Needlessly restrictive policies don't help anyone, and no one wants to be "the one blocking Netflix or YouTube on an employee owned device," Dale added. On the other hand, checking to ensure the device is using encryption and isn't jailbroken is generally acceptable.
"It's also recommended that you ensure your users know where to get apps that the company supports and recommends. This is done through your EMM supplied app catalog. Users love that they do not have to go searching for company supported apps or worse, have to pay for apps that most coworkers use. If you are taking advantage of Apple's VPP, that makes the deal even sweeter," Dale explained.
Finally, make sure that users are able to access their corporate assets, such as SharePoint and network drives, securely. This can be done inside most mobility management programs.
"Let's face it; most users go through a progression. It happens immediately for some users and slower for others. Everyone wants mail. Then apps. Then more access to their own documents and content. By proactively giving employees access to these features, they get what they want and IT gets to guide them," Dale said.
Considerations for organizations without an MDM solution:
So while there is plenty to be done if the organization has an MDM solution, what about organizations that don't have one? According to Dale, this won't pose a problem until something keeps the users from getting what they want, or getting what they want within a reasonable timeframe.
"If the company allows mobile devices but does little to manage or enable them, users win in the short term and IT loses all around. It's likely that your users are employing several different ways to gain access to what they need (apps and company data) and are not waiting on you for a solution," Dale said.
That means the company's data is likely on several private cloud sharing applications, and there is no way for the company to account for them. Passing audits in the retail, financial, and healthcare sectors would be a nightmare at this point.
"Most companies move away from relying on just native ActiveSync controls when manually on-boarding devices gets to be a headache, app enablement becomes necessary, and compliance issues start to occur," Dale added.
Are there any pre-loaded apps that could pose a risk to the organization, which should be monitored?
"Most apps are pretty safe, especially preloaded apps. If users are downloading apps strictly from their respective app stores, the potential for a dangerous or malicious app is greatly reduced, but not 100 percent eliminated," Dale said.
"IT should keep an eye out for and educate users about apps that chew up large amounts of data. A 5GB plan can be eaten up very quickly while streaming HD movies over 4G. Since many devices are often shared by other members of the family, including children, a close eye needs to be used. No one wants to see overage charges, but they can be a major concern."
Sign up for CIO Asia eNewsletters.