BYOD Security Risks and Mitigation Strategies
VerifiedAdded on 2020/04/01
|23
|5966
|42
AI Summary
This assignment delves into the potential security threats associated with Bring Your Own Device (BYOD) policies. It examines various risks, including data breaches, malware infections, and unauthorized access. Additionally, it analyzes different strategies for mitigating these risks, such as implementing strong passwords, utilizing mobile device management (MDM) solutions, and providing employee training on cybersecurity best practices.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Commonwealth Bank of Australia Risk Assessment- Employee Personal Devices
Name
Institutional Affiliation
Date
Name
Institutional Affiliation
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
EXECUTIVE SUMMARY
As modern organizations continue to operate in the in the ever competitive environments, they
have been forced to come up with various strategies to meet current workplace demands. Among
the strategies that have been adopted by organizations is the use of technology in their
operations. The increase in the adoption of technology by organizations has come along with
associated risks touching on company’s data such as Data security risks. In Australia, for
example, data security has been an area of focus for many businesses especially due to the
significant rise in the cases of cyber crimes (Zahadat et al, 2015). Data security refers to all
digital privacy measures put in place to prohibit unauthorized persons to access computers
websites and databases. Data security which is also aimed at preventing data corruption has been
viewed as an essential component of all organizations using technology. Data security is also
referred to as IT security. Commonwealth Bank of Australia is a leading integrated financial
services provider that has branches in Europe, North America, New Zealand and Asia. The bank
offers some financial services, including share broking, funds management, business,
institutional, premium and retail banking, insurance and superannuation products and services
(Ballagas,et al,2014)
The Company among other guarantees provides its clients with 100% security guarantee about
their personal information and money. Among other strategies adopted by the company include
outsourcing for cyber security to reduce costs a move which has seen the Bank contemplate on
moving a number of its members of staff and functions related to its IT security to an offshore
location in India. In this, the company is focused on managing security assess by real-time
As modern organizations continue to operate in the in the ever competitive environments, they
have been forced to come up with various strategies to meet current workplace demands. Among
the strategies that have been adopted by organizations is the use of technology in their
operations. The increase in the adoption of technology by organizations has come along with
associated risks touching on company’s data such as Data security risks. In Australia, for
example, data security has been an area of focus for many businesses especially due to the
significant rise in the cases of cyber crimes (Zahadat et al, 2015). Data security refers to all
digital privacy measures put in place to prohibit unauthorized persons to access computers
websites and databases. Data security which is also aimed at preventing data corruption has been
viewed as an essential component of all organizations using technology. Data security is also
referred to as IT security. Commonwealth Bank of Australia is a leading integrated financial
services provider that has branches in Europe, North America, New Zealand and Asia. The bank
offers some financial services, including share broking, funds management, business,
institutional, premium and retail banking, insurance and superannuation products and services
(Ballagas,et al,2014)
The Company among other guarantees provides its clients with 100% security guarantee about
their personal information and money. Among other strategies adopted by the company include
outsourcing for cyber security to reduce costs a move which has seen the Bank contemplate on
moving a number of its members of staff and functions related to its IT security to an offshore
location in India. In this, the company is focused on managing security assess by real-time
monitoring the use of technology by staff as well as monitoring threats within and without the
bank (Smith, 2009).Bring your own device is a concept utilized in a situation where employees
are allowed to come in the workplace to go with personal devices such as computers, smart
phones, and tablets to be used in undertaking the daily activities. Allowing employees to bring
their own personal; devices at the workplace have been the cause of some of the challenges faced
by modern organizations with it has come some threats leading to the establishment of bringing
your own devices aimed at regulating access to organizational, technological resources using
their devices. Allowing employees to bring their devices might have a positive bearing on the
organization whose technology endowment is inadequate by enabling employees to come with
superior devices that can help in increasing efficiency and the overall productivity. On the other
hand, such a move can be detrimental to an organization’s health by making its data and
technologies prone to abuse from outside the organization (Chin, et al,2011)By deploying this
project, Commonwealth Bank of Australia will achieve both advantages and disadvantages.
Among the expected benefits is the flexibility that comes with the use of personal devices,
minimizing operational costs and increased efficiency due to technological familiarity. Problems
that will accrue to the organization as a result of this move include compromised security, device
disparities whereby employees use different devices and finally it might be an extra cost to
employees, especially those who might not be in possession of such devices.
bank (Smith, 2009).Bring your own device is a concept utilized in a situation where employees
are allowed to come in the workplace to go with personal devices such as computers, smart
phones, and tablets to be used in undertaking the daily activities. Allowing employees to bring
their own personal; devices at the workplace have been the cause of some of the challenges faced
by modern organizations with it has come some threats leading to the establishment of bringing
your own devices aimed at regulating access to organizational, technological resources using
their devices. Allowing employees to bring their devices might have a positive bearing on the
organization whose technology endowment is inadequate by enabling employees to come with
superior devices that can help in increasing efficiency and the overall productivity. On the other
hand, such a move can be detrimental to an organization’s health by making its data and
technologies prone to abuse from outside the organization (Chin, et al,2011)By deploying this
project, Commonwealth Bank of Australia will achieve both advantages and disadvantages.
Among the expected benefits is the flexibility that comes with the use of personal devices,
minimizing operational costs and increased efficiency due to technological familiarity. Problems
that will accrue to the organization as a result of this move include compromised security, device
disparities whereby employees use different devices and finally it might be an extra cost to
employees, especially those who might not be in possession of such devices.
Table of Contents
EXECUTIVE SUMMARY.................................................................................................................................2
REVIEW OF THE PROJECT............................................................................................................................5
SECURITY POSTURE.....................................................................................................................................6
THREATS, VULNERABILITIES, AND CONSEQUENCES....................................................................................9
DATA SECURITY RISKS................................................................................................................................14
CONCLUSION.............................................................................................................................................15
REFERENCES..............................................................................................................................................16
EXECUTIVE SUMMARY.................................................................................................................................2
REVIEW OF THE PROJECT............................................................................................................................5
SECURITY POSTURE.....................................................................................................................................6
THREATS, VULNERABILITIES, AND CONSEQUENCES....................................................................................9
DATA SECURITY RISKS................................................................................................................................14
CONCLUSION.............................................................................................................................................15
REFERENCES..............................................................................................................................................16
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
REVIEW OF THE PROJECT
Financial services refer to a range of financial services provided by various players in the
financial industry. They include services provided by banks, insurance companies, and
government-sponsored enterprises among others. In broad terms, institutions operating in the
financial sector are regarded as highly sensitive especially with regards to the security of their
systems. Financial service providers are virtually present all over the world even in remote areas
to satisfy the financial needs of individuals, groups, companies and other institutions (Gustav &
Kabanda,2016). The intermediary role played by financial service industry in Australia’s
economy is quite significant. Individuals, government agencies, businesses and nonprofit
organizations rely on this sector to either get funds when need be or dispose of excess cash
which is then lent out to those who need it, technologists play a significant role in facilitating this
transaction.
Clients .Clients are the most important asset to the Commonwealth Bank of Australia. The bank
is focused on establishing lasting cordial relationships with its various clients both depositors and
debtors. The bank's clients include retail clients, institutional investors, financial sponsors,
entrepreneurs, and corporations. Implementation of the project would mean that these client’s
needs attended to at any given time and with much efficiency (Felt,et al,2011)
Employees. Employees are an important shareholder and an important asset to the bank. The
company is focused on nurturing and developing the professional capability of their employees.
The project might be limiting to employees to employees without such devices and an
opportunity for those with the devices to enhance their professional prowess
Financial services refer to a range of financial services provided by various players in the
financial industry. They include services provided by banks, insurance companies, and
government-sponsored enterprises among others. In broad terms, institutions operating in the
financial sector are regarded as highly sensitive especially with regards to the security of their
systems. Financial service providers are virtually present all over the world even in remote areas
to satisfy the financial needs of individuals, groups, companies and other institutions (Gustav &
Kabanda,2016). The intermediary role played by financial service industry in Australia’s
economy is quite significant. Individuals, government agencies, businesses and nonprofit
organizations rely on this sector to either get funds when need be or dispose of excess cash
which is then lent out to those who need it, technologists play a significant role in facilitating this
transaction.
Clients .Clients are the most important asset to the Commonwealth Bank of Australia. The bank
is focused on establishing lasting cordial relationships with its various clients both depositors and
debtors. The bank's clients include retail clients, institutional investors, financial sponsors,
entrepreneurs, and corporations. Implementation of the project would mean that these client’s
needs attended to at any given time and with much efficiency (Felt,et al,2011)
Employees. Employees are an important shareholder and an important asset to the bank. The
company is focused on nurturing and developing the professional capability of their employees.
The project might be limiting to employees to employees without such devices and an
opportunity for those with the devices to enhance their professional prowess
There are some legislation that would determine the ability of Commonwealth Bank of Australia
to implement the project which includes Archives Act 1983, Privacy Act 1988 and Freedom of
Information Act 1982 which were established as a necessity as a result of the risks that emanate
from allowing employees to bring own devices at the workplace. If it can implement the project,
the Bank will, therefore, be required to put in place certain control measures to ensure that it
meets all legal obligations (Watkins, 2014). The bank would, therefore, be required to examine
the implications of the project to both the business and its overall security. As per best standards
requirements, commonwealth bank of Australia would be required to determine the implication
of the project by analyzing an already existing real example, identify the existing regulations and
legislation to facilitate compliance, put in place various support measures, both financial and
technical and finally roll out the project. The realization of this is solely dependent on the ICT
department or the technological department of the Bank. Financial institutions are affected by
many risks which can be categorized into.
Credit risks
Credit risks occur as a result of failure by debtors to pay what they owe a bank. Failure to pay
can be as a result of inability by the debtor or unwillingness to pay. Credit risks are likely to
affect Banks operations, its shareholders as well as its ability to issue fresh loans (Acharya, et
al,2017)
Legal risks
Legal risks occur as a result of violation of legal standards set by government institutions as well
as other regulatory bodies in which financial institutions are supposed to abide by. Legal risks
to implement the project which includes Archives Act 1983, Privacy Act 1988 and Freedom of
Information Act 1982 which were established as a necessity as a result of the risks that emanate
from allowing employees to bring own devices at the workplace. If it can implement the project,
the Bank will, therefore, be required to put in place certain control measures to ensure that it
meets all legal obligations (Watkins, 2014). The bank would, therefore, be required to examine
the implications of the project to both the business and its overall security. As per best standards
requirements, commonwealth bank of Australia would be required to determine the implication
of the project by analyzing an already existing real example, identify the existing regulations and
legislation to facilitate compliance, put in place various support measures, both financial and
technical and finally roll out the project. The realization of this is solely dependent on the ICT
department or the technological department of the Bank. Financial institutions are affected by
many risks which can be categorized into.
Credit risks
Credit risks occur as a result of failure by debtors to pay what they owe a bank. Failure to pay
can be as a result of inability by the debtor or unwillingness to pay. Credit risks are likely to
affect Banks operations, its shareholders as well as its ability to issue fresh loans (Acharya, et
al,2017)
Legal risks
Legal risks occur as a result of violation of legal standards set by government institutions as well
as other regulatory bodies in which financial institutions are supposed to abide by. Legal risks
affecting financial institutions include violation of security and fraud laws. Legal risks can have
adverse effect towards the operation and the reputation of a financial institution like the
Commonwealth Bank of Australia.
Systematic risks
Systematic risks occur as a result of changes in the value of an organization’s assets. Systematic
risks occur mostly a s a result of changes in the prevailing economic conditions such as changes
in interests rates, changes in foreign exchange among others. Systematic risks can also have a
significant impact on the operations of Bank (Acharya, et al,2017)
With the possibility the occurrence of many risks therefore, any Financial Institution is therefore
required to be aware of these risks among others so that it can put in place policies of identifying
and addressing the risks before they can have a significant impact on their operations.
SECURITY POSTURE
Modern organizations are faced with a myriad of challenges which continue to threaten their
survival. While challenges can present an opportunity for an organization to put in place
measures to avoid more devastating challenges, the emergence of serious challenges that can
lead to ultimate incapacitation of an organization. Of major concern is the financial service
sector whose data security is paramount especially due to the adverse effects that can result from
any serious threat through infringement of banks systems and databases. Such data these would
adversely affect not only the bank but also its various stakeholders who depend on the services
offered by the bank (Shim, et al,2013)The management of Commonwealth Bank of Australia
especially those in the IT department are tasked with the responsibility of ensuring that such
adverse effect towards the operation and the reputation of a financial institution like the
Commonwealth Bank of Australia.
Systematic risks
Systematic risks occur as a result of changes in the value of an organization’s assets. Systematic
risks occur mostly a s a result of changes in the prevailing economic conditions such as changes
in interests rates, changes in foreign exchange among others. Systematic risks can also have a
significant impact on the operations of Bank (Acharya, et al,2017)
With the possibility the occurrence of many risks therefore, any Financial Institution is therefore
required to be aware of these risks among others so that it can put in place policies of identifying
and addressing the risks before they can have a significant impact on their operations.
SECURITY POSTURE
Modern organizations are faced with a myriad of challenges which continue to threaten their
survival. While challenges can present an opportunity for an organization to put in place
measures to avoid more devastating challenges, the emergence of serious challenges that can
lead to ultimate incapacitation of an organization. Of major concern is the financial service
sector whose data security is paramount especially due to the adverse effects that can result from
any serious threat through infringement of banks systems and databases. Such data these would
adversely affect not only the bank but also its various stakeholders who depend on the services
offered by the bank (Shim, et al,2013)The management of Commonwealth Bank of Australia
especially those in the IT department are tasked with the responsibility of ensuring that such
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
threats are mitigated. It is their sole responsibility to protect the Banks systems, data and the
privacy of its clients by adequately managing the bank's financial information. Amid the
increasing level of competition in the Australian financial sector, the Bank has no option but
striving at providing the best data security measures in the industry. Commonwealth Bank of
Australia has been viewed to be way ahead of its main competitors in as far as information
security is concerned. With the many strategies undertaken by the Bank, implementation of the
project allowing employees to bring their devices to the workplace is likely to have huge
implications on its operations because employees might have unauthorized access to some of its
crucial information from their devices which might lead to loss, damage or manipulation of data.
While the project might have both positive and negative implications, it will be necessary for the
Bank to undertake sufficient research to find out whether the benefits surpass the negative
outcomes (Thomson,2012).
Monitoring is key in managing any sensitive data or information form an organization. By
allowing employees to bring their own devices this practice which is highly encouraged at the
Bank is likely to be affected. Among the implications of this project to the bank is the reduction
of system security assurance. The bank will also be able to monitor the working of their
employees because the use of personal devices makes it relatively hard for the management to
distinguish when employees are using the devices for personal undertakings or work-related
tasks. The project will also facilitate deviation from the banks secured use of sensitive
information to the unsecured use of such information. It is also possible that such devices might
be stolen thus risking the Bank’s sensitive information. The project also comes with an
additional budget for the company, implication on its human resources, compliance regulations
as well as legal obligations and liabilities. To regulate such implications, Commonwealth Bank
privacy of its clients by adequately managing the bank's financial information. Amid the
increasing level of competition in the Australian financial sector, the Bank has no option but
striving at providing the best data security measures in the industry. Commonwealth Bank of
Australia has been viewed to be way ahead of its main competitors in as far as information
security is concerned. With the many strategies undertaken by the Bank, implementation of the
project allowing employees to bring their devices to the workplace is likely to have huge
implications on its operations because employees might have unauthorized access to some of its
crucial information from their devices which might lead to loss, damage or manipulation of data.
While the project might have both positive and negative implications, it will be necessary for the
Bank to undertake sufficient research to find out whether the benefits surpass the negative
outcomes (Thomson,2012).
Monitoring is key in managing any sensitive data or information form an organization. By
allowing employees to bring their own devices this practice which is highly encouraged at the
Bank is likely to be affected. Among the implications of this project to the bank is the reduction
of system security assurance. The bank will also be able to monitor the working of their
employees because the use of personal devices makes it relatively hard for the management to
distinguish when employees are using the devices for personal undertakings or work-related
tasks. The project will also facilitate deviation from the banks secured use of sensitive
information to the unsecured use of such information. It is also possible that such devices might
be stolen thus risking the Bank’s sensitive information. The project also comes with an
additional budget for the company, implication on its human resources, compliance regulations
as well as legal obligations and liabilities. To regulate such implications, Commonwealth Bank
of Australia will need to put in place regulatory policies stipulating the terms of use of personal
devices (Miller,Voas & Hurlburt,2012).
Reasons for implementing a BYOD Policy
There are numerous reasons to why an organization can organization can adopt the use of a
BYOD policy which include improving the real time productivity and engagement of employees
because the policy makes them more satisfied and provide results from any location, creating a
smarter and skilled labor force, to introduce a more flexible strategy at the work place, reduce
hardware investment by a company among other benefits. Return on Investment is used to
ascertain the cost reduction achieved by a project over certain duration of time. This method can
be used by Commonwealth Bank of Australia to analyze the long-term impact of implementing a
BYOD policy. Return on Investment is calculated as follows
Net Profit / Total Investment * 100
ROI= (213000-181000)/ 181000= 0.177
devices (Miller,Voas & Hurlburt,2012).
Reasons for implementing a BYOD Policy
There are numerous reasons to why an organization can organization can adopt the use of a
BYOD policy which include improving the real time productivity and engagement of employees
because the policy makes them more satisfied and provide results from any location, creating a
smarter and skilled labor force, to introduce a more flexible strategy at the work place, reduce
hardware investment by a company among other benefits. Return on Investment is used to
ascertain the cost reduction achieved by a project over certain duration of time. This method can
be used by Commonwealth Bank of Australia to analyze the long-term impact of implementing a
BYOD policy. Return on Investment is calculated as follows
Net Profit / Total Investment * 100
ROI= (213000-181000)/ 181000= 0.177
Commonwealth Bank of Australia must, therefore, undertake an evaluation of the merits and
demerits of the project and its overall implications on the Banks' goals and mission. This will
then be followed by formulation of policies to regulate the use of personal devices and the
general security of the Banks systems. The Bank may also hire the services of solution providers
whose main responsibilities will be assessing the risks associated with the project, formulation of
different projects to govern the project as well as coming up with control measures to facilitate
implementation of these policies. Commonwealth Bank of Australia will, therefore, be required
to notify their employees on what to expect upon implementation of the project regarding the
privacy of their personal information which might need to be subjected to company monitoring
(Pillay,et al,2013)
Implementation of BYOD project will require the bank to consider its ability to remove the
banks information from employees devices upon their departure from the bank, clarify on what
devices, platforms, and networks that can be used in these devices including any associated
prohibitions to use such devices, avail a procedure to address possible theft of these devices in
order to protect Banks Information and clarifying on the consequences of any violations from
employees regarding the use of personal devices. The bank should also establish its ability to
access and have control over information belonging to it including the use of mobile device
management system as well as identify support limitations resulting from these devices to ensure
that they are addressed. Before implementing the Common program wealth Bank is also required
to analyze how the project is likely to affect the various stakeholders and the bank at large and
therefore it should solicit views from its employees, the finance department, its legal advisers
and finally its technological team (Ghosh, Gajar & Rai,2013).
demerits of the project and its overall implications on the Banks' goals and mission. This will
then be followed by formulation of policies to regulate the use of personal devices and the
general security of the Banks systems. The Bank may also hire the services of solution providers
whose main responsibilities will be assessing the risks associated with the project, formulation of
different projects to govern the project as well as coming up with control measures to facilitate
implementation of these policies. Commonwealth Bank of Australia will, therefore, be required
to notify their employees on what to expect upon implementation of the project regarding the
privacy of their personal information which might need to be subjected to company monitoring
(Pillay,et al,2013)
Implementation of BYOD project will require the bank to consider its ability to remove the
banks information from employees devices upon their departure from the bank, clarify on what
devices, platforms, and networks that can be used in these devices including any associated
prohibitions to use such devices, avail a procedure to address possible theft of these devices in
order to protect Banks Information and clarifying on the consequences of any violations from
employees regarding the use of personal devices. The bank should also establish its ability to
access and have control over information belonging to it including the use of mobile device
management system as well as identify support limitations resulting from these devices to ensure
that they are addressed. Before implementing the Common program wealth Bank is also required
to analyze how the project is likely to affect the various stakeholders and the bank at large and
therefore it should solicit views from its employees, the finance department, its legal advisers
and finally its technological team (Ghosh, Gajar & Rai,2013).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
The solution lies in the Bank’s ability to use smart policies and compliance; such policies would
include an adoption of a formal mobile policy that stipulates consequences of violation,
sufficient security measures use of training programs to solve mobile liabilities. A mobile policy
would include ensuring that each device that is being used by an employee is remote wipe
enabled. Although the process might require much time and resources, it will save the Bank a
significant amount of resources that it might incur in an instance where these devices are used to
break the law (Moyer,2013).
THREATS, VULNERABILITIES, AND CONSEQUENCES
Although highly considered for their useful functionality and high efficiency at the workplace,
technological devices such as iPads, mobile phones, laptops, and ipads have come with
numerous challenges that continue to affect not only employees but also their employers. Recent
studies have shown an increase in the usage of usage of own smart phones and tablets for
business with the number expected to keep rising (Morrow,2012). The number of Companies
allowing employees to make use of their devices for business has also continued to rise with a
recent research predicting that at least 38% of global companies will have implemented Bring
Your Device into their operations. This is also a trend that has been witnessed 2017 which has
recorded a significant increase in the level of usage of personal devices by employees at the
workplace. This is to signify perhaps the Importance that some employers attach to the use of
personal devices for business. However, adoption of BYOD Policy requires employers to shift
their focus to remain updated on changes in technology as well as being mindful of data security
and privacy issues (Lebek, Degirmenci & Breitner, 2013).
include an adoption of a formal mobile policy that stipulates consequences of violation,
sufficient security measures use of training programs to solve mobile liabilities. A mobile policy
would include ensuring that each device that is being used by an employee is remote wipe
enabled. Although the process might require much time and resources, it will save the Bank a
significant amount of resources that it might incur in an instance where these devices are used to
break the law (Moyer,2013).
THREATS, VULNERABILITIES, AND CONSEQUENCES
Although highly considered for their useful functionality and high efficiency at the workplace,
technological devices such as iPads, mobile phones, laptops, and ipads have come with
numerous challenges that continue to affect not only employees but also their employers. Recent
studies have shown an increase in the usage of usage of own smart phones and tablets for
business with the number expected to keep rising (Morrow,2012). The number of Companies
allowing employees to make use of their devices for business has also continued to rise with a
recent research predicting that at least 38% of global companies will have implemented Bring
Your Device into their operations. This is also a trend that has been witnessed 2017 which has
recorded a significant increase in the level of usage of personal devices by employees at the
workplace. This is to signify perhaps the Importance that some employers attach to the use of
personal devices for business. However, adoption of BYOD Policy requires employers to shift
their focus to remain updated on changes in technology as well as being mindful of data security
and privacy issues (Lebek, Degirmenci & Breitner, 2013).
For the Commonwealth Bank of Australia, the implementation of the project allowing employees
to use their devices for business will, therefore, come with threats, vulnerabilities, and
consequences for both the Bank and its Employees. As such, the Bank will find it necessary to
focus on changes in technology and regularly address security and privacy issues arising a result
of the project (Garba,et al,2015)
There are various risks associated with the implementation of the project. By allowing its
employees to use personal devices for official purposes, the Bank will commit itself to any
violations committed by their employees through the use of personal devices, For any offense
broken by their employees, Commonwealth Bank of Australia will be held responsible (Ghosh,
Gajar & Rai, 2013). A good example of such risks would be where a driver of the bank causes an
accident because of using a cell phone while driving as it was the case of the COCA-COLA
Company driver who hit a woman while on the phone in 2016. The cases of Employers being
sued for employee use of personal devices have been on the rise in the recent past ( Bzur,
2013).There, therefore, some risks that Commonwealth Bank of Australia will be faced with as a
result of implementing this project.
Abstracted driving
Distracted driving is one of the most common risks that result from the use of personal devices at
work. The impact of this can be quite huge for a company. The use of mobile phones by drivers
while driving can result in unwarranted legal battles as well as penalties due to injuries or deaths
of road users. Risks associated with distracted driving is, therefore, one of the risks that
Commonwealth Bank of Australia is likely to be faced with as a result of allowing employees to
use their devices at work (French, Guo & Shim,2014).
to use their devices for business will, therefore, come with threats, vulnerabilities, and
consequences for both the Bank and its Employees. As such, the Bank will find it necessary to
focus on changes in technology and regularly address security and privacy issues arising a result
of the project (Garba,et al,2015)
There are various risks associated with the implementation of the project. By allowing its
employees to use personal devices for official purposes, the Bank will commit itself to any
violations committed by their employees through the use of personal devices, For any offense
broken by their employees, Commonwealth Bank of Australia will be held responsible (Ghosh,
Gajar & Rai, 2013). A good example of such risks would be where a driver of the bank causes an
accident because of using a cell phone while driving as it was the case of the COCA-COLA
Company driver who hit a woman while on the phone in 2016. The cases of Employers being
sued for employee use of personal devices have been on the rise in the recent past ( Bzur,
2013).There, therefore, some risks that Commonwealth Bank of Australia will be faced with as a
result of implementing this project.
Abstracted driving
Distracted driving is one of the most common risks that result from the use of personal devices at
work. The impact of this can be quite huge for a company. The use of mobile phones by drivers
while driving can result in unwarranted legal battles as well as penalties due to injuries or deaths
of road users. Risks associated with distracted driving is, therefore, one of the risks that
Commonwealth Bank of Australia is likely to be faced with as a result of allowing employees to
use their devices at work (French, Guo & Shim,2014).
Loss of devices with unsecured data
Lost devices can pose risks not only for Companies but also for individuals. Due to the
sensitivity of information handled by monetary institutions, loss of personal devices such as
phones or tablets used by employees in their daily duties may lead to leaking out of secrets and
sensitive information about the Bank’s Clients and employees. Such information may end up
being used against the company in legal suits (Burt,2011).
Sexual Harassment
Sexual harassment at the workplace is one of the major risks of allowing employees to bring
their devices. Sexting is the most common form of sexual harassment used by adults. It is the
process where someone sends another person sexually explicit messages or photographs through
mobile phones. Sexting is classified together with speaking inappropriately to a colleague at the
workplace (French, Guo & Shim,2014). However, unlike the use of inappropriate language at
the workplace done orally, Sexting using personal devices at the workplace presents concrete
evidence that can be used against the Bank.
Content posted on social media
The final risk that the Bank is faced with has to do with the content posted on social media using
employee’s devices. It is a common practice by some companies that social media sites be
blocked from the company’s network; however, with the adoption of this project, it might be
difficult to regulate what is posted on social media by employees. Some of the risks associated
with social media might include racist comments posted on Facebook by an employee using a
BYOD device or an inappropriate photo such as that of an employee trespass (Guan, 2012). All
Lost devices can pose risks not only for Companies but also for individuals. Due to the
sensitivity of information handled by monetary institutions, loss of personal devices such as
phones or tablets used by employees in their daily duties may lead to leaking out of secrets and
sensitive information about the Bank’s Clients and employees. Such information may end up
being used against the company in legal suits (Burt,2011).
Sexual Harassment
Sexual harassment at the workplace is one of the major risks of allowing employees to bring
their devices. Sexting is the most common form of sexual harassment used by adults. It is the
process where someone sends another person sexually explicit messages or photographs through
mobile phones. Sexting is classified together with speaking inappropriately to a colleague at the
workplace (French, Guo & Shim,2014). However, unlike the use of inappropriate language at
the workplace done orally, Sexting using personal devices at the workplace presents concrete
evidence that can be used against the Bank.
Content posted on social media
The final risk that the Bank is faced with has to do with the content posted on social media using
employee’s devices. It is a common practice by some companies that social media sites be
blocked from the company’s network; however, with the adoption of this project, it might be
difficult to regulate what is posted on social media by employees. Some of the risks associated
with social media might include racist comments posted on Facebook by an employee using a
BYOD device or an inappropriate photo such as that of an employee trespass (Guan, 2012). All
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
these can be used against the Bank in legal suits and therefore making the Bank liable for
violation of the Law.
Companies cannot afford to ignore the increasing rates of adopting BYOD that has been caused
by the rise in the use of technology. By implementing the project, Commonwealth Bank of
Australia will allow usage of employee’s devices such as smart phones, laptops, and tablets for
official duties instead of company-provided devices. Among the information stored in such
devices might include inventory, mobile schedules, photos and training videos among others to
facilitate easy access of data. While the practice of allowing employees to bring their own
devices at eth workplace is becoming a norm, there are many consequences that Commonwealth
Bank of Australia might be subjecting itself to by implementation of the project (Mansfield-
Devine,2012).
Resentment by employees
By implementing the project, the Bank will force its employees to incur extra costs to acquire the
requisite devices for those who might not be having them. Requesting employees to purchase
new devices for work purposes might, therefore, leave them unhappy. Additionally, the costs of
usage and transportation are also likely to be pegged on employees (Scarfo,2012) It is likely that
employees will be unwilling to shoulder this cost. Too much usage of personal devices for work-
related tasks also makes them depreciate within a short period. Among the considerations that
The Bank might be considered before implementation of the project will be determining who
will be responsible for any repairs on the personal devices. Additionally, the issue of costs
associated with the loss of the device while at work can also lead to resentment on the part of
employees
violation of the Law.
Companies cannot afford to ignore the increasing rates of adopting BYOD that has been caused
by the rise in the use of technology. By implementing the project, Commonwealth Bank of
Australia will allow usage of employee’s devices such as smart phones, laptops, and tablets for
official duties instead of company-provided devices. Among the information stored in such
devices might include inventory, mobile schedules, photos and training videos among others to
facilitate easy access of data. While the practice of allowing employees to bring their own
devices at eth workplace is becoming a norm, there are many consequences that Commonwealth
Bank of Australia might be subjecting itself to by implementation of the project (Mansfield-
Devine,2012).
Resentment by employees
By implementing the project, the Bank will force its employees to incur extra costs to acquire the
requisite devices for those who might not be having them. Requesting employees to purchase
new devices for work purposes might, therefore, leave them unhappy. Additionally, the costs of
usage and transportation are also likely to be pegged on employees (Scarfo,2012) It is likely that
employees will be unwilling to shoulder this cost. Too much usage of personal devices for work-
related tasks also makes them depreciate within a short period. Among the considerations that
The Bank might be considered before implementation of the project will be determining who
will be responsible for any repairs on the personal devices. Additionally, the issue of costs
associated with the loss of the device while at work can also lead to resentment on the part of
employees
(Zahadat,et all,2015)
Reduced productivity
Another consequence of the use of personal devices by employees can be associated with their
distractive nature. By using their devices at the workplace, employees are more likely to spend a
considerable amount of their productive hours on social sites such as Whatsapp, Facebook
Instagram, and Twitter. While the Bank desires to maximize profits, the implementation of the
project will result in a distraction of employees from their primary duties which will directly
affect their productivity. The small amount of time spent by one employee to send a text message
to a friend or surf the web can collectively lead to wastage of so much time which will reduce the
overall productivity of the Bank (Mitrovic,et al,2015)
Little Control over the Device
By allowing the use of personal devices, the bank will also have little control over them.
Although the Bank might result in restrictions on the files that can be activated by the device
there some employees as a result of their technological prowess might jailbreak such restrictions
and gain access to restricted content (Wiech,2013).
DATA SECURITY RISKS
Increased entry points for hackers
The use of personal devices in the workplace increases the chances of hacking of an
organization’s systems. While hacking in a situation where all the Banks desktops are within its
premises might be relatively difficult, having employees work from their mobile phones or
Reduced productivity
Another consequence of the use of personal devices by employees can be associated with their
distractive nature. By using their devices at the workplace, employees are more likely to spend a
considerable amount of their productive hours on social sites such as Whatsapp, Facebook
Instagram, and Twitter. While the Bank desires to maximize profits, the implementation of the
project will result in a distraction of employees from their primary duties which will directly
affect their productivity. The small amount of time spent by one employee to send a text message
to a friend or surf the web can collectively lead to wastage of so much time which will reduce the
overall productivity of the Bank (Mitrovic,et al,2015)
Little Control over the Device
By allowing the use of personal devices, the bank will also have little control over them.
Although the Bank might result in restrictions on the files that can be activated by the device
there some employees as a result of their technological prowess might jailbreak such restrictions
and gain access to restricted content (Wiech,2013).
DATA SECURITY RISKS
Increased entry points for hackers
The use of personal devices in the workplace increases the chances of hacking of an
organization’s systems. While hacking in a situation where all the Banks desktops are within its
premises might be relatively difficult, having employees work from their mobile phones or
laptops makes it possible to hack from multiple points thus making it easier for hackers to get
hold of sensitive information from the bank (Downer & Bhattacharya, 2015)
Access to Unsecured Wi-Fi
Accessing of unsecured Wi-Fi can be quite risky to the bank's data. Allowing use of personal
devices would mean that employees will use the same devices that they use to access unsecured
Wi-Fi Connections at restaurants, their homes or even at the Airport. Such unsecured networks
can facilitate easy hacking of the Bank’s systems (Suby,2013).
Discoverability of data
This can be the case where there is a loss of the devices. Any loss resulting from theft or
employee’s carelessness puts the employer’s data which is stored on the device at risk.
Additionally, the project also means that the privacy of employees will also be at stake. For
example, in the case of any legal proceedings, personal devices being used by an employee
might b explored by the employer or a third party if need be. Some of the personal information
that could be explored includes information contained in social media accounts, geographical
location or even private photos. This could be against the wishes of the employee (Song, 2014).
People leaving the Bank
Sometimes employees might leave a company abruptly without prior notice. In such a situation
where employees leave the Bank without notice, the management might not have time to remove
the bank's information and passwords which might facilitate unauthorized access to the Banks
systems by former employees (Vijayan & Hardy,2015).
hold of sensitive information from the bank (Downer & Bhattacharya, 2015)
Access to Unsecured Wi-Fi
Accessing of unsecured Wi-Fi can be quite risky to the bank's data. Allowing use of personal
devices would mean that employees will use the same devices that they use to access unsecured
Wi-Fi Connections at restaurants, their homes or even at the Airport. Such unsecured networks
can facilitate easy hacking of the Bank’s systems (Suby,2013).
Discoverability of data
This can be the case where there is a loss of the devices. Any loss resulting from theft or
employee’s carelessness puts the employer’s data which is stored on the device at risk.
Additionally, the project also means that the privacy of employees will also be at stake. For
example, in the case of any legal proceedings, personal devices being used by an employee
might b explored by the employer or a third party if need be. Some of the personal information
that could be explored includes information contained in social media accounts, geographical
location or even private photos. This could be against the wishes of the employee (Song, 2014).
People leaving the Bank
Sometimes employees might leave a company abruptly without prior notice. In such a situation
where employees leave the Bank without notice, the management might not have time to remove
the bank's information and passwords which might facilitate unauthorized access to the Banks
systems by former employees (Vijayan & Hardy,2015).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Creation of a data classification scheme is the first step in the process of classifying data .It is
then followed by the creation of security standards which set the appropriate practices of
managing data. The following is an example of a data classification scheme
Category 1: This category of data is available for public display, and may include a company’s
contact information.
Category 2: This category represents internal data that can be accessed by Company’s
stakeholders such as an organization chart.
Category 3: Under this category is sensitive organizations data whose leakage to unauthorized
persons can significantly affect an organization. Example include a company’s contracts with
third parties
Category 4: This category represents highly sensitive data such as customers account
information. Its disclosure can lead to legal tussle for an organization
Category 4: highly sensitive data that could put the company in legal of financial risk if
disclosed, for example, customer account information and employee social security numbers.
Data classification Risks Risk Mitigation
Category 2 data loss, defective deletion employee education
Category 3 data loss digital signatures, encryption,
Category 4 Theft Authorization,
digital signatures and
biometrics
then followed by the creation of security standards which set the appropriate practices of
managing data. The following is an example of a data classification scheme
Category 1: This category of data is available for public display, and may include a company’s
contact information.
Category 2: This category represents internal data that can be accessed by Company’s
stakeholders such as an organization chart.
Category 3: Under this category is sensitive organizations data whose leakage to unauthorized
persons can significantly affect an organization. Example include a company’s contracts with
third parties
Category 4: This category represents highly sensitive data such as customers account
information. Its disclosure can lead to legal tussle for an organization
Category 4: highly sensitive data that could put the company in legal of financial risk if
disclosed, for example, customer account information and employee social security numbers.
Data classification Risks Risk Mitigation
Category 2 data loss, defective deletion employee education
Category 3 data loss digital signatures, encryption,
Category 4 Theft Authorization,
digital signatures and
biometrics
Risks and Risk Mitigation for various data categories
CONCLUSION
In conclusion, BYOD Policy is a concept that has gained momentum in the recent past as per the
recent statistics of the number of organizations that are embracing it. Commonwealth Bank of
Australia intends to join the list of companies that use this policy by implementing its project that
will require their employees to use personal devices to be used as the main devices for
performing their work tasks. However, successful implementation of the program will depend
upon an analysis of numerous factors as well as the inclusion of various shareholders within the
Organization. Commonwealth Bank of Australia will, therefore, be required to conduct a cost-
benefit analysis of the proposed project before its implementation as well as the various
considerations and measures that will be laid out to facilitate successful implementation of the
project. Among the considerations that the Bank will need to look at are the various laws
governing the use of personal devices at the workplace by employees to facilitate co0mpliance
by both the employees and the management. However, the implementation of the project will
come with many challenges that the company will be required to mitigate. The associated threats,
vulnerabilities, and consequences will affect both employees and the management. Among the
risks that the Bank will be faced with are legal liabilities in case of violation of the exciting laws
regarding the use of personal devices by the employees, abstracted driving, increases of sexual
harassment among employees, associated risks of social media content ,possibility of loss of
devices with unsecured data resentment by employees, loss of productivity for employees and
the bank and Management’s loss of control over devices used by employees in performing their
work tasks. The Bank will also be faced with many data security risks including the risk of its
CONCLUSION
In conclusion, BYOD Policy is a concept that has gained momentum in the recent past as per the
recent statistics of the number of organizations that are embracing it. Commonwealth Bank of
Australia intends to join the list of companies that use this policy by implementing its project that
will require their employees to use personal devices to be used as the main devices for
performing their work tasks. However, successful implementation of the program will depend
upon an analysis of numerous factors as well as the inclusion of various shareholders within the
Organization. Commonwealth Bank of Australia will, therefore, be required to conduct a cost-
benefit analysis of the proposed project before its implementation as well as the various
considerations and measures that will be laid out to facilitate successful implementation of the
project. Among the considerations that the Bank will need to look at are the various laws
governing the use of personal devices at the workplace by employees to facilitate co0mpliance
by both the employees and the management. However, the implementation of the project will
come with many challenges that the company will be required to mitigate. The associated threats,
vulnerabilities, and consequences will affect both employees and the management. Among the
risks that the Bank will be faced with are legal liabilities in case of violation of the exciting laws
regarding the use of personal devices by the employees, abstracted driving, increases of sexual
harassment among employees, associated risks of social media content ,possibility of loss of
devices with unsecured data resentment by employees, loss of productivity for employees and
the bank and Management’s loss of control over devices used by employees in performing their
work tasks. The Bank will also be faced with many data security risks including the risk of its
systems being hacked from multiple points, the risk of former employees of the bank being able
to access the Bank’s confidential information and the risk of discoverability of data.
to access the Bank’s confidential information and the risk of discoverability of data.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
REFERENCES
Gustav, A., & Kabanda, S. (2016). BYOD adoption concerns in the South African financial institution
sector. In CONF-IRM (p. 59).
Acharya, V. V., Pedersen, L. H., Philippon, T., & Richardson, M. (2017). Measuring systemic risk. The
Review of Financial Studies, 30(1), 2-47.
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering: A
framework and its analysis. Computers & Security, 55, 81-99.
Song, Y. (2014). “Bring Your Own Device (BYOD)” for seamless science inquiry in a primary
school. Computers & Education, 74, 50-60.
Guan, L. (2012). Established BYOD management policies needed. Government News, 32(2), 9.
Bzur,A.,(2013).4 Risks When Employees Bring Their Own Devices to Work.Inc.
Ballagas, R., Rohs, M., Sheridan, J. G., & Borchers, J. (2014, September). Byod: Bring your own
device. In Proceedings of the Workshop on Ubiquitous Display Environments, Ubicomp (Vol.
2004).
Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD policies and
usage. Journal of Hospital Librarianship, 13(3), 197-208.
Lebek, B., Degirmenci, K., & Breitner, M. H. (2013). Investigating the influence of security, privacy,
and legal concerns on employees' intention to use BYOD mobile devices.
Suby, M. (2013). The 2013 (ISC) 2 Global Information Security Workforce Study. Frost & Sullivan in
partnership with Booz Allen Hamilton for ISC2.
Gustav, A., & Kabanda, S. (2016). BYOD adoption concerns in the South African financial institution
sector. In CONF-IRM (p. 59).
Acharya, V. V., Pedersen, L. H., Philippon, T., & Richardson, M. (2017). Measuring systemic risk. The
Review of Financial Studies, 30(1), 2-47.
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering: A
framework and its analysis. Computers & Security, 55, 81-99.
Song, Y. (2014). “Bring Your Own Device (BYOD)” for seamless science inquiry in a primary
school. Computers & Education, 74, 50-60.
Guan, L. (2012). Established BYOD management policies needed. Government News, 32(2), 9.
Bzur,A.,(2013).4 Risks When Employees Bring Their Own Devices to Work.Inc.
Ballagas, R., Rohs, M., Sheridan, J. G., & Borchers, J. (2014, September). Byod: Bring your own
device. In Proceedings of the Workshop on Ubiquitous Display Environments, Ubicomp (Vol.
2004).
Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD policies and
usage. Journal of Hospital Librarianship, 13(3), 197-208.
Lebek, B., Degirmenci, K., & Breitner, M. H. (2013). Investigating the influence of security, privacy,
and legal concerns on employees' intention to use BYOD mobile devices.
Suby, M. (2013). The 2013 (ISC) 2 Global Information Security Workforce Study. Frost & Sullivan in
partnership with Booz Allen Hamilton for ISC2.
Mitrovic, Z., Veljkovic, I., Whyte, G., & Thompson, K. (2014, November). Introducing BYOD in an
organisation: the risk and customer services view points. In The 1st Namibia Customer Service
Awards & Conference (pp. 1-26).
Burt, J. (2011). BYOD trend pressures corporate networks. eweek, 28(14), 30-31.
Shim, J. P., Mittleman, D., Welke, R., French, A. M., & Guo, J. C. (2013). Bring your own device
(BYOD): Current status, issues, and future directions.
Smith, A. D. (2009). Internet retail banking: A competitive analysis in an increasingly financially
troubled environment. Information Management & Computer Security, 17(2), 127-150.
Ghosh, A., Gajar, P. K., & Rai, S. (2013). Bring your own device (BYOD): Security risks and mitigating
strategies. Journal of Global Research in Computer Science, 4(4), 62-70.
French, A. M., Guo, C., & Shim, J. P. (2014). Current Status, Issues, and Future of Bring Your Own
Device (BYOD). CAIS, 35, 10.
Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information security
and privacy challenges in Bring Your Own Device (BYOD) environments. Journal of
Information privacy and security, 11(1), 38-54.
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering: A
framework and its analysis. Computers & Security, 55, 81-99.
Watkins, B. (2014). The impact of cyber attacks on the private sector. Briefing Paper, Association for
International Affair, 12.
organisation: the risk and customer services view points. In The 1st Namibia Customer Service
Awards & Conference (pp. 1-26).
Burt, J. (2011). BYOD trend pressures corporate networks. eweek, 28(14), 30-31.
Shim, J. P., Mittleman, D., Welke, R., French, A. M., & Guo, J. C. (2013). Bring your own device
(BYOD): Current status, issues, and future directions.
Smith, A. D. (2009). Internet retail banking: A competitive analysis in an increasingly financially
troubled environment. Information Management & Computer Security, 17(2), 127-150.
Ghosh, A., Gajar, P. K., & Rai, S. (2013). Bring your own device (BYOD): Security risks and mitigating
strategies. Journal of Global Research in Computer Science, 4(4), 62-70.
French, A. M., Guo, C., & Shim, J. P. (2014). Current Status, Issues, and Future of Bring Your Own
Device (BYOD). CAIS, 35, 10.
Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information security
and privacy challenges in Bring Your Own Device (BYOD) environments. Journal of
Information privacy and security, 11(1), 38-54.
Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering: A
framework and its analysis. Computers & Security, 55, 81-99.
Watkins, B. (2014). The impact of cyber attacks on the private sector. Briefing Paper, Association for
International Affair, 12.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Ghosh, A., Gajar, P. K., & Rai, S. (2013). Bring your own device (BYOD): Security risks and mitigating
strategies. Journal of Global Research in Computer Science, 4(4), 62-70.
Downer, K., & Bhattacharya, M. (2015, December). BYOD security: A new business challenge.
In Smart City/SocialCom/SustainCom (SmartCity), 2015 IEEE International Conference on (pp.
1128-1133). IEEE.
Vijayan, J., & Hardy, G. M. (2015). Security Spending and Preparedness in the Financial Sector: A
SANS Survey.
Morrow, B. (2012). BYOD security challenges: control and protect your most sensitive data. Network
Security, 2012(12), 5-8.
Chin, E., Felt, A. P., Greenwood, K., & Wagner, D. (2011, June). Analyzing inter-application
communication in Android. In Proceedings of the 9th international conference on Mobile
systems, applications, and services (pp. 239-252). ACM.
French, A. M., Guo, C., & Shim, J. P. (2014). Current Status, Issues, and Future of Bring Your Own
Device (BYOD). CAIS, 35, 10.
Mansfield-Devine, S. (2012). Interview: BYOD and the enterprise network. Computer fraud &
security, 2012(4), 14-17.
Thomson, G. (2012). BYOD: enabling the chaos. Network Security, 2012(2), 5-8.
Felt, A. P., Chin, E., Hanna, S., Song, D., & Wagner, D. (2011, October). Android permissions
demystified. In Proceedings of the 18th ACM conference on Computer and communications
security(pp. 627-638). ACM.
Wiech, D. (2013). The benefits and risks of BYOD. Manufacturing Business Technology.
strategies. Journal of Global Research in Computer Science, 4(4), 62-70.
Downer, K., & Bhattacharya, M. (2015, December). BYOD security: A new business challenge.
In Smart City/SocialCom/SustainCom (SmartCity), 2015 IEEE International Conference on (pp.
1128-1133). IEEE.
Vijayan, J., & Hardy, G. M. (2015). Security Spending and Preparedness in the Financial Sector: A
SANS Survey.
Morrow, B. (2012). BYOD security challenges: control and protect your most sensitive data. Network
Security, 2012(12), 5-8.
Chin, E., Felt, A. P., Greenwood, K., & Wagner, D. (2011, June). Analyzing inter-application
communication in Android. In Proceedings of the 9th international conference on Mobile
systems, applications, and services (pp. 239-252). ACM.
French, A. M., Guo, C., & Shim, J. P. (2014). Current Status, Issues, and Future of Bring Your Own
Device (BYOD). CAIS, 35, 10.
Mansfield-Devine, S. (2012). Interview: BYOD and the enterprise network. Computer fraud &
security, 2012(4), 14-17.
Thomson, G. (2012). BYOD: enabling the chaos. Network Security, 2012(2), 5-8.
Felt, A. P., Chin, E., Hanna, S., Song, D., & Wagner, D. (2011, October). Android permissions
demystified. In Proceedings of the 18th ACM conference on Computer and communications
security(pp. 627-638). ACM.
Wiech, D. (2013). The benefits and risks of BYOD. Manufacturing Business Technology.
1 out of 23
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.