You can’t control their choice or the model they want.

• not everyone will be utilizing the same type of devices. Some may prefer Androids other Apple
• user install any program or games he wants,
•  even root or jailbreak their device (<2%)

If your EMM impose a control on  employees’devices, obviously you can’t control your external stakeholders (client, supplier, partners): they choose the devices and install the mobile apps they prefer.

In a COPE strategy your employee accept to use 2 devices? with the burden of

• wearing 2 devices
• mix the contact list
• having 2 separate calendars, lists of contact, not so easy

When data resides in the mobile device

• Who is really in front of the device?
• Other application installed in the device might have access
• Malicious app can reside in the device, device is subject to phishing attempts
• Automatic synchronization of data in a “free” cloud. Your sensitive data might be synchronized ?
  • Does this cloud belong to an enterprise whose business model is based on data commercialization?
  • Where is located the cloud? If in the US or affiliate countries: Patriot Act, SafeHarbor or Cloud acts apply
• the device might jailbreak or rooted
•  

• Is the device in a safe place or in a risky location
• Security of the internet transfer especially in public WIFI (restaurants, coffee shops, gym, railway, internet cafe…)
• Man in the Middle risk (4%)
• Malware infextion,
• Public internet connection conditions of use (the easy to press “accept all” button)

the user and all the errors in using the device

• who is really in front of the device?
• let the the device unattended, forget it or even losing it (and worse stolen)
• lending it to the kids to play
• sharing the family PC at home
• giving or selling the device to other without deleting its contents
• leaving the organization