WEEK 7: TEAM CASE
ANALYSIS
BYOD is becoming the “new normal” (Laudon & Laudon,
2015, p.209). BYOD requires a
significant portion of corporate IT resources dedicated to managing and
maintaining a large number of devices within the organization (Laudon &
Laudon, 2015, p.209). In the past, companies tried to limit business smartphone
use to a single platform (Laudon & Laudon, 2015, p.209). This made it
easier to keep track of each mobile device and to roll out software upgrades or
fixes, because all employees were using the same devices, or at the very least,
the same operating system (Laudon & Laudon, 2015, p.209). The most popular
employer-issued smartphone used to be Research in Motion’s BlackBerry, because
it was considered the “most secure” mobile platform available (Laudon &
Laudon, 2015, p.209). (BlackBerry mobile devices access corporate e-mail and
data using a proprietary software and networking platform that is company-controlled
and protected from outsiders) (Laudon & Laudon, 2015, p.209).
Support
The sentence “Bring your own device” has become
hot topics of discussion nowadays as technology and all devices is taking over
our lives. But is technology BOYED being safe or not?
It is important to handle the usage of the technology in the
workplace and put a rules among the influx of the mobile devices usage by the
consumer.
Companies need to wake up and realize they’re facing a
massive security issue and risk having their intellectual property walk out of
the door with people (Alastair Mitchell,2017).
Each company have an explicit policy regards “bring your own
device” to work.
There’s a huge amount of information available in enterprise
content stores and knowledge workers are struggling to find ways to access,
work on and share this with everyone they need to (Alastair
Mitchell,2017). unsuccessful by legacy
technologies, which were planned to keep content safe inside an organization,
employees are seeking an easier way to access what they need. Security is a
business owner’s number one issue when it comes to a BYOD environment (Dan
Adams,2017).
There are many companies offer the flexibility and
productivity to the employees but they need to consider the following to keep
the company data secured:
One of the most important keys to keep the data secure is to
use the right tools. If the company using business class email service and the
company running under BOYD policy that will cost money. A subscription to Microsoft Office 365
includes secure email for your employees, with ActiveSync support for every
major mobile platform. It’s one of the only cloud-based platforms, alongside
Google Apps for Business that meets the minimum security-standards for usage by
U.S. Federal Government agencies (Dan Adams, 2017). It’s reasonable price with
about $4 per employee per month. In this case any user will be able to have a
full access to the full Office 365 suite, which allow to opens up secure,
cloud-based syncing for your Office documents, calendar and more (Dan Adams,
2017).
Evaluation
Complexed IT infrastructures have been created by midsize to
large companies which include many different systems and authorized users. The
companies use programs to track users and their system privileges. Each user is
assigned a unique log in identification code to protect each user’s access and
controlling access to certain parts of the system resources that pertains to
their specific job roles. As each user logs in, an authentication process is utilized
when an employee enters in their unique password (Laudon & Laudon, p 326).
Along with using a unique sign on and password, a token may be required to
access the company’s database if accessing the system outside of the workplace
environment. A token is a physical device, similar to an identification card,
to prove an identity of a single user (Laudon & Laudon, p 326).
Despite having security measures in place, a vast amount of
employees bring their own mobile devices to work. Bring your own device (BYOD)
in the workplace accounts for nearly one-third of all employees using personal
devices at workplaces worldwide. Employees utilize either personal or
company-issued iPads, iPhones, and other mobile computing devices place
employers at risk of security breaches. Company data on mobile devices travels,
both physically and electronically, from office to home. Researchers have
identified nearly half of companies who allow employees to connect their
personal mobile devices to the company database have experienced a data breach
(Laudon & Laudon, p 335).
Smartphone devices is one of the biggest security dangers a
company may face due to the small nature in size and the probability of it
getting lost. If a device is lost, the company data on remotes servers are at
risk. A study performed by Ponemon Institute, 62 percent of mobile devices
housing confidential company data were lost or stolen. Accessing confidential
data physically is a greater risk than hacking into a network due to the ease
of gaining entry into the database if accessed by hackers who can easily
override locks and passwords (Laudon & Laudon, p 335). Firewalls have been
placed by companies to prevent unauthorized users from accessing their network.
A firewall is a combination of software and hardware that controls incoming and
outgoing network traffic. Generally, firewalls are placed between the company’s
internal and external networks, such as the internet (Laudon & Laudon, p
327).
Another issue corporations face is cloud computing services.
This is another avenue for large scale data to be breached if their network is
compromised. Employees who use Google Drive or Dropbox for file-sharing places
their data at risk if hackers obtain access to Google. In 2011, Chinese hackers
gained access to hundreds of U.S. Government account on Google Gmail (Laudon
& Laudon, p 335). Cloud computing distribute work to data centers
internationally where work can be accomplished the most efficiently. When using
the cloud, it is now known precisely where data is being hosted. Due to the
nature of how cloud computing works, it is difficult to track unauthorized
activity (Laudon & Laudon, p 333). While all cloud providers use
encryption, data stored on devices that also store company data need to ensure
the company data is encrypted additionally. Users are highly encouraged to
protect data stored on mobile devices that meets the company’s requirements
(Laudon & Laudon, p 333).
Android devices are amongst one of the most vulnerable
devices. Google does not review Android apps as Apple does for its apps. It
relies on technical hurdles to limit the impact of malicious code as well as
security expert feedback. Recent features for Androids include assigning
varying levels of trust to each app and providing a more robust system to store
and access sensitive information and resources. In addition, mobile devices are
at risk for all browser-based malware that take advantage of vulnerabilities
(Laudon & Laudon, p 336). Corporations should encrypt communication in
mobile devices. Users should be required to use the password feature found in
smartphones or only be allowed to access company data via a company-issued
mobile device (Laudon & Laudon, p 334).
What problems do smartphone security weaknesses cause for
businesses?
What steps can individuals and businesses take to make their
smartphones more secure?
