San Jose State University BYOD Policy Discussion

A:

A bring your own device (BYOD) policy is one in which companies allow employees to use his or her own device example smartphone, laptop, etc. to conduct company business. BYOD is becoming more common in the workplace, which has its advantages and disadvantages. Some of the advantages of a BYOD policy include allowing the employees to choose his or her own devices. With the new age of technology, majority would like to acquire the newest smartphone or laptop, which is a great money saving advantage for the employer. The employee is willing to spend his or her own money to buy the latest technology (Fennelly, 2017). Additionally, the employer can save on having to spend funds on software and hardware. However, there is a disadvantage to with this thought, as employers will not receive bulk purchasing savings if the company supplies the devices. For instance, the company work for supplies their employees with company laptops and company phone mainly for exempt and leadership roles. There are many reasons my employer will not allow the employees to supply their own devices (Fennelly, 2017).Security and privacy are also a major factor in determining the use of BYOD policies. I work for a financial institution and the employees have access to a lot of sensitive information. Not to mention, employees keep a lot of their own personal information on his or her work laptop or phone (Fennelly, 2017). With specific software, the company ensures that the employees can only access sensitive information by logging into a Virtual Private Network, available for all company phones and laptops. Use personal internet and connect to our company’s private internal network. This secures the data and information stored on the company’s phones and laptops, even our own personal information (Keyes, 2016).

However, under a BYOD policy, privacy can run into some grey territory considering employees uses his or her own devices for business and personal use. An employer would not always have the necessary permissions to access, delete, or alter the information or the contents within an employees’ personal device, employers must give careful consideration to confidentiality and security issues and the manner in which they intersect with privacy concerns. In addition to the legal and security issues, employers must also be cognizant of ensuring that their BYOD policy is consistent with other corporate policies (Keyes, 2016).

—————.(160 words) + 1 reference APA format

B:

In a nutshell, embrace the expanding business movement to BYOD instead of staying away or fighting the growing business demands driving it. Consider these organizational benefits of a BYOD strategy: Increased productivity of the end user to do his or her job from anywhere and at any time. Guaranteed employee satisfaction by allowing end users the choice to use their own most-loved, personal device. Single device solution that eliminates the need for the end user to carry multiple devices one for personal use and one for business use. Cost savings: No need to buy and issue a new device to end users (Fennelly, 2017). Organizations face significant IT challenges, which are essential to evaluate the pros and cons prior to allowing the use of BYOD.

These challenges can be vetted and addressed thoroughly via clear policies and business processes:

IT security and privacy policy: Develop appropriate policy and procedures for employees and IT support staff on acceptable use policy and incident reporting. Device ownership: Develop a term-of-use consent form for employees to agree and abide to prior to gaining access to corporate systems and data. Device management standards: Manage the device using a centralized device management tool and enforce security controls such as password lock and application usage restrictions (Fennelly, 2017). Securing the data: Deploy tools and enforcing controls to secure the corporate data stored on the device. Data segmentation: Separate personal data from corporate data on the devices. IT support and additional training for supporting the personal devices and managing increased service desk calls. Develop and communicate BYOD policy, procedures and support through security awareness training for end users. Monitor the cost of data usage and lack of control to determine the cost for personal use versus corporate use (Keyes, 2016).

Challenges of enforcing policies concerning BYOD:

Application control: Uncontrolled and unsecured applications that could be installed on the device by the user. Potential data loss: This requires eliminating or reducing exposure of sensitive and critical data. Local labor laws/issues: Local and/or country labor laws that prevent users from working for more than normal working hours. Employment agreements need to be updated to manage possible Fair Labor Standard Act-related risk(Keyes, 2016).

Potential privacy issue: Tools employed by IT to manage the device could monitor and track the location of the device, which may a privacy issue in certain countries for the organization (Keyes, 2016). Regulatory requirements: Businesses that operate in specific industries like health care or finance fall under strict regulatory compliance mandates. SOX, HIPAA, GLBA, PCI DSS and other compliance frameworks outline which data must be protected and provide basic guidelines for how that data should be protected. Ensure regulatory compliance within BYOD policies (Keyes, 2016). Lost and stolen devices: End-user training for immediate reporting of loss or theft of a personal device with business access.Data recovery: Clear delineation of who owns the data stored on the device and how to recover or wipe the data when an end user leaves the organization (Fennelly, 2017).

—————.(160 words) + 1 reference APA format

Note:

Must be entirely focused on the specific content.

Add some generic points that could apply

Please check plagiarism

APA Format