Study of 300+ MSPs reveals employee-owned devices as the last major unmanaged risk—Aura Business for MSPs introduces an identity-first approach to close the gap
BOSTON, April 15, 2026 /PRNewswire/ — A new Omdia-authored whitepaper, “The BYOD Opportunity: What MSPs Need to Close the Last Unmanaged Gap,” reveals that unmanaged personal devices have become a growing source of risk — and opportunity — for MSPs, driving a significant security gap across their client environments. This study was commissioned by Aura Business.
The problem: BYOD management demand is rising — and so are security incidents
The demand for BYOD security is already established across the MSP market. In a survey of 319 U.S.-based MSPs conducted by Omdia in early 2026, 65% reported that at least one client had asked for help addressing the security or data-exposure risks of employee-owned devices in the past 12 months, with 45% saying multiple clients had raised the issue.
At the same time, the risk is no longer hypothetical. 55% of MSPs reported at least one BYOD-related security incident in the past 24 months. Despite this, most MSPs aren’t offering BYOD management. There is a 55 percentage point gap between corporate laptop monitoring (79%) and employee-owned device monitoring (24%), leaving personal devices, which regularly access corporate email, files and credentials — largely outside the managed perimeter.
The shift: identity is the real risk, not devices
Among the 177 MSPs who reported BYOD-related security incidents, reported causes included:
- 45% cited credential theft or account compromise
- 42% reported email or messaging compromise (primarily phishing)
Only 29% reported lost or stolen devices, which — Omdia notes — for years has been the primary mobile security concern. This signals a clear shift toward identity-based threats, where attackers exploit credentials and access points on personal devices connected to corporate systems, not the devices themselves.
The opportunity: a new category of security services
This gap represents more than just risk — it’s a clear business opportunity for MSPs.
The research shows that BYOD-related requests are not abstract, but structured and repeatable. Half of MSPs report that clients want help implementing technical controls, 46% are asked for best-practice recommendations, and 40% are asked to define or review BYOD policies — services that map directly to MSP delivery models.
MSPs are already signaling intent to act:
- 92% said they could see a path to offering BYOD services
- 36% preferring to offer such services as an optional add-on to existing services
As traditional IT services face increasing pricing pressure, BYOD security stands out as a high-value, security-adjacent offering that can drive differentiation and recurring revenue.
Closing the gap with Aura Business for MSPs
Aura Business for MSPs was purpose-built to allow MSPs to:
- Enforce identity-centric security policies without taking ownership of the device
- Enable employee self-enrollment with no manual configuration
- Monitor device health and automatically restrict access when risks are detected
- Integrate directly with existing environments like Microsoft Entra
By removing the operational and liability burdens of traditional device management — and doing so without accessing personal data — Aura enables MSPs to deliver a scalable, privacy-first BYOD solution that fits into their existing service stack.
The data is clear: clients are asking for help, incidents are already happening, and most MSPs are not yet equipped to respond — making solutions like Aura Business for MSPs well-positioned to help providers adapt to this shift.
For more information, read the full Whitepaper here and visit aura.com/msp.
About Aura
Aura is one of the fastest-growing online safety solutions for individuals and families. Whether you’re protecting yourself, your kids, or your aging loved ones, Aura meets your needs at every stage of life. From real-time threat detection and scam alerts to tools that help parents protect their kids from predators, cyberbullying, and tech-driven mental health risks, Aura empowers families to thrive in the digital world. Learn more at aura.com.
About Omdia
Omdia is a market-leading data, research, and consulting business focused on helping digital service providers, technology companies, and enterprise decision makers thrive in the connected digital economy. Through our global base of analysts, we offer expert analysis and strategic insight across the IT, telecoms, and media industries. We create business advantage for our customers by providing actionable insight to support business planning, product development, and go-to-market initiatives. Our unique combination of authoritative data, market analysis, and vertical industry expertise is designed to empower decision-making, helping our clients profit from new technologies and capitalize on evolving business models. Omdia is part of Informa TechTarget, a B2B Materials information services business serving the technology, media, and telecoms sector. The Informa group is listed on the London Stock Exchange.
Omdia Methodology
Omdia conducted a survey of 319 US-based managed service providers in Q1 2026. All respondents derived more than 50% of their revenue from managed services. The sample captures a range of MSP sizes: 38% reported annual recurring revenue above $10 million, with the remainder below that threshold. Sixty percent of respondents at director level or above. The client profile skews mid-market: 59% of respondents serve clients with 100 or more employees, though MSPs serving smaller clients are also well represented in the sample.
View original content to download multimedia:https://www.prnewswire.com/news-releases/msps-face-growing-byod-security-gap-as-demand-and-risk-surge-new-research-finds-302743300.html
SOURCE Aura
