Bring Your Own Device (BYOD): Popularity and Security Risks
By Shelley M. Latreille
This is an article I wrote for my Wireless Networking class.
This article discusses BYOD (Bring Your Own Device) and its increase in popularity in the workplace, along with the security threats that it brings. Employees can use their preferred devices. The goal of BYOD is to empower employees, increase productivity, reduce stress, reduce animosity, and reduce costs in the workplace. This practice has become the consumerization of IT. It is creating a practice of IT self-sufficiency. There are occasions where employees’ devices are more advanced and newer than their company’s devices. Employees have more flexibility in their work when they are using their preferred device, which leads to a higher rate of satisfaction. Many employees are more comfortable using their devices and can work faster. Employees will become more productive and will be motivated to perform their job functions to the utmost of their abilities. It encourages employees to be innovative and collaborate. The company saves money on device maintenance, device management, training, software, hardware, licenses, and the devices themselves (Evans, 2019).
BYOD creates security threats when it is not understood and / or regulated, which puts an organization and its data at risk. When a company allows BYOD, it must perform due diligence to protect itself. A company must weigh benefits verses security risks to find out if it is a fit for the company and its employees. A company’s IT Department must assess the data that employees can access and the risks that the data will be subjected to. A BYOD security and usage policy must be implemented. All employees should be required to sign and adhere to this policy. This will ensure that the proper security measures are taken if an employee’s device is lost, stolen, and / or compromised. It will also ensure proper steps are taken if an employee uses their device to steal company data. The security policy also will need to incorporate how company data is protected and how employee devices will be protected (Evans, 2019).
An organization should ensure that all employee-owned devices are configured to comply with security parameters before allowing the device to connect to the network. These are transportable devices that are taken to and from the organization, unlike typical company-owned devices. MAM (Mobile Device Management) can be implemented to manage workplace applications. MDM (Mobile Device Management) can be implemented to manage the employee-owned devices. COPE (Corporate Owned, Personally Enabled) can be implemented, which would mean that the company owns the devices and pays for them, but the employees can use them for personal use (Doherty, 2016). BYOD causes convenience and security to go to war with one another. It can open a company up to hackers, viruses, malware, and many other security threats if proper security measures are not implemented (Evans, 2019). The basic tenants of network security, which are confidentiality, integrity, and availability, should always be adhered to in order to reduce the number of security threats to an organization (Doherty, 2016).
References
Doherty, J. (2016). Wireless and Mobile Device Security (1st ed.). Burlington, MA: Jones & Bartlett Learning.
Evans, D. (2019, November 06). What is BYOD and Why is it Important? Retrieved from TechRadar:
https://www.techradar.com/news/computing/what-is-byod-and-why-is-it-important-1175088