The BYOD revolution is no longer a trend—it’s the new workplace norm. Today, 95 percent of organizations allow personal devices at work, and 82 percent actively use BYOD policies. Market growth is accelerating, with Mordor Intelligence projecting $132.22B by 2025 and $276.39B by 2030, driven by cost savings, employee preference, and hybrid work demands. But with growth comes challenges MSPs must tackle head-on.
Shifting focus: From devices to data
“As offices fill up post-pandemic, workers bring a patchwork of devices—some company-owned, others personal. The challenge for MSPs has shifted from securing every device to protecting the data itself. In today’s hybrid world, locking down every endpoint is a losing battle. Instead, MSPs should isolate and protect sensitive company data wherever work happens—on personal laptops, contractors’ devices, or corporate machines,” says David Matalon, CEO of Venn, a BYOD security company. SmarterMSP.com caught up with Matalon to get his views on the constantly evolving space.
During the height of the pandemic, VPNs were the solution, but Matalon says the era has evolved beyond that.
“Traditional tools like VPNs, VDI, and mobile device management were built for an era when companies owned every device—securing network traffic was enough to protect data.” Matalon shares. He adds that today’s BYOD reality forces a paradigm shift, as solutions that fully enroll a device are far too invasive for a user’s personal laptop.
“What’s needed now is a flexible, device-agnostic model that secures company data without compromising user privacy or forcing them to work in remote or virtualized environments that cause lag and latency,” noting that solutions that isolate and protect work running locally on a device—without hosting an environment in the cloud—do just that.
The biggest challenge: Control and visibility
Matalon argues that the biggest challenge facing MSPs is the lack of control and visibility. When employees, contractors, and offshore workers bring their own laptops, traditional endpoint controls can’t guarantee compliance or patch status.
“Yet, IT is still responsible for keeping sensitive data secure and ensuring compliance with frameworks like HIPAA, SOC 2, or PCI DSS,” he says. He also notes there’s a tension between security and user experience.
“If MSPs deploy too many restrictions—forcing VDI—they’ll see pushback, latency complaints, and workarounds that actually weaken security,” Matalon warns, stating that the goal should be to deliver an experience workers expect and that doesn’t feel foreign (i.e., the latency from VDI/DaaS), while maintaining control over company data.
“That balance has been hard to strike, until recently, when Secure Enclave technology came onto the scene.”
The security risks of unsecured BYOD
Matalon adds that BYOD can expand the attack surface dramatically. “Unpatched devices, shared Wi-Fi networks, and personal applications can now access company data, introducing significant risk.”
He adds that it also blurs the lines between personal and professional use. “Data can be accidentally shared, synced to personal cloud accounts, or exposed through phishing or malware on the user’s personal side. When a device gets lost, stolen, or the relationship ends, companies often struggle to revoke access or wipe corporate data without affecting personal files.” Matalon says.
Still, he says the danger isn’t BYOD—it’s unsecured BYOD.
“The right approach isn’t to ban personal devices, but to implement a solution that keeps company data isolated and protected from everything else on the device. Banning personal devices just entices users to create workarounds—find a solution that works for everyone.” Next week, we’ll explore practical solutions MSPs can deploy today.
Photo: everything possible / Shutterstock
This post originally appeared on Smarter MSP.