Challenges Faced by BYOD - Case Study Example

BYOD (Bring Your Own Device) Insert Insert Introduction The ever increasing numbers in the use of personal digital assistants, mobile devices and laptops is now part and parcel of our daily lifestyles and routines. Workers carry them to their various places of work, and consequently these organizations just have to deal with it. It does not stop there; these personnel reach out to the IT support teams for assistance on various technicalities concerning how these gadgets are used. The incorporation of BYOD comes with enormous benefits not only for the organizations concerned but also to the individuals using them. However, these activities also come with much security challenges to the interested organizations. It interferes with the IT community in the group both physically and in ownership of these assets. The real challenge is for these organizations to establish a procedure to accommodate these devices, develop a support mechanism for their works and one that would amicably comply with the security measures put in place. Challenges faced by BYOD An organization is encountered with similar risks that are posed by BYOD spanning their usage, geographical domain, and the risk profile. BYOD merely magnifies the already existing risks. The landscape risks are categorized into risks relating to the app, management of the environment the mobile is used, and securing the mobile devices. Before the inception of BYOD, it was easier to manage and protect an organizations devices from the now very many risks. It was so because most of these components were acquired from a similar manufacturer who provided a unified management interface platform (Rene Millman, 2012). It was part of an institutionalized security policy control that was consistently and persistently applied. Currently, this is a rather bigger challenge since most of the devices brought by workers in the various organizations are of different types and makes. They are also sourced from different manufacturers and come in various makes and models. They further have been architected to exist on their own and not in an enterprise surrounding with lots of management utilities around. Whereas the case of security risk began long ago even when there were less diverse devices, it has been aggravated by the varied and multiple devices users currently have. They all want to connect a multitude of them to the organizations infrastructure. The latter point does not only scale the number of devices to be secured at any point, it also complicates how this security is deployed since most have varied levels of effectiveness and run on different platforms. Their hardware and software are also not consistent at all. Such factors have left loopholes that are bypassed by various vulnerabilities even when there is an already existing management system in place (Rene Millman, 2012). An easier way, to address this security problem, is to prohibit these mobile devices and personal digital assistants or to lock them simply down. Whereas this method works, it has negative adverse effects. Studies have shown that these employees would engage in the use of rather unsafe mechanisms just to get what they are used to. It goes hand with the use of workarounds by these workers and compromise on their adoption. Organizations should strive to understand its users more especially international organizations that have to look at the use of local devices, the usage abilities and patterns of its users. It will be vital in categorizing the types of users and placing them according to their needs. At the core, is to conceptualize how technology affects will facilitate the actualization of their daily routines since this goes a long way to affect user satisfaction (David Weldon, 2014). To drive development, these organizations need to build an excellent user experience. To enhance the security of these devices, the management of the organization and its users need to familiarize themselves very well with the critical security loopholes. In this study, mobile devices and personal digital assistants face a number of risks regarding how they are secured. First is theft of the devices. The black market provides an easier and cheap market for most of the stolen smartphones and other mobile components. Information contained in these gadgets is also accessed by unauthorized people. Some even use this information to blackmail the owners or to gain access to undeserved privileges. An organization needs to insist on the use of basic security mechanisms such as wiping data remotely and encryption of their passwords (David Weldon, 2014). Secondly is having the mobile devices physically accessed by persons with ill intentions. Security of portable devices is less compared to stationary ones since it exposes them more to the attackers some that will use harsh means to access them. The above situation is worsened by workers using an outdated software, hardware or a combination of both rather. These devices offer less data security mechanisms and password encryption (Tom Kaneshige, 2014). In a way, the organization should advise its workers on the kind of methods suitable for them to use to prevent the use of insecure components that would compromise the security levels of the organization. Who owns the devices? Some group strictly provides their workers with the methods to use in executing their duties whereas others ask their employees to acquire for themselves what they think are most suitable for them to carry out their duties successfully. Irrespective of either of the cases mentioned, it is inevitable that an increasing number of employees will have their own devices in the workplace. Organizations should just cope with the idea and mitigate the looming risks coming with it because this is really unstoppable. There are increased unauthorized data being accessed since BYOD came into play. Many employees currently travel all over the world with data belonging to their organizations alongside personal data. Previously this was not the case since all the corporate data was left at the workplace. Misplaced, stolen and lost gadgets have this information with them and some if not all of the people these information lands on use it for personal gain sometimes compromising the security of the organization. At other times, the entire reason for their existence is compromised (Tom Kaneshige, 2014). Applications have become an integral part of mobile devices and personal digital assistants. They come in social networking, gaming posting many risks especially on the organization data. It is due to the existence of malicious apps and the vulnerabilities the apps come with. In a way, it calls for management of the apps, for example, through developing an app-store for the organization and managing what is put there. Use of antivirus that has been certified and proven fit for mobile use should be used on these PDA’s and mobile phones. The aim is to secure operating systems vulnerable to malware. Finally, it is a good idea to have a continuous assessment program for the ever evolving mobile phones applications to determine their suitability (Casey Kevin, 2012). Securing devices as a result of BYOD Any organization, that plans to be upfront in mitigating security issues in the organization, should highly buy the idea of mobile device management. It is to develop a workable policy and monitor, assesses and suggest their usage. Intermittent is the accessibility issue. There should be a definite way in which the above processes are carried forth. Implementation of tested and proven industry policies. It is a diverse and broad field that will deal with setting of login passwords, encryption of the passwords, setting pins, tracking the number of failed attempts and an inbuilt or external capacity to wipe or clear data from a stolen or misplaced component (Casey Kevin, 2012). All these mechanisms are to make it difficult for foreign parties to have accessibility to the corporate data. Some of them maybe immediate competitors who would use it to overdo or outsmart the parent organization. There is importance in setting a minimum required baseline of the hardware and software being utilized in the corporate body. This process involves certification of the hardware and software including the operating system. Evaluate the different scenarios the devices will be used. The result of this investigation is to mitigate the risks identified. It involves a careful analysis of how these components which are made use, where they are used and what they are used (Casey Kevin, 2012). The resultant revelation will aim to predict the loopholes left by these devices and how to counter them in the most efficient way with minimal damages encountered. Conclusion Organizations should always be prepared to counter the ever evolving and increasing acceptance of BYOD. Whereas BYOD comes with many risks to the parent organization, the benefits are far much more. There needs to be a set way that is workable for a particular organization in handling the risks posed. It should be a continuous and wholly inclusive program that is aimed at improving how the employees carry out their duties and also to safeguard the organizations data. Putting in place appropriate programs to sensitize the employees is imperative to making them aware of the challenges that come with the usage of these gadgets. Accordingly, they should be taught how to use available safety measures to safeguard both personal and organizational data. List of References 2012, fighting to close the gap: EY’s 2012 Global Information Security Survey September 2013, Insights on governance, risk, and compliance Rene Millman, ITPro. “Surge in BYOD employees using their own devices.” Aug 12, 2012. Retrieved 9 Jan, 2015. Casey, Kevin (19 November 2012). “Risks Your BYOD policy must address.” InformationWeek. Retrieved 9 Jan 2015. “Bring your device (BYOD) policies.” Fraud Advisory Panel, 23 June 2014. Retrieved 9 Jan 2015. David Weldon, FierceMobileIT. “No one-size-fits-all solution for BYOD policies, panel reveals.” May 13, 2014. Retrieved 9 Jan 2015. Which, Dean. “The Benefits and Risks of BYOD.” Manufacturing Business Technology. Retrieved 9 January 2015. Tom Kaneshige, CIO. “Attack of the BYOD-Killing MDM software.” February 4, 2014. Retrieved 9 Jan 2015. Read More