hi, does anyone have a policy around BYOD mobile devices and blacklist apps? if so, how well do your users respond to it.? Our challenge is that we have a number of apps we'd like to blacklist, and concerned they will revolt

469 views2 Upvotes5 Comments

Senior Information Security Manager in Software, 501 - 1,000 employees
Will they really revolt? Or just complain?


If they are corporate issued devices, you own them and dictate how they can be used.


If it is their devices, they can only access data and/or apps since you allow it.


Ultimately, it comes down to educating them about the risks, and management understanding how they are going to deal with these risks.


In regulated industries (finance, banking, healthcare, government, etc.) they understand that there are limits with BYOD.
Executive Architect in Healthcare and Biotech, 10,001+ employees
Yes, we require that BYOD users install our endpoint security software.  Since these devices access company and customer confidential data, my company reserves the right to inspect these devices, and remotely brick the device if the device is lost or compromised.  Other requirements are that the devices cannot be rooted or jailbroken, and that OS/security patches are kept current.  I am not aware if we blacklist apps, but there is a prohibition against using the devices for socially unacceptable (my words, not the company's) purposes.   So it's possible that some apps are blocked.  I'm not aware of anyone complaining.
CEO in Services (non-Government), 2 - 10 employees
Yes we allow BYOD. Employees can use BYOD with MFA and use only Authenticator enabled applications. No VPN access to corporate is allowed. We have a separate guest wifi for outsiders and BYOD devices. Some applications are not BYOD enabled and those cannot be used from a BYOD.

As a CTO - I am one person who does not have a corporate device. I work only on my BYOD. Eat your own dog food.
1 Reply
@dchou1107 in Education, 5,001 - 10,000 employees

👍 that’s the way to do it.

Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
There’s a lot going on here. Without knowing the industry or how the company is segmenting & protecting data, hard to say how users would react.

But generally if the company needs to control a device they need to do their job, a corporate device should be an option if they don’t agree to the controls.

If there is low enough risk to use their own without those controls, I prefer *not* to know what they have on their own device to blocklist, as I don’t need the company to know who has Tinder, Grinder, OnlyFans, or any other number of apps, and don’t want to see their messages. Context - too many conversations & internal affairs meetings for me to care about.

Assuming the need for control is this high on a mobile device, is the same done if they log into Office 365 in a web browser, or are users just going to think this is silly and not understand why these two devices are treated differently?

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
46.5k views133 Upvotes324 Comments

VMware Carbon Black24%

Palo Alto Networks Cortex XDR33%

Symantec Endpoint Security40%


BlackBerry Cylance11%

We don't have an EDR tool currently.9%

Other (Please share below)13%


2.5k views1 Upvote12 Comments