Report on Bring your own device (BYOD)

Introduction of Bring your own device (BYOD)

            Bring your own device (BYOD) is the service that many companies are providing to their employees, which can save the resources of the company as well as they can effectively work on these devices and the main benefit is that BYOD makes sure of connection of company officials with the employees. But there are some security issue with own devices such as loss of confidential data and resources. The report is providing the brief information related to BYOD and its use. The risks associated with BYOD are also discussed in the point A. Point B is providing best practices of risk management information. Part C is providing brief information on the collective security as well as the part D is providing the staff element in the successful use of BYOD.

BYOD & Use of Bring your own device (BYOD)

            BYOD is basically a phrase bring your own device which is widely to refer to employees who bring own device such as the laptops, smartphones as well as tablets in the workplace for better use as well as connectivity on the secure corporate network. According to this concept, the companies provide computing devices to its employees officially to make more secure the corporation as well as for better connectivity of employees with the company. It is also provided information of its use in this document that it is used to improve the environment of the company. The organizations use BYOD technique to get access their employees. The main benefit of using this technique is when the employees use their own device for their work tasks, then the IT teams of the company may feel free and they will spend less time to fix common problems into the devices by using simple processes.

Point A: Risks associated with BYOD

            Several employees working in the companies with BYOD use, can perform irrelevant and suspected activities to get unauthorized information and service on the network of the company. The employees have greater responsibility to protect and make secure the data of the company more secure than organization because they have secrets as well as they manipulate the devices. Furthermore, the employee that are using their own devices, they have skills to manipulate data and confidential information of the company, so they should have protected information and they must have to understand the risks as well as threats well the enough to uphold the ethical obligations to protect information and the resources of the company from abuse and the unauthorized access.

            There is also a high possibility to committing theft of the finances as well as the confidential information by using own devices of the employees. The policies of BYOD can make easy to say in the contact with employees but it is the data theft risk always exist because the device may connect with the unsecured network at the time of sending or receiving files or confidential information. The attackers and the data breachers always remain in search a moment to attack on the network and computing device. They can attack by using, malware, worms, and other viruses. So, to prevent this situation, the employees should have proper training and to the use secure environment and network.

            The hackers and the attackers can attack on BYOD which can be vulnerable for the network of the company as well as for vulnerable for privacy of the network. This thing can be possible in on situation that the own devices of employees allow them to attack and the reason is the if the untrained employee has also in BYOD technique, then it might possible that he can use weak network or may perform any action that can decrease the security level. Furthermore, BYOD increase the risks of leakage of information and data and it can also permit hackers and attackers to the attack on the network of the company (Pillay, et al., 2013).

Future Risks of Bring your own device (BYOD)  

There can be some noticeable and very vulnerable risks of BOYD that can take the business of the company at the risk. The first future risk for the BYOD company is the data theft opportunities because the BYOD policies can make the task of data theft and finances theft easy in which the attacker can attack with more force. The device of the employee may be lost that will also increase the risk for the business of the company. furthermore, the ransomware and the worms including phishing email to the employee in their own official devices may be inserted in the network of the company that can be very dangerous and harmful for the company network.

            The example of the future risks of the use of IoT device in the company is that the hardware of IoT devices being using in the company will become outdated but the technology will become advancer that can break the weak and default credentials of the devices. Furthermore, the attackers are also using the IoT devices that can be very vulnerable and dangerous for the security of the company devices such as the biometric attendance and lock system of the company will be broken by using updated attacker’s devices and techniques (French, Guo, & Shim, 2014).

Point B: Best practice on approach to BYOD risk management

Best Practices to Protect BYOD of Bring your own device (BYOD)

            There are many companies allow their users to access the resources of the organization by using own devices because BYOD reduces the cost of the company in most of the functions but the permission of using the resources through mobiles or other devices can increase the risk for the resources of the company. To minimize and prevent this effect, best practices were made internationally which are also highlighted in this document. The most critical practice which is used to mitigate and prevent risks in BYOD is the minimization of data and critical information of devices.

·         Minimization of data and critical information on devices

·         Use of the advance secure connection techniques

·         Reducing the protocols and connections that connect to the network through devices

·         Never support jail broken and the rooted devices

·         Use one-time password

·         Incorporation of education of BYOD security within onboarding and the communications of employee working in enterprises

Human Resource Management Role of Bring your own device (BYOD)

            Human resource management practices are also playing the significant role to manage and minimize the risk of BYOD. The talent acquisition and management practice ensure that the selected employee is managed and the devices are distributed in talented, trustworthy and strong ethical employees. By using the ethical leadership and practices, every employee can be monitored in daily works and it can make sure and manage the risks. The regulatory and compliance practice, the managers should have information local and international laws of labor to follow the basic principles and they report of every issue. The most important practice of HR is the training and development that make every employee able how they can manage and handle the situation and what they have to do at that time (Moyer, 2013).

Apple Company of Bring your own device (BYOD)

            The Apple company is the company that is effectively manufacturing mobile and laptop devices for their customers. The company has also used the BYOD for their employees which is beneficial for the company resources but it has also some security risks and issues. But Apple is using some effective practices for BYOD security by introducing and installing the screen lock, facility, blocking of unknow sources on the work profile and the devices, face unlocking security as well as some human resource management practices. The Apple company itself an IT company that focuses on the security of their devices and never compromise on the BYOD risks as well as other types of risk that can be harmful for the company.

Point C: Collective security of Bring your own device (BYOD)

            By knowing the risks of BYOD and the employees devices, many companies can also collectively work on the collective security because it is the issue not only for one company but it is the vulnerable for all companies. They collectively use some protocols and security service by developing technology to make the devices secure to bring in the company. Some sensitive companies are also using jammers to increase security.

            The devices which are given officially to every employee in the company who is eligible for this service, have been registered. Furthermore, if the employee try to misuse the device to take unauthorized access to the resources of the company, their device’s mac addresses will be captured in the company system. By implementing such systems, the company can track every device given to the employees even the system will also capture the access time of the device.

Point D: The staff element in the successful use of BYOD

            The staff members or the employees working in the company are most important players in BYOD because they have to work on the devices as well as they also have to manipulate the devices and the data of the company. So, they are most important players increase the security or invite the threats. The companies should have to provide the basic and important knowledge and training to employees to increase the security of the devices. They should be trained in the start of their jobs as well as they also have to be encouraged to take training about the ethics and security and the privacy of the company. In the training they will be notified that they are responsible for the security of information of the company.

            Every employee who has granted own devices officially from the company, should have information of his limits and boundaries of service on the personal devices. when he will understand boundaries, he will be able to take the service. On the other hand, the information related to BYOD policy’s sensitivity is also provided to the employees while using their device. Every company in the world that is using BYOD at workplaces, must have to make, set and define some security and safety measure for the prevention of harmful and abusive use of the resources of the company. There can be very important problem occurred such as confidential data leak if the employee is allowed to bring their own devices in the company.

Conclusion of Bring your own device (BYOD)

            It is concluded that BYOD is basically a phrase bring your own device which is widely to refer to employees who bring own device such as the laptops, smartphones as well as tablets in the workplace for better use. Several employees working in the companies with BYOD use, can perform irrelevant and suspected activities to get unauthorized information and service on the network of the company. There is also a high possibility to committing theft of the finances as well as the confidential information by using own devices of the employees. The example of the future risks of the use of IoT device in the company is that the hardware of IoT devices being using in the company will become outdated but the technology will become advancer that can break the weak and default credentials of the devices. To minimize and prevent this effect, best practices were made internationally which are also highlighted in this document. The regulatory and compliance practice, the managers should have information local and international laws of labor to follow the basic principles and they report of every issue. The Apple company itself an IT company that focuses on the security of their devices and never compromise on the BYOD risks as well as other types of risk that can be harmful for the company. The staff members or the employees working in the company are most important players in BYOD because they have to work on the devices as well as they also have to manipulate the devices and the data of the company.

References of Bring your own device (BYOD)

French, A. M., Guo, C., & Shim, J. P. (2014). Current status, issues, and future of bring your own device (BYOD). Communications of the Association for Information Systems.

Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD policies and usage. . Journal of Hospital Librarianship, 197-208.

Pillay, A., Diaki, H., Nham, E., Senanayake, S., TAN, G., & Deshpande, S. (2013). Does BYOD increase risks or drive benefits?. BYOD security.