How Data Loss Prevention and Mobile App Management Boosted One Bank’s Security

A large Midwest banking corporation wanted to support a bring-your-own-device (BYOD) program that would give employees and contractors greater flexibility and productivity. At the same time, the organization needed to protect sensitive financial data, maintain regulatory compliance, and avoid imposing intrusive controls on personal devices. To address these competing priorities, New Era Technology assessed the environment and recommended Microsoft Intune mobile application management without enrollment (MAM-WE), enabling the bank to secure access to enterprise applications and protect corporate data without increasing device management burden. The result was a more flexible and scalable approach to mobile work that strengthened security, preserved user privacy, and supported long-term operational efficiency.

Having a bring-your-own-device (BYOD) program often reduces costs and improves productivity by allowing contractors and employees to easily access information and communications no matter where they are. However, using personal devices can come with a higher risk of losing or compromising sensitive information. Having a solid data loss prevention (DLP) strategy in place is critical to protecting your company, your employees, and most importantly, your customers.

A large Midwest banking corporation needed a BYOD program, but they faced two key concerns:

• Keeping their data secure
• Allowing employees to work on their personal devices without intrusive device control or a burdensome program enrollment

While a mobile device management (MDM) solution would address concerns about data security and industry compliance, it would require greater oversight of employees’ devices. Instead, the financial company wanted to focus on a data loss prevention solution that would manage their enterprise applications to keep sensitive financial information secure and in compliance with industry regulations, without requiring an infrastructure overhaul or an excessive financial investment. They partnered with New Era Technology to identify and implement the right solution that met all their criteria.

Our client wanted to control access and security for their applications while minimizing their oversight over the device, and explained their goals to our team. After completing a security assessment, recommended Microsoft Intune's mobile application management without enrollment (MAM-WE) solution and provided them business cases and a roadmap to implement it.  

Intune MAM-WE allows them to manage any application that contains sensitive corporate data on almost any device, including employees’ personal devices they also use for work. It also also allows this bank to manage application protection policies to ensure corporate data is protected within the application and not accessed by or shared with any unauthorized person or program. 

By choosing this solution over an MDM, our client can maintain control over their data without requiring their employees and contractors enroll their personal devices into a program. This offers multiple benefits to the company, their customers, and their employees.

Our team implemented Intune MAM-WE within our client's IT department and worked to define the conditional access for applications. As they deploy the data loss prevention solution company-wide, they can control access and security for their data and applications without having to control and manage hundreds of devices.  

The result was a more secure and flexible approach to BYOD that allowed the bank to protect sensitive corporate and financial data without imposing intrusive controls on personal devices. By implementing Microsoft Intune MAM-WE, the organization gained stronger application-level security, clearer access controls, and better support for regulatory compliance while preserving employee and contractor privacy. The solution also reduced administrative burden by eliminating the need to manage hundreds of personal devices, making it easier to scale the program across the organization. As a result, the bank was able to support mobile productivity more effectively while maintaining control over data and reducing operational risk.