Overview
As organizations adopt Bring Your Own Device (BYOD) programs to secure and manage personal devices in their environments, IT departments are increasingly faced with challenges due to BYOD program complexities and dismal user acceptance.
The Casper Suite solution for personal device management is specifically designed to mitigate these challenges, with a simplified management toolset and user-focused features that help to accelerate BYOD program adoption. This allows organizations to balance the enterprise security needs of IT with the personal needs of the user.
A user-focused BYOD program implemented using the Casper Suite includes the following key benefits:
-
Users can review the IT management capabilities for a personally owned device, with transparency regarding everything IT has access to.
-
Users can securely and easily access institutional resources such as email, contacts, calendars, Wi-Fi, and VPN, while enjoying a native experience on their preferred device.
-
IT can only remove institutional data from the device, ensuring protection of the user’s personal data, such as photos and documents.
There are several steps involved in building and maintaining a BYOD program using the Casper Suite:
1. Customize the user experience and enable personal device enrollment. You can customize the user-initiated enrollment messaging to provide distinct messages for each device ownership type—institutional ownership and personal ownership. You can also enable device enrollment for the iOS and Android platforms, and configure enrollment access for specific LDAP groups.
2. Define site-specific settings and apps for personal devices. Personal device profiles in the JSS provide a single location for defining all settings and apps for personal devices. You can define settings for passcode policies, Wi-Fi, VPN, email, contacts, calendars, certificates, and security. You can also select managed apps to distribute to personal iOS devices.
3. Direct users to the enrollment portal to enroll personal devices. This allows you to provide the enrollment URL to users in the way that best fits their environment. Optionally, you can integrate the JSS with a network access management service that automatically prompts users to enroll when their device is detected on the network.
4. View and report on personal devices in inventory. You can perform an advanced mobile device search to identify personal devices enrolled in your environment and view a subset of basic inventory information for a device. You can also identify whether a personal device has the most up-to-date personal device profile installed.
5. Remotely perform management commands on a personal device. You can remotely update inventory for a personal device, and remotely lock a device. In addition, you can wipe only institutional data and settings from a personal device. This protects the user’s personal data, such as photos and documents.