Skip to main content

How data loss prevention and mobile app management boosted one bank’s security

 

Challenge

Having a bring-your-own-device (BYOD) program often reduces costs and improves productivity by allowing contractors and employees to easily access information and communications no matter where they are. However, using personal devices can come with a higher risk of losing or compromising sensitive information. Having a solid data loss prevention (DLP) strategy in place is critical to protecting your company, your employees, and most importantly, your customers.

A large Midwest banking corporation needed a BYOD program, but they faced two key concerns: 

  1. Keeping their data secure, and
  2. Allowing employees to work on their personal devices without intrusive device control or a burdensome program enrollment

While a mobile device management (MDM) solution would solve the concerns surrounding data security and industry compliance, it would require more management over their employees' devices. Instead, the financial company wanted to focus on a data loss prevention solution that would manage their enterprise applications to keep sensitive financial information secure and in compliance with industry regulations without requiring an overhaul of their infrastructure or an excessive financial investment.  They partnered with Fusion Alliance to find and implement the right solution that would meet all their criteria. 

Solution

Our client wanted to control access and security for their applications while minimizing their oversight over the device, and explained their goals to our team. After completing a security assessment, recommended Microsoft Intune's mobile application management without enrollment (MAM-WE) solution and provided them business cases and a roadmap to implement it. 

Intune MAM-WE allows them to manage any application that contains sensitive corporate data on almost any device, including employees’ personal devices they also use for work. It also also allows this bank to manage application protection policies to ensure corporate data is protected within the application and not accessed by or shared with any unauthorized person or program.

By choosing this solution over an MDM, our client can maintain control over their data without requiring their employees and contractors enroll their personal devices into a program. This offers multiple benefits to the company, their customers, and their employees, including: 

  • Saving time and resources 
  • Offering the bank the flexibility to control corporate data in their applications on non-employee devices
  • Protecting sensitive financial and personal information
  • Protecting employee and non-employee privacy over their devices

Our team implemented Intune MAM-WE within our client's IT department and worked to define the conditional access for applications. As they deploy the data loss prevention solution company-wide, they can control access and security for their data and applications without having to control and manage hundreds of devices. 

Outcomes

Improving Data Loss Prevention

By using MAM-WE rather than an MDM solution, our client will still maintain control over their valuable data without requiring individual devices to be enrolled. This saves time and resources and it also ensures our they have the flexibility to control corporate data in applications accessed on non-employees' and contractors' devices.

increased data security
Increased data security while increasing employee privacy
data loss prevention on private devices
Provided ability to manage apps on unmanaged or unenrolled devices
fusion-icons-2color_tap-star
Compartmentalized company versus personal applications

Ready to talk?

Let us know how we can help you out, and one of our experts will be in touch right away.