This seems like a very common situation but I’m struggling with the what the actual risks are. We use Microsoft Exchange for our email. We have users who have their own devices such as PCs, Android phones, iOS devices, etc. I have no control over these devices. If a user logs into their email on a compromised device, what are the risks to my Exchange environment? Can that user’s credentials be exposed? Can a Spear Phishing campaign be launched using our Exchange Address Book?
I’m trying to avoid putting any MDM on a BYOD. Saying to someone who works here, “Hey, gimme your phone so I can install some software on it,” isn’t going to go over well. Also, I have no control where or what someone might use to check their emails.
I trying to find the balance between productivity and security, but I feel I don’t have all the information I need to make good decisions.
Any input or advice is welcome.
Thanks!
Dane
This thread was automatically locked due to age.
