Checking appointments for the day ahead on the subway in the morning or using the time on the train to write emails – mobile working is part of everyday working life for many employees. The business and private use of mobile devices is becoming increasingly intertwined. In addition to the business use of private mobile devices, this also affects the private use of mobile devices.
COPE vs. BYOD
In many companies, the private use of devices provided by the employer takes place within the framework of a so-called Corporate Owned, Personally Enabled (or COPE for short) model. The company provides mobile devices and associated contracts and the employee is officially allowed to use them privately. In contrast to the Bring Your Own Device (BYOD) model, the mobile devices are therefore the property of the company.
Advantages of the COPE model:
- Practical: only one smartphone needed for work and leisure
- Employee motivation: depending on the fleet, employees receive an up-to-date mobile device that they might not be able to afford privately
- Flexible: Better organization of private and professional life through location-independent working
What you need to consider in the COPE model:
- Risks: Challenges for data protection and compliance
- Additional effort: Technical solution required to separate private and business data/area
What do you need to bear in mind if you allow your employees to use business mobile devices for private purposes?
1. create internal regulations and coordinate them with the works council
When the mobile device is issued, the employee should also receive a company agreement that precisely defines the extent to which private use is permitted. This policy should be agreed with the works council, as it often also contains aspects of employment law.
You can download a template here.
2. define apps that may be used
You should also specify which apps may be used for which tasks. Otherwise, there can quickly be unpleasant consequences, particularly with regard to copyright law. An infringement occurs, for example, if employees use apps that were purchased privately and are actually only licensed for private use for work-related tasks. In case of doubt, the company or company owner is liable.
Alternatively, it is also possible to block the download of certain apps or only allow apps from the company’s own app stores. However, this severely restricts employees, as they may not be able to use their favorite apps.
3. data protection & GDPR
For data protection reasons, it must be impossible for company data to end up in private apps such as WhatsApp or Dropbox and thus on their servers. Many companies therefore prohibit the use of apps that do not comply with data protection regulations. This is not always necessary, read the blog post to find out how to use WhatsApp in compliance with the GDPR, for example.
Data protection must also be observed in the other direction. The company must ensure and prove that it or the company IT does not have access to the employee’s personal data.
4. the challenge of mobile device management
To protect against risks such as malware, lost devices or insecure Wi-Fi connections, many companies use a mobile device management solution. This activates and manages the device and protects it against the aforementioned risks. However, an MDM solution technically gives you or your IT department comprehensive rights, access and insight into employees’ company devices.
This includes information on device IDs, telephone numbers, information on the operating system and installed apps, as well as business emails. IT can or must be able to view this data in order to ensure secure mobile working and to be able to block stolen devices, for example. However, MDMs are also able to view private information such as contacts, messages, images, the frequency of use of certain apps or browser history. The employer must therefore ensure that the company IT department does not have access to this private employee data on the mobile device.
5. container app as an alternative or supplement to MDM
However, as an alternative or supplement to MDM solutions, there is a much simpler way to allow your employees to use company mobile devices privately. With a container app, you can provide your employees with a tool that allows them to work securely on the move, is easy to manage and thus enables COPE without any problems.
All company data is bundled in the container app and cannot be accessed by other apps on the device. This also means that you do not have to issue any bans on apps, as the employee can use the mobile device freely outside the container.
Compared to MDM tools, there is also no possibility for you as a company or company IT to access employees’ private data. A container app is also much easier and quicker for corporate IT to manage than an MDM solution. And you don’t have to worry about IT security either, as the company data is encrypted in the container and during transmission. If a device is lost, you can delete all data within the container remotely. Container apps can also be easily integrated into an existing MDM infrastructure.