If that is such a risk vector for you than hand out company phones and manage them. My workplace does.
We have both iOS and Android devices deployed and users cannot install anything on either. Neither App Store nor Play Store are accessible and any potential side loading is disabled as well.
It appear to me you could have prevented the user from using a device you cannot manage and could have taken steps to prevent users from accessing the secure WiFi, but didn't choose the first to save money and didn't do the second probably for the same reasons, and yet we somehow need to prevent people from installing stuff on their own private devices because of that.
it wasnt my company. it was a non profit.
they allowed a work app on personal phones because the 400 Samsung 4G tablets didnt work out and cost a fortune in monthly SIM fees.
you people seem to think businesses can just spend unlimited funds.
Welcome to the real world of IT for small and medium business.
The point is user behaviour can install bad Android apps easily.
Bad user behaviour can allow access to secure wifi networks.
If you have done any work on risk assessment, you would know to check all points of failure.
I worked in a large mainframe run government department.
They were audited for security.
Didnt want to know that it was easy to spit the test environment computer's data onto a USB and walk out the door.
There were concerned about leaks department to department.
How many businesses have seen client database emailed offsite?
The real world is nothing like the theoretical.
