Академический Документы
Профессиональный Документы
Культура Документы
Name
Institution
MOBILE DEVICES IN THE BYOD ENVIRONMENT 2
Mobile devices are increasingly becoming part of many people personal lives and many
organizations are realizing that their employees increasingly desire to utilize both corporate-
provided devices as well as their own personal mobile devices to perform work. The
organizations find it impossible to physically block the utilization these mobile devices since
they are for both work and personal agendas. However, they need to control these devices since
the current economic environment demands productivity from the employees. Therefore, having
a secure mobile program; bring your own device (BYOD) provide a better option that enables
BYOD brings about major security risk expansion since there is a wide variety of devices as
well as a huge number of devices. A BYOD implementation invariably will encompass a wider
range of device kinds and the same level of security controls that were applied to a single device
type will have to be replicated to all hardware and software combinations of the different types
of devices. This results in differing levels of effectiveness among the devices. More often,
employees have more than one device which they connect to multiple to the organization’s
infrastructure. This raises the total number of devices that need to be secured. Consequently, this
may lead to an inadequacy of security controls to consistently and effectively implement security
across the entire network of devices. This happens even in an environment controlled by
functional mobile device management solution since the vulnerabilities in the device operating
system or apps may beat the existing controls in the devices (Paganini & Pierluigi Paganini,
2016).
Secure the employees’ devices by evaluating device usage scenarios and investigating
MOBILE DEVICES IN THE BYOD ENVIRONMENT 3
leading practices to mitigate all risk scenarios. Put in place a mobile device management product
minimum industry standard security policies such as device encryption, remotely wiping, PIN
code authentication and failed log in attempt actions. Make and set a security baseline in order to
certify hardware/software for enterprise use. Also, categorize trusted and untrusted device access
through layer infrastructure and implement robust authentication and access controls for vital
business apps. Incorporate mobile device risk to the enterprise’s awareness program.
Counter app risks by utilizing mobile anti-virus solutions to safeguard the organizations
BYOD malware-prone mobile software. Ensure mobile app development address security
processes and manage apps via a reliable app store (a mobile app management solution). App
risks can also be mitigated by regularly assessing the need for new apps in order to increase
Manage support for BYOD devices by creating and implementing a proper BYOD support
and usage policy. Improve on the current support processes to encompass secure provisioning
and wiping of devices. Also, create an education workshop/process to sensitize users the
importance of updating their mobile devices. Supplement the existing IT support team with a
The human factor is the fundamental reason why many attacks are successful since
employees underestimate the severity of potential threats. Employees are generally distracted by
these devices and become ignorant leading to high-risk practices in terms of security hence the
need to define rules and establish policy controls to be followed in conditions that expose the
user to risk.
MOBILE DEVICES IN THE BYOD ENVIRONMENT 4
The main goal of technology in an organization is to bring about business value. Complete
lockdown on the usage of mobile devices and personal devices may to some extent reduce
security risks, but, such restrictive policies may discourage adoption of new technologies or
promote workarounds. With such kind of controls in place, they may drive some employees to
utilize unsafe/risky alternatives to get the much-needed flexibility and access they have
previously experienced. In such cases, both the policy and the program will be unsustainable.
security breach. Such security incidents occur at high speed and require a quick response. In
most cases, the incident management progress is usually slow and cannot cope with the threats
since it takes place at human speed. The needed actions taken by users to respond to a security
incident is characterized with human latency further exposing the organization to more risks due
to failure to apply deterrence measures on time (Winnefeld, Kirchhoff, & Upton, 2016).
The incorporation of social media and mobile platforms in an organization’s core business
functions represents a privileged target for attacks since intruders use them to implement fraud
schemes. Organizations have a wide range of circumstances in which the services accessed
depending on social media. Since social media becomes a point of aggregation different kinds of
information, it becomes difficult for policy controls to determine proper use of these services.
MOBILE DEVICES IN THE BYOD ENVIRONMENT 5
Work cited
Giaffreda, R., Caganova, D., Li, Y., Riggio, R., & Voisard, A. Internet of Things. IoT
Paganini, & Pierluigi Paganini (2016). Why humans could be the weakest link in cyber security
http://securityaffairs.co/wordpress/9076/social-networks/why-humans-could-be-the-
weakest-link-in-cyber-security-chain.html
Silvestri, G. (2015). Citrix XenDesktop® Cookbook - Third Edition (1st ed.). Birmingham: Packt
Publishing, Limited.
Winnefeld, J., Kirchhoff, C., & Upton, D. (2016). Cybersecurity’s Human Factor: Lessons from
https://hbr.org/2015/09/cybersecuritys-human-factor-lessons-from-the-pentagon