The day the first person took a smartphone to work, BYOD (bring your own device) was born. Soon after that, IT rolled out the first Mobile Device Management (MDM) application.\nFrom an innocent beginning, a complex IT infrastructure has emerged around mobile devices, operating systems and apps, along with the network and the server applications they must communicate with on the back end. Enabling users to access data and applications securely has become something of a high-wire act.\nMeanwhile, the cloud revolution has further changed the way people use their mobile devices and the way IT manages them. Today, BYOD devices \u2013 typically iOS, Android and Windows Phone \u2013 are accessing a host of cloud-based productivity applications like Office 365.\u00a0\nNo surprise, then, that Microsoft has incorporated much of the necessary MDM functions in Office 365. These features perform three main tasks:\nConditional Access: \u00a0The smartphones and tablets may be personal, but the permission to connect to email and documents must come from IT. MDM in Office 365 works with Microsoft Intune and Microsoft Azure Active Directory to enable administrators to create security policies on those devices that apply to Word, Excel, PowerPoint and other business applications.\u00a0\nDevice Management: When a device is lost or stolen, it is at risk of being used by unauthorized persons to access corporate email or applications. The ability to set and manage device-level PIN locking and detect jailbroken devices goes a long way to preventing the wrong people from using the devices.\nSelective Wipe: One of the main reasons for BYOD is the simplicity of using a single device for business and personal tasks. The ability to easily remove Office 365 data from that BYOD device while leaving personal data in place is an essential enabler of the BYOD work style. \u00a0It gives the company the peace of mind that its data is under its control, while giving the user the assurance that his or her personal data will not suddenly disappear.\nThe use of cloud-based applications and storage services has raised another commonplace activity \u2013 copy and paste \u2013 to the level of a security concern. Your user may have a device that\u2019s protected by Office 365 MDM, but if he copies text and pastes it into an insecure application or cloud-based storage service, a vulnerability could arise.\nMicrosoft Intune, a subscription service that\u2019s part of the Microsoft Enterprise Mobility Suite, enables administrators to restrict cut, copy and paste activities on smartphones, tablets and PCs, so these operations can only be performed with other applications that are managed by Intune.\nAs smartphones and tablets become more deeply ingrained in the day-to-day workplace, IT departments will continue to walk the tightrope between user needs and robust, enterprise-level security.