There is a growing trend to use consumer computing devices in the enterprise, aka bring-your-own-device (BYOD).
It's understandable that users want to use their preferred device for everything. Since most applications expose a web user interface (UI), this shouldn't be an issue. Actually, what corporate users need most is an office suite, browser, email client, instant messaging application and file system access. Most smartphones can do that.
Users who already have a smartphone or laptop don't want to carry both their personal and corporate devices. The problem with BYOD is risk management, especially with the constantly changing threat landscape.
While the user's device may be compatible, how does the corporation know that there isn't malware installed on it, leaking corporate passwords and other data? What protections are there against data theft if the device is lost or stolen? How can a corporation know if a user's laptop is infected with a virus that will propagate when it's plugged into the corporate network? Users don't seem to understand these serious risks.
Since BYOD seems unavoidable, organizations should consider these basic steps which will hopefully help with audit and regulatory requirements:
However, will users accept these constraints? They seem pretty foundational.