Bring Your Own Device (BYOD) is a policy where employees are permitted to bring their devices such as computers and smartphones to the workplace. BYOD is a trend as different enterprises and organizations are investing in its policies (Song, 2014). The workers are allowed to access enterprise system and information using their personalized gadgets. Additionally, the personnel also have the freedom to access their personal, corporate emails and view text documents on the phones and tablets. BYOD initiative is fast growing in the business world, and about 44% of employees in developed markets and 75% in high growth regions are using their own devices in the workplace. Moreover, various researchers that were done show that business cannot stop employees from bringing their devices into the workplace. Nevertheless, the BYOD program can pose some challenges and threats to the IT security and the enterprise system if not well monitored.
Key Components of a BYOD Program
In as much as businesses want to implement the BYOD program, the ideology has several components that are worth their understanding.
Security Policies
These are the necessary BYOD policies that guide its users. Various elements are considered in drafting this program like whom, when, and where can one use their own devices. Notably, security is a matter of concern in the implementation of BYOD because sufficient safety would prevent risks such as hacking and loss of information through a virus. Doherty (2016) points out that, regardless of BYOD policies, people at work use their devices how they want hence putting security at risk. The involved parties, IT staff, and administrators need to discuss and come up with parameters that would ensure maximum safety.
User Policies and BYOD Agreement
Companies need to define what guidelines BYOD users should follow when accessing the corporate network and sensitive data. A good policy should outline the prohibited activities, applications, websites and data that the employees are not allowed to access. An acceptable policy and user agreement are of importance in securing the liability of the organization in case of illegal activities in the IT resources. A well-drafted contract should be written between the authorized user and the organization (Dang-Pham " Pittayachawan, 2015). Therefore, companies should consult their policies before drafting any agreement. BYOD agreement ensures that both the interest of the company and the users are protected, and also it outlines the responsibilities of the involved parties.
Reasons why Organizations Enable BYOD Programs
Employee Satisfaction
Allowing employees to bring their device that they have invested into the workplace promotes employees satisfaction as suggested by Tryfonas (2017). Typically, a business enterprise increases its productivity when the employees are satisfied. The fact that employees give more attention to their own devices than the ones given to them by the company also creates the need for the adoption of BYOD.
Cost Saving
Cutting cost is a primary objective of any business enterprise, and BYOD has contributed to minimization of expenditures resulting from having to purchase devices like computers and phones for the employees.
Increase in Productivity
The businesses also enable BYOD to enhance productivity that comes as a result of the workers using their devices that they are conversant with (Tryfonas 2017). Therefore, the staff can work with speed and accuracy that leads to efficiency in output.
Advantages and Benefits of BYOD to the Organization and Staff
Lower Costs
A company will not have to purchase the devices to be used in the program. Hayes " Kotwika (2013) highlights that Implementation of BYOD program saves on the cost that the enterprise would have incurred by purchasing the devices keeping in mind that those gadgets are expensive. Also, the cost of breakages is reducing since employees would take good care of the equipment they invested on.
Promotes Flexibility
Employees benefit from the fact that they may not need walking around with many gadgets, just one device and it satisfies both personal and work needs (Hayes " Kotwika 2013). Also, employees can work from anywhere since they have access to all the data they want using their device. Moreover, the workers may not be bound by the strict rules when using the enterprise property.
Familiarity
Every individual is familiar with what they use; apple users are flexible with Apple devices, and the same applies to windows and Android users (Hayes " Kotwika 2013). Using unfamiliar tools can be challenging, and BYOD program helps by allowing each employee to use the device of their choice in the workplace.
Disadvantages and Business Risks Introduced by BYOD Programs
Organizational perspective
Cyber-related security is at stake in all platforms today; this is true in BYOD program as well. According to Morley (2014), companies spend a lot in securing their security systems since affording the cost of leaked data or malware attack is too high. Also, company data is at risk of misuse of data when an employee leaves the organization and is still capable of retaining vital corporation’s information. For instance, an ex-worker who might even have the assigned phone contacts of an enterprise may intentionally communicate rudely with the firm’s client, thereby resulting in loss of customers. Moreover, an employee in the sales enterprise may readily turn into a competitor and have access to client’s information. Furthermore, the company faces difficulties in technical support due to device disparity. Hayes " Kotwika (2013) highlights that, when employees come with different gadgets in the workplace, it leads to lack of uniformity in the IT support system.
Employees’ perspective
Employees’ privacy is at risk when they connect their devices to the BYOD program. Additionally, individuals will not exercise the freedom of doing what they want with their devices (Song " Kong, 2017). They will have to limit themselves on what they share on social networks and the websites that they visit. The company can have access to their activities since their gadgets are connected to the company’s system.
Ways that IT Managers can Mitigate the Risks BYOD
Security of IT-related systems is a common issue requires attention at all times. Doherty (2016) suggests that an IT department needs to be prepared to curb the security-related risks. Due to the threat of having unauthorized access to the company’s system, it is appropriate to install passwords into the BYOD program. This initiative will allow each employee to access the system with a unique password thus preventing unauthorized access to the enterprise system (Weir, 2014). Also, the devices that are being used in the program should be well equipped with up-to-date anti-virus programs preventing malware from attacking the system. Doherty (2016) further points out that, the IT department should also encourage the employees on encrypting data when they are in local areas or any other place, and they are not working. Individuals should also consider separating their data from the company’s information.
No employee was meant to be permanently an asset of a company; workers do retire and resign from their jobs. BYOD policies might not help in case an ex-employee gets access to the company’s data and information (Robins, 2013). In curbing up misuse of data by ex-workers, an enterprise should restrict its employees from accessing some of the data that are very sensitive to the organization. Also, drafting an agreement where the IT department can remotely wipe company’s data from employees who leave the organization.
The issue of uniformity in the end user support cannot be avoided, but it can be controlled. The IT department should identify and outline some of the device models and operating system that can be used in the workplace. A typical application that covers all features of the enterprise should be created (Robins, 2013). When employees bring devices that have some similarity, the issue of lack of uniformity in the support system may be reduced.
Things to Consider before individuals Connect their Own Device in a BYOD Program
Before individuals connect their BYOD devices to any Wi-Fi network, they must make sure that it is secured. When employees connect their devices to unsecured Wi-Fi networks, without robust security measures, hackers can get access to the BYOD system. These hackers may use the company’s data how they want whenever they have access to the system (Robins, 2013). Workers should understand the importance of securing their devices with strong passwords. The passwords should be unique and long enough for anyone to guess. Hackers have different strategies for discerning passwords, so choose something that it is difficult for someone to figure out. Before connecting into BYOD program, employees should take passwords formulation seriously. Also, every device should have a different password.
Lost or Stolen Device
Individuals should understand the correct procedure to take when their BYOD device has been stolen. Reporting the incidence to the authorized bodies will be advantageous and to the company as well (Tryfonas 2017). The company may wipe the device remotely hence protecting their data, the employee’s data will also be erased. By wiping individual’s personal information promotes the employee privacy.
Increased Benefits
There are more benefits that the employees are going to gain by connecting their own devices to the BYOD program. They will exercise the freedom of using their gadget how they want; the company will also benefit from increased productivity (Song, 2014). Collaboration among the employees will also be much more accessible hence they will be much satisfied with using their device.
There will be periodic training
With the high rate of advancement in technology, employees should expect frequent training sessions. Malware is being created every day; they need to be updated on how to handle security threats before being attacked (Dang-Pham " Pittayachawan, 2015). Workers should know which devices the organization will accept and managed by IT staffs.
Conclusion
The BYOD program encourages employees to bring their own devices to the workplace. Although, various components should be observed before an organization implements this program. The company’s system should be well equipped as the workers will be free to access the enterprise data from anywhere. Also, an agreement needs to be drafted in the presence of the organization legal counsel. Nevertheless, individuals should be well prepared for periodic training, and they should also know the correct legal means of handling their lost or stolen devices. BYOD program proves to be a beneficial asset to business enterprises. With the advancement in technology, this program enables a company to compete in the current business world efficiently. This policy promotes freedom in the workplace and also increases production which is one of the leading objectives in an enterprise. An organization should consider the key components and security threats that are involved in BYOD program before implementing it.
Reference
Dang-Pham, D., " Pittayachawan, S. (2015). Comparing intention to avoid malware across contexts in a BYOD-enabled Australian university: A Protection Motivation Theory approach. Computers " Security, 48, 281-297.
Doherty, J. (2016). Wireless and mobile device security. Burlington, MA: Jones " Bartlett Learning.
Hayes, B. E., " Kotwica, K. (2013). Bring your own device (BYOD) to work: Trend report. Oxford: Elsevier.
Morley, D. (2014). Understanding computers in a changing society. Australia: Delma
Robins, B. (2013). Corporate owned, personally enabled – better than bring your own device? Retrieved on March 21st, 2018 https://www.theguardian.com/media-network/media-network-blog/2013/apr/24/corporate-owned-personally-enabled-cope-byod
Song, Y. (2014). “Bring Your Own Device (BYOD)” for seamless science inquiry in a primary school. Computers " Education, 74, 50-60.
Song, Y., " Kong, S. C. (2017). Affordances and constraints of BYOD (Bring Your Own Device) for learning and teaching in higher education: Teachers' perspectives. The Internet and Higher Education, 32, 39-46.
Tryfonas, T. (2017). Human Aspects of Information Security, Privacy and Trust. Cham: Springer International Publishing.
Weir, M. (2014). BYOD topic: How complicated can calendars be. Journal of Cybersecurity and Information Systems, 2(1), 18-19.
