT can upgrade and provide security patches for the devices quickly
  • The risk of security breaches is much lower

The disadvantage of CYOD is that the usage policies need to be very detailed. The company needs to constantly monitor and maintain devices.

Key Takeaway

In addition to more traditional forms of security, cybersecurity has become a necessity to protect valuable company data. The increased use of mobile devices in recent years has only strengthened the need to secure data stored in these devices. Mobile device data security is constantly under threat, but companies with clear device policies can secure their data much more effectively. The type of device policy used by a company will depend on its unique needs and budget.

byod, cyber security
Previous Post
The Rise of Ransomware as a Service (RaaS)
Next Post
How to Protect Your Company from Spear Phishing

Related Posts

Cyber attack concept on a computer

TekRESCUE’s Guide to Cyber Emergencies and Recovery

rescuing data concept

Rescuing Data – IT Crisis Management vs. Cyber Emergencies

Hacker ready to DDoS attack a business

Distributed Denial of Service (DDoS) Attacks: Building a Defense