Hacker News new | past | comments | ask | show | jobs | submit login

I didn't read TFA fully but I suppose from your quote, what they didn't say was what corporate IT fears.

I don't know how many corps care about this, but when I did that kind of job, I refuse to have my corp have access to a user's personal data, and be able to brick their personal device, etc. It's not acceptable from a privacy POV and not acceptable from an employee backlash POV. Anyway it was an easy choice because we never had sensitive data that could make it to a phone/tablet. In an environment more like that, I would probably have instituted some kind of privacy waiver that an employee would have to sign in order to BYOD (apple brand). That probably wouldn't fly today, in europe. GDPR and all that.

In addition, customers are starting to require their vendors who have access to their data institute MDM. So it's increasingly MDM or two separate devices.

The requirements I've read (obvi not comprehensive superset) all require this only for, as you say, access to their data. If you're not accessing the customer data via mobile device, you don't need MDM.

I say my view of it isn't comprehensive, but a requirement that all devices be under MDM even if those devices don't have access to customer data, is quite an overreach.

That may be, but at many companies, many if not the majority of their employees are going to have access to some information that their customers consider confidential. As a result, it's easier to have a blanket policy.

Given the general situation with data breaches and so forth, I wouldn't be shocked if, down the road, more and more companies decide that there's just too much risk with BYOD and require employees to use locked-down company-provided devices.

Agree, it's easier for the company to have a blanket policy. And most companies will do that because, ain't nobody got time for [being overly competent]. But what I said was that the actual requirement given to vendors is, in my limited experience, written to apply only for access to customer data. That is, it is the implementation that is overly broad, not the requirement being passed down.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact