BYOD, COPE, CYOD, and COBO are the four ownership models for enterprise mobile devices. Each one defines who buys the phone, who controls it, and how personal and work data coexist on the same hardware. Picking the wrong model costs you: either your employees push back, your security team can't sleep, or both. According to a 2024 SOTI survey, 78% of organizations support at least two ownership models simultaneously, because no single approach fits every role.
This guide breaks down each model with real trade-offs, so you can match the right model to the right team.
The Four Models at a Glance
| Model | Who owns the device | Who chooses the device | Personal use allowed | IT control level | Best for |
|---|---|---|---|---|---|
| BYOD | Employee | Employee | Yes (it's their phone) | Work profile only | Knowledge workers, small teams |
| COPE | Company | Company | Yes, within policy | Full device + personal container | Office staff, field sales |
| CYOD | Company | Employee (from approved list) | Yes, within policy | Full device | Mixed roles, mid-size orgs |
| COBO | Company | Company | No | Full lockdown | Warehouses, retail, healthcare |
BYOD: Bring Your Own Device
BYOD means employees use their personal smartphones for work. Your company doesn't buy the hardware. Instead, you deploy a mobile device management (MDM) agent that creates a separate work profile on the employee's phone.
On Android, this uses Android Work Profile. On iOS, it's User Enrollment (introduced in iOS 13). Both approaches isolate corporate apps and data in a managed container while leaving personal apps, photos, and messages untouched. Your IT team can wipe the work container without affecting anything personal.
The appeal is obvious: zero hardware costs. Employees already carry phones they like, and they don't want a second device in their pocket. A Gartner 2024 survey found that companies with BYOD policies saved an average of $350 per employee per year on device procurement.
But BYOD has real downsides. You can't enforce full-disk encryption on a phone you don't own. You can't prevent the employee from installing a compromised app on the personal side. And if the employee leaves the company or loses the device, your leverage is limited to wiping the work profile. For roles handling sensitive customer data or regulated information, that's often not enough.
When BYOD works: desk-based knowledge workers who need email and a few SaaS apps on their phone. Sales teams in early-stage companies where budget is tight.
When it doesn't: healthcare (HIPAA compliance requires full device control), finance (audit trails need device-level logging), or any role where the phone is the primary work tool.
COPE: Corporate-Owned, Personally Enabled
With COPE, the company buys the device and lets employees use it for personal purposes too. Think of it as a company car you're allowed to drive on weekends.
The IT department owns the hardware and has full management rights: they can enforce encryption, push OS updates, restrict app installs, and remote-wipe the entire device if needed. But they also set up a personal space (Android's personal profile or iOS managed partitioning) where the employee can install their own apps, take photos, and use social media.
COPE is the most popular model for mid-size and large enterprises. IDC's 2024 Mobility Survey reported that 41% of companies with 500+ employees use COPE as their primary model. The reason is balance: IT gets the control they need, and employees get a device they're willing to carry everywhere.
The catch? Cost. You're buying every device, plus replacements for broken screens and lost phones. For a 500-person fleet, budget $200,000 to $400,000 upfront depending on your device tier. Then there's the lifecycle management: you'll need to refresh devices every 3 years, handle warranty claims, and manage a device inventory.
When COPE works: most enterprise scenarios. Field teams, office workers, executives. Anywhere you need strong security without making employees carry two phones.
CYOD: Choose Your Own Device
CYOD is a COPE variant with one twist: the employee picks their device from a pre-approved catalog. The company still pays. IT still manages it. But the employee gets to choose between, say, a Samsung Galaxy S25, a Google Pixel 9, or an iPhone 16.
This matters more than it sounds. Device satisfaction directly impacts adoption. If you hand a lifelong iPhone user an Android phone, they'll spend the first month fighting the OS instead of doing their job. CYOD eliminates that friction.
From IT's perspective, CYOD adds complexity. You need to maintain MDM configurations and tested app deployments for every device model in your catalog. Three models is manageable. Ten is a nightmare. The sweet spot for most organizations is 4 to 6 approved devices, refreshed annually.
One hidden benefit: CYOD makes hardware negotiations easier. You're buying in bulk from 2 or 3 manufacturers instead of one, so you can play vendors against each other on pricing. Samsung and Apple both offer enterprise discount programs that kick in at 100+ units.
When CYOD works: companies with diverse teams who'd resist a one-device mandate. Works well when you already run a multi-OS environment (iOS for executives, Android for field ops).
COBO: Corporate-Owned, Business Only
COBO is the most locked-down model. The company buys the device, and it's used strictly for work. No personal apps, no personal accounts, no YouTube during lunch break. The phone is a work tool, like a barcode scanner or a forklift.
You'll typically deploy COBO devices in kiosk mode or with heavy restrictions: a single app or a small set of approved business apps, disabled camera, blocked USB transfers, mandatory VPN. Some COBO deployments don't even have a dialer, just a task-specific application running in full screen.
COBO is standard in warehouses (inventory scanning), retail (point-of-sale terminals), healthcare (bedside charting), and logistics (route management). These are shared devices that multiple employees use across shifts. Nobody expects to check Instagram on a warehouse scanner.
The management overhead is actually lower than COPE or CYOD because the devices are identical and the configurations are uniform. You deploy one profile and push it to 500 devices. When a device breaks, you grab a replacement from the shelf, power it on, and zero-touch enrollment does the rest.
When COBO works: shared devices, single-purpose deployments, high-security environments, frontline and deskless workers.
When it doesn't: roles where employees need the device outside work hours (sales, field engineers, on-call staff).
How to Pick the Right Model for Each Team
Most companies don't use a single model. A 2024 Samsung Knox whitepaper found that 62% of enterprises with 1,000+ devices run two or three ownership models simultaneously. The trick is matching the model to the role, not to the organization.
Here's a practical decision framework:
Start with the job function. Is the device a primary work tool (COBO or COPE) or a convenience add-on (BYOD)? Warehouse workers who scan barcodes 8 hours a day need a dedicated device. Marketing managers who check Slack on their phone don't.
Then check your compliance requirements. If you're subject to HIPAA, PCI-DSS, NIS2, or SOC 2, you probably need corporate-owned devices for any role that touches regulated data. BYOD with a work profile can satisfy some auditors, but it's harder to prove full control.
Factor in employee preference. Forcing COBO on a sales team will tank morale. Forcing BYOD on a security team will get you an incident report. Talk to the team leads before deciding.
Finally, run the numbers. BYOD saves on hardware but increases support complexity (every phone model is different). COPE costs more upfront but simplifies management. COBO has the lowest per-device management cost because everything is standardized.
Managing Multiple Models with MDM
Your MDM solution needs to support all four models natively. Not every MDM does.
With Appaloosa, you can run BYOD work profiles, COPE fully managed devices, and COBO kiosk deployments from the same console. Each ownership model gets its own enrollment flow: QR code for BYOD, zero-touch for corporate-owned, kiosk provisioning for COBO. Policies are assigned per group, so your warehouse COBO devices and your sales COPE phones don't share the same restrictions.
The critical capability is separation. An MDM that can't cleanly separate work and personal data on a COPE device, or can't enforce kiosk mode on a COBO device, will force you into workarounds that nobody maintains after the first quarter.
If you're running 200+ devices across multiple ownership models, audit your MDM's capabilities against each model before signing a contract. The gaps show up fast once you're past the pilot.