Mobile Device Management – Which Model Fits Your Business?

Is yours a BYOD, a CYOD, or a DaaS kind of business?
19 August 2022

Getting devices where they need to be…

The work falling on the shoulders of the IT department in any company is increasing in our tech-enabled age, and the addition of a long-term hybrid working model, combining staff who work remotely, staff who work in the office, and staff who work in both depending on the need of their department has only seen the complexity of mobile device management treble in complexity.

That’s given rise to three different but connected approaches to dealing with equipment management – Bring Your Own Device (BYOD), Choose Your Own Device (CYOD), and DaaS (Device as a service). Each of the three approaches has its pros and cons, and the likelihood is that each model is right for different types of business.


Bring Your Own Device is a model that became a lifesaver for many companies that weren’t already employing a hybrid working system when the Covid-19 pandemic hit. It allowed companies to recruit staff without necessarily provisioning them with the devices they would need to do the job – and it meant there was no need to spend extra money on buying new, work-secure devices for existing staff who had switched to the remote working model out of pure viral necessity.

In a post-pandemic world though, with cyber-attacks having risen by an unprecedented 22% in the year after the easing of lockdowns, there are questions of both security and mindset that need to be firmly answered before companies commit to the continuation of this emergency model of mobile device management.

In the first place, BYOD depends on the strict demarcation of the device and its work data. The device, bought by the staff member with their own money, remains their property. But any and all data given to the staff member, created by the staff member, or in any way interacted with by the staff member remains the property of the company in perpetuity.

As a model, that works well right up to the point at which anyone has to divide or examine the two. And while in this day of cloud computing, shared folders, and instantaneous change reflected in data held anywhere in the system, that shouldn’t be a difficult thing to do, using your own device in a remote setting tends to mean a higher potential for using it in your own way, irrespective of company policies.

That can end up causing IT departments, with a responsibility for the issuing, use, maintenance, and management, more headaches than they had before, ensuring that cybersecurity is up-to-date and compliant with company standards, and in particular, it can lead to long downtimes if and when the staff member’s own machine is damaged, or needs rapidly replacing. It can be difficult, in a time-critical job role, to make do with a situation where you have to wait until pay day to Replace Your Own Device.


Choose Your Own Device brings significantly less pressure to IT departments. Usually in CYOD, IT departments will offer the employee the chance to choose from a fairly limited – but reliably-spec’d – devices. The device management process then tends to be a lot more controlled, in that before or shortly after the device is despatched to the staff member (depending on whether it’s despatched from an on-premises hoard or whether it’s despatched from a store or manufacturer), the IT department can specify the programs and cybersecurity measures that need to be on the device before it can be used for company work. Then the device management cycle is largely time-based, with upgrades or change-outs due a certain number of months after initial deployment, and either replaced from on-site stores, or re-ordered as and when devices are damaged or need upgrading.

There are a couple of downsides to remember with the CYOD model. Firstly, the additional workload of maintaining a device management and upgrade system falls on the IT department, which is less than ideal when their time should be more productively spent dealing with day-to-day and strategic IT issues that help the company achieve its longer-term goals.

Secondly, the standard in the CYOD model is to offer only a small range of device options, all of them fairly basic, and specified just to meet the needs of the job role. That can cut costs, but it can also negate any “perk” value of the work devices for the employees, meaning staff are less likely to invest in the “ownership” of their work devices, and can end up treating them with insufficient care, as they’re “just” a work tool.

While it’s very much less of a concern than points 1 and 2, there’s also an environmental impact of being locked into a regular upgrade cycle that makes each device purchased a single-lifetime expense (the lifetime usually lasting around 24 months), after which the devices have to be either destroyed or expensively wiped of data, before the whole procurement cycle begins again.


Device-as-a-service is exactly what it claims to be – a service model approach to equipping staff with the devices they need, and of mobile device management, that takes the pressure off the IT department.

There are advantages to DaaS, in that it can free up the IT department to focus on the tasks the business needs from them, without also making them act as procurement and device management specialists. If you find the right DaaS provider, they can also exercise economies of scale to broaden the range of devices available to staff, including some of the newest technology available.

Upgrades and repairs can be handled simply online through a device management system that’s owned and run by the DaaS provider, and that becomes a matter between the staff and the DaaS provider, with IT department involvement only at the beginning of the procurement and device specification stage, and perhaps through an annual report the provider sends the IT department, detailing any changes, upgrades or replacements during the course of the year.

The downside of the DaaS model is that it can be necessarily more expensive than the CYOD or BYOD models, because it’s literally outsourcing all the time and stress that would otherwise fall on the IT department. That stress and time is translated into a pure business expense, and some businesses can’t afford the luxury of that.

To know which model is right for your company, you’ll need to make a business decision, factoring in your disposable device management budget, the size of your company, and the importance of strictly controlling the access points to your system in terms of cybersecurity. But with more cyber-attacks than ever before hitting businesses, it’s fair to say that there’s a general drift away from BYOD, and towards at least one of the other, more controllable, options.