MDM vs. Containerization: What’s Your Best BYOD Strategy?

Many companies are moving toward utilizing a bring your own device (BYOD) policy within the workplace. There are plenty of benefits, such as saving companies money and increasing productivity due to your employees being able to utilize technology they’re already familiar with.

The Samsung Galaxy S 6 is becoming a popular device for those wishing to use their own device at work. With a large and crisp screen, insanely quick processors and a durable frame, these smartphones are a productivity dream come true.

Despite the clear benefits of a BYOD policy, one of the main challenges is sensitive data remaining on your employees’ phone. They could misplace their phone or be let go and all that private data would remain on their phone.

There are two main schools of thought between preventing sensitive data from getting in the wrong hands, and they both have advantages and disadvantages.


Mobile device management (MDM) is a type of security software that IT departments can put on employees’ phones to secure, manage and monitor sensitive work data.


  • Secure: In the unfortunate event an employee gets robbed or loses his or her device, your IT department can either remotely lock the device or wipe the work-sensitive content off of it.
  • Tracking: If you don’t want to wipe the data off a lost device, your IT team can find and track the phone.
  • Remote Usage: If your employee is working from home or out in the field, it isn’t always easy to explain things clearly over the phone. With remote usage, you’re able to access his or her screen right from your Internet browser.


  • Privacy: This is a major con. Since it’s a personal device your employees are bringing in, they may not appreciate having tracking software on their personal devices. Even though most employers won’t be looking in on employees after business hours, the possibility can still cause a sense of unease.
  • Backup Issues: A large amount of data can reside on the employee’s device. Backing up and restoring data usually requires the IT team’s intervention, which can be time consuming and not practical.


Containerization is when a company employs an encrypted data store (or container) on a device.


  • Privacy: Unlike using MDM software that can track the entire device, containerization allows you to keep sensitive data secure on the device while not compromising your employee’s privacy.
  • Isolated Functioning: If your employee’s device turns out to be misplaced and not lost, you don’t have to wipe his or her entire phone. You can lock or wipe the company files and leave the rest of the employee’s phone untouched.


  • Doesn’t Protect Personal Data: Since you’re not installing MDM software on the phone, locking, wiping and restoring capabilities are severely limited because it doesn’t cover the non-containerized portion of the phone.

Costly: Since you’re not using a single type of program across all devices, using a bunch of separate third-party programs can become costly to maintain and deploy.

Leave a Reply