Bring your own device (BYOD) is now common in the workplace. Rather than the employer providing specific gadgets, such as smartphones, tablet computers, and laptops workers are allowed and even encouraged to use their personal device in the work environment. From the employee perspective this can simplify the transition between working at home and in the office, for instance. However, it has also led to an always-available attitude that means one’s work-life balance is distorted by the fact that work colleagues and one’s boss can almost always connect to you even when you are not officially working. Moreover, they expect to be able to connect out of hours too.
There is a putative price to pay for employers who facilitate BYOD and all its benefits of lower costs for IT infrastructure and 24/7 access to their staff and that is the so-called cyber-security risk. By allowing any device into the building and on to the network, a workplace must accede that a device compromised by external malware or one setup maliciously by an unhappy employee, for instance, might wreak havoc on an unprotected system, interfere with day-to-day business and potentially disrupt an entire enterprise.
Fabricio Rivadeneira Zambrano of the Universidad Laica Eloy Alfaro de Manabi, in Chone, Ecuador and Glen Rodriguez Rafael of the Universidad Nacional Mayor de San Marcos, in Lima, Peru, have looked at the differences between security in the BYOD environment as opposed to the employer-provided device approach. It has previously been shown that productivity is much greater in the BYOD environment, but the use of illicit file-sharing, social media, and other apps is commonplace too.
Their study shows that there are many technical solutions and policies that are implemented in the BYOD workplace and these are commonly addressed by the corporate IT department to protect servers from malware and to block inappropriate use of personal devices on the corporate network. However, one aspect that is rarely addressed is the human factor, malice or ignorance, for instance. This must be looked at more closely the issues faced to allow BYOD to thrive and to bring all of its benefits to the workplace without the problems.
Zambrano, F.R.R. and Rafael, G.D.R. (2018) ‘Bring your own device: a survey of threats and security management models’, Int. J. Electronic Business, Vol. 14, No. 2, pp.146–170.