The Implementation of Bring Your Own Device (BYOD) Policy in the Workplace
Technology today has become not only powerful but ubiquitous, with that being said it has risen to become one of the world’s most powerful sources. Technology is used in various aspects; From work use to personal use, Technology is used all around us. With society being tech driven nowadays, it makes sense over the years the rapid growth of technology has paved the way for flexible ways to carry devices in the palm of your hand or on the go. Technology and mobility have become hand in hand and together have created a paradigm shift in recreation. I chose to research about one of the most fascinating challenges in the IT sector at the moment; Bring your own device (BYOD). This issue has become a no brainer for IT professional, so I took this opportunity to research about the disadvantages. In doing this research enable me to finally obtain information on how to go about this challenge.
BYOD is typically a policy in which an employer allows an employee to bring their personally owned devices into the workplace in order to access company application and information. Mobile devices such as tablets, smartphones and laptops has made it easier for workers to access information from anywhere. This being a new trend, companies are force to adopt to this new style of allowing workers to bring their own devices (BYOD) to work. According to BYOD ISSUES AND STRATEGIES IN ORGANIZATION BYOD was adopted because “Many organizations are adopting BYOD strategy since they recognize that employees have grown up with mobile devices and view these devices as the primary means of connecting, interacting with others, and increasingly using their mobile devices for work-related purposes. Eighty-eight percent of IT directors involved in a recent survey (300 were involved) believe employee morale has improved with an organization’s BYOD policy [9]. Clearly, the mobile-centric workplace is here to stay”. Accepted or not, the need for mobile technology in the workplace has skyrocketed. “By 2022, the Bring your own device (BYOD) market is predicted to reach nearly $367 billion, which is an unprecedented to increase from just 30 billion in 2014” (Anna Johansson). BYOD has taken the workplace by storm and there’s no way employees can go about it then to implement it and hope for the best. There’s is always an advantage and a disadvantage to new things.
BYOD is rapidly evolving challenge to organization and Information Technology culture that employers must weigh the risks of adopting a BYOD program against their industry needs, budget, IT, organizational culture. The disadvantages that comes with BYOD is having to force the hand of IT professionals to control which application can be used over the corporate network and making sure employees do not mistaken as to what applications can or cannot be install onto their personal device. In doing so they must consider a network policy management system that addresses concerns such as instant messaging, video and photography storage, email and texting, device tracking, internet browsing on and off corporate premises, wiping of devices or containers and interoperates with the external device management application that monitor device usage. According Mis Quarterly Executive “Attackers continually find new ways to spot software vulnerabilities that they exploit to steal data, intellectual property, user credentials and money. They hold organizations hostage through ransomware, launch sophisticated phishing attacks and use social engineering to prey on employees, customers and business partners. In every industry, organizations are at risk, as illustrated by the following recent high-impact incidents:
- In 2016, a central bank in Bangladesh lost a whopping $100 million to hackers
- Two breaches, together affecting every Yahoo customer, jeopardized that company’s planned 2017 $4.8 billion acquisition by Verizon
- In May 2017, systems worldwide were held hostage by WannaCry ransomware, and a data breach at Equifax put 143 million Americans’ social security numbers (and identities) at risk”. If employers do not implement these network policy management systems and ensure that these systems are being used or they endure the wrath of thousands of hackers.
Another disadvantage to this challenge is deciding whether to secure the network that the BYOD will be on or the device itself and how much to spend on security. Information Security is an important part of an organization that it needs a lot of attention and money invested in it. Even though it boosts employee morale it can be costly for company because IT professional might be clueless about what these devices could be embedded with and securing these devices plus the network in which they might operate on can be time consuming and difficult. Most organizations that allow employees to bring their own devices are experiencing high rates of mobile threats, including lost or stolen devices, malware and compromised company data. According to issues in information Systems a survey of mobile-security decision makers in companies with 10 or more employees in the U.S., UK, and Australia, found that more than half reported mobile threats. Sixty-one percent of survey respondents said they required additional IT resources to mobile security, resulting in higher costs. Further, sixty-three percent of surveyed companies reported significant increases in demand for help desk support to repair, replace or manage the security of smartphones and tablets in the company. Eighty-two percent of respondent in this study believe that mobile devices create a high security risk within the corporate environment. Employers can make insightful decisions by quantifying with the level or type of threat.
According Mis Quarterly Executive these decisions are informed by an assessment of the organization’s set of existing information security tools, policies and procedures, and its human, financial and technical resources. It is also helpful to categorize possible information security attacks by specifying the likelihood of each type of attack and the likely financial and other impacts. For example, an incident that shuts down a system or otherwise renders data unavailable will usually cause a greater financial loss than an incident that only compromises data quality (A2-13). Decisions about spending priorities can be informed by using the matrix. An incident that requires a system shutdown might be classified as moderate likelihood/high impact, while an incident that discloses non-sensitive data might be classified as higher likelihood/lower impact. For the highest-impact attacks, the CIO should demand credible evidence that quantifies the risk of these types of attacks. For higher likelihood/lower impact attacks, the CIO should ask for sound and comprehensive evidence that verifies the likely impacts will not be severe. To quantify the risks, organizations can use financial metrics (labor cost, lost profit, information asset value, business process cost, stock price), together with qualitative risk indicators (information quality, customer goodwill). By doing they can quantify and amount of money that can be invested into such an important part of an organization.
In conclusion to my findings, adopting to new things because it’s a trend or it’s where the industry is headed is atrocious. But it’s a necessity that the are well-defined policies and security measures in place for what’s supported or accessed in an organization. Before implementing BYOD in a workplace, there must be decisions regarding which direction should be taken whether the network of the corporation will be secured or limit employees on applications that should be use. After the decision, you verify with professional about the options available, depending on the organizational structure, cost and budget you make a decision on whether or not to implement, Also ensure its doable for the employees otherwise it will be the downfall of the organization.
Cite this Essay
To export a reference to this article please select a referencing style below