Mobile & Online Security

Tips for successful Cope implementation in the financial services industry

Tips for successful Cope implementation in the financial services industry. Photo: Maxx-Studio, Shutterstock.com
Written by Chris Koeneman

Chris Koeneman looks at the pros and cons of implementing a Cope programme in your organisation.

Few industries can match the complex regulatory environment in which financial services must operate. There are extensive regulations that govern IT in the areas of storage, access, sharing and use of sensitive customer data, and the penalties for violators can be steep. In response to these regulations, a new mobility ownership/use model has emerged.

Corporate owned, personally enabled (Cope) devices are becoming more common as companies try to adapt to mobile-first workforces. While considered a more secure alternative to ‘bring your own device’ (BYOD), companies using Cope programmes must still consider unique programme challenges, and whether Cope programmes are the best option for their business.

This article provides tips for implementing Cope programmes, and examines the advantages and disadvantages of choosing Cope over other mobility programmes.

The basics of Cope

Cope programmes allow employees to select devices from a set of options provided by a company – providing an element of BYOD – but in a way that allows companies to keep their networks and information more secure than traditional BYOD. ‘Personally enabled’ means that employees are free to download apps of their choosing. However, because the company owns the devices, it has the right to determine what can and can’t be accessed by employees. This includes apps, software, data, and so on. It also gives companies the right to erase or disconnect devices connected to a corporate network.

Devices are selected based on available wireless networks, and which ones are best suited to satisfy company/employee needs. Should some employees prefer iOS over Android, companies can prorate phones or set a predetermined amount that employees are responsible for paying. Companies can also set the same standards for usage and data plans. These options not only help maintain costs, but the security of critical company data too.

A more secure version of BYOD

Due to the control given to companies via selecting the devices and data accessible to employees, Cope programmes are considered a more secure version of BYOD. There are also a few ways – aside from controlling whether or not a device is wiped or disconnected – that companies can maintain security of mission-critical data.

Mobile device management (MDM) services can be implemented with Cope programmes to help control the access employees have to specific files, networks, and so on. Mobile application management (MAM) services help determine what applications employees may utilise via work devices (more on this later). Companies can also create dual personas for employees on Cope devices, which provides a clear divide between personal and company data. Finally, managed mobility services (MMS) can help eliminate or restrict what employees download/invite into company systems.

According to a recent report by IBM and The Ponemon Institute, 38% of respondents said their organisations do not scan for vulnerabilities. 55% said they either do not test apps or are unsure of whether or not their business does. MMS helps monitor and push secure app installation, allowing settings and passwords to be set, enforced and removed from the wireless programme should security standards not be met.

Implications of Cope vs other mobility programmes

While Cope programmes are a good choice for industries with high regulatory environments due to their increased controls and security, there are some limitations/disadvantages for selecting Cope over other mobility programmes.

Cope can get expensive; companies must pay the upfront costs for service and devices. While employees can be held responsible if they choose something out of plan, the onus still primarily falls on the company to provide adequate resources. In addition to fiscal responsibility, companies with Cope programmes are also in charge of security. Companies must make sure they have security policies and precautions in place to prevent employees from accessing confidential information, or downloading corrupt files. Employee satisfaction can also take a hit with Cope, because the corporation dictates which devices can and cannot be used. This is somewhat offset by the freedom of downloading applications at the discretion of the employee, however.

Companies in the financial services industry should explore the various options available to them before settling on any mobility programme. With that said, Cope programmes are a strong, secure option, giving companies more control over the devices, services and applications employees access.

READ NEXT: Legacy people is why we use legacy systems

Photo: Maxx-Studio, Shutterstock.com

About the author

Chris Koeneman

Chris Koeneman is senior vice president at Mobi. He has extensive experience in developing go-to-market strategies for technology organisations, and has held leadership positions with AT&T, Intel and Cisco, among others, as well as innovative startups. Chris has led global teams focused on networking infrastructure, cloud services, and virtualisation solutions sold through OEMs, channel partners and direct, and has been part of two successful wireless acquisitions.

Leave a Comment