CYOD: What Is It and How Is It Different from BYOD?

The cloud revolution is delivering innovation to IT now more than ever. One of the challenges of this innovation is selecting whether to adopt a bring-your-own-device (BYOD) or choose-your-own-device (CYOD) policy. BYOD allows employees to use their own devices to access office resources; when employees leave, they take their devices with them. CYOD lets employees choose from an approved set of devices, which they either buy on their own or through their employers. In the latter case, the employer retains ownership of the device when the employee leaves the company.

Gartner estimates that the adoption rate for BYOD will eventually reach 90%. According to Global Market Insights, the BYOD market is expected to reach almost $367 billion by 2022, or a more than 22% compound annual growth rate (CAGR) from almost $95 billion in 2014.

While BYOD offers multiple benefits such as reduced hardware infrastructure, mobility solutions, optimized resources, and improved employee performance and satisfaction, it comes with certain challenges. For one, organizational data is at risk. Not many employees believe that protecting organizational data is their responsibility, and with a multitude of mobile devices on the market, IT departments have a tough time securing corporate data on personally owned devices. This is where CYOD comes to the rescue.

An Overview of CYOD

CYOD is similar to BYOD—it allows employees to work from anywhere using a mobile device. However, unlike BYOD where the user can use any device, CYOD devices have to be approved by the organization. In most cases, the organization provides the mobile device, and the employee chooses from a list of approved devices. The company purchases the device and manages it. While the end-user has the flexibility to use the mobile device anywhere, the organization actually owns that device.

CYOD networks provide more stability, security, and simplified IT for businesses. They give the IT staff more control over the devices in the network. Access to apps, data, and functions can be limited, and with fewer approved devices in the network, support becomes quick and easy. CYOD is especially useful for companies that deal with sensitive information. Because the company owns and manages the device, company data is secure. With the ability to install and manage security solutions on the device, company data is free from malware and hacking threats, and if a device is lost or stolen, company data doesn’t fall into unauthorized hands.

Organizations should consider several aspects before choosing between BYOD and CYOD policies. Small IT budgets and legacy infrastructure tend to demand a BYOD policy, while higher security requirements and upfront investments invite a CYOD policy.

What Should a CYOD Policy Consist Of?  

Your CYOD policy should contain the following crucial elements:  

Types of devices

Your CYOD policy must mention the type of device that is to be used. The kind of device can be anything ranging from smartphones, tablets, to laptops or other devices. You must mention the party that gets to decide the device to be used, the party that pays for the device, and the party that pays for the monthly connectivity plans. Your device choice can fall anywhere between the range of anything goes,” to a controlled set of choices with strict hardware requirements. 

Management and support

Another element that must be included in the CYOD policy at all costs is the explicit representation of the party that is responsible for the management and support of the devices mentioned in the policy. The management and support capabilities can be minimalist (“barely there” management and support) or maximalist (by installing Mobile Device Management or Enterprise Mobility Management with strong controls). 

Integration and applications

Your CYOD policy must also mention the network to which the device must be integrated, the applications which the device should run, the restrictions on personal applications and the level of integration (basic daily workflow vs. heavy resource requirements) required from the selected devices. 

CYOD Policy Challenges

While CYOD brings more control and security to IT networks, it comes with certain challenges as well. Firstly, organizations have to make huge upfront investments to purchase and manage the hardware. This is in contrast to cloud computing, where entry costs are normally low. Secondly, restricting employees’ device usage can result in dissatisfaction that in turn affects productivity. Thirdly, the device approval time is another negative aspect. The time taken to approve the device might lead to missing out on a new technology or app. Fortunately, these challenges don’t have to limit organizations, as there is a better alternative: virtual application delivery.

As a subset of desktop virtualization, application delivery enables organizations to centrally host applications and resources and securely publish them to any remote device. With the ability to monitor and manage all applications from a centralized location, organizations can easily control how applications get to end-users. Furthermore, although users think they are using applications from their devices, data never actually leaves the server and is therefore secure. Regardless of the device OS, platform, or model, organizations can securely publish resources to end users by using virtualization software.


COPE (Company Owned/Personally Enabled) programs, which almost universally center on smartphones, are aware that few people would like to carry around two devices. Smartphones are typically provided by employers for use at work, however basic features like voice conversations, texting, and personal applications are permitted with certain restrictions on usage and flexibility.

COBO (Company Owned/Business Only) goes even farther by expressly banning the use of mobile devices for personal use. A device that solely runs a single application, like an inventory system including an integrated barcode scanner, might be referred to as COBO. Or perhaps it’s just a smartphone where personal usage is forbidden by policy.

Parallels RAS: A Streamlined Application Delivery Solution

With its easy-to-use functionality coupled with powerful performance, Parallels® Remote Application Server (RAS) equips IT departments with a solution that helps them implement a simplified CYOD policy and infrastructure. Parallels RAS is simple to deploy and use. Its intuitive dashboard allows you to monitor and manage all devices, including mobile devices, from a central interface. As the entire data and processing are done at the central server, organizations don’t have to worry about data integrity while using CYOD networks.

Parallels RAS enables employees to bring their own devices while providing the ability to monitor and manage them from a centralized location, so organizations enjoy the best of both worlds. Most importantly, Parallels RAS is significantly cost-effective.

Sound too good to be true? Download a 30-day trial to check it out for yourself!

Download the Trial