People who use mobile devices for/at work, should be provided with locked-down devices with only the apps that are absolutely necessary for them to do their work (on that device). But even then, they are potentially exposing your corporate data to cyber attacks.
If employees are expected to bring their own device to work, why should they comply with a use policy anyway? It’s their device. The short answer is, they shouldn’t. They’re not expected to take their own computer to work – so why is an expensive mobile device any different?
No BYOD policy will protect your staff from phishing attacks that take place inside apps – where they do most of their work. Below is a short video to demonstrate how easy it is to spread a phishing website throughout an organization that uses a productivity app. And remember, most people work off-site where there is no network-based security to protect them and your data. And no anti-virus app can stop this type of attack from taking place.