My workplace would never allow for us to bring our own devices into the facility! I was quite surprised to find out that this was a thing!
Upon doing some research on this topic I found out some interesting facts. I found it interesting that BYOD encompasses more than just computers. It also means that employees may use smartphones, tablets, kindles, and more for their work. The concept of BYOD includes personal software and services, as employees use iCloud services and other tools on the web (Eschelbeck & Schwartzberg, 2017).
To begin, I will discuss the security issues that would be encountered. It’s risky to assume that prohibiting the use of personal devices solves the problem. I say this because the average employee ends up using their own device anyway because it is not monitored by work place security policies. But, regardless of what you think about BYOD and however workplaces choose to implement it, IT managers should treat it the same way as any introduction of innovative technology: with a controlled and predictable deployment of security (Eschelbeck & Schwartzberg, 2017).
When it comes to devices being introduced into the workplace, a few questions should be addressed.
1) Who owns this device?
Is this a trustworthy person? In the past, the company owned the devices, whereas in this case. the employee owns the device (Eschelbeck & Schwartzberg, 2017).
2) Who manages this device?
How is security going to be managed, if the employee is in charge (Eschelbeck & Schwartzberg, 2017)?
3) Who secures this device?
Accountability is not something that goes away for an employee just because they personally own the device (Eschelbeck & Schwartzberg, 2017).
All organizations have the flexibility to embrace BYOD as much as they feel reasonable. But, there are companies who have decided the risk is too great and choose not to implement a BYOD program (Eschelbeck & Schwartzberg, 2017).
In May 2012, a facility banned its 400,000 employees from using their own devices and their own applications because of the concerns about data security. The facility also banned cloud storage services such as Dropbox, as well as Siri. Since Siri listens to spoken requests and sends these requests to Apple’s servers where they are deciphered into text they found this could be a HIPAA violation along the line. They also banned Siri because she can create text messages and emails on voice command, but some of these messages could contain sensitive and private information (Eschelbeck & Schwartzberg, 2017).
Ultimately, the success of the BYOD program is measured by the employees’ willingness to use their personal devices within the rules set for them. The organization’s security procedures and policies should determine whether and how BYOD is utilized. If adopted into a company, BYOD users need to have the ability to enforce security policies on their device and protect their property if that device is ever lost or stolen (Eschelbeck & Schwartzberg, 2017).
A couple other security concerns include:
-Being able to register employee devices with the company for monitoring purposes (Matteucci, 2017).
-Implementing password protection, antivirus and back-up software for all devices (Matteucci, 2017).
-Preventing the use of public WiFi networks (Matteucci, 2017).
-Downloading company information on home computers (Matteucci, 2017).
-Cleaning/resetting the devices entirely when employees quit or are terminated (Matteucci, 2017).
NR 512 Week 7: Safeguarding Health Information and Systems References:
Eschelbeck, G., & Schwartzberg, D. (2017). BYOD Risks and Rewards: How to keep employee smartphones, laptops and tablets secure. SOPHOS, 2(10), 1-7.
Matteucci, G. (2017, April 21). The Pros and Cons of Bring-Your-Own-Device (BYOD) for Your Mobile Field Workforce – Field Force Friday. Retrieved April 09, 2018, from http://www.msidata.com/pros-and-cons-of-byod-in-mobile-field-workforce
