Re: What are we trying to prevent?
Another very good point. If you have put enough trust in a person to employ them, then what exactly are you preventing by making data hard to take off site, or transfer to non-company equipment?
There are obvious use cases where that will be a requirement, like GCHQ, or the FBI. Even the Police force need to be very careful.
But for us day to day enterprise level peons, the risk simply doesn't exist. You don't need military grade IT security policies to run, say, a construction firm.
In any case, I don't even think it's possible to truly prevent if someone really wanted to do it. You can put deterrents in, but that aint gonna stop someone on a mission.
From experience, BYOD generally provides most (if not all) headaches in the form of hardware and software compatibility with existing enterprise systems, and of course. the well known woeful reliability and build quality on consumer grade tat.