Risk Management Report Assignment
VerifiedAdded on 2020/03/16
|14
|4599
|37
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: AZTEK BYOD ASSESSMENT REPORT 1
IMPACTS OF ADOPTING BYOD STRATEGIES FOR AZTEK
BY
IMPACTS OF ADOPTING BYOD STRATEGIES FOR AZTEK
BY
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
AZTEK BYOD ASSESSMENT REPORT 2
Executive Summary
The following report introduces Aztek Limited, a financial institution that is looking to adopt
BYOD technology. A discussion of BYOD implementation in the larger financial industry has
been laid out followed by the impacts of adopting BYOD for Aztek. In addition, this paper
also outlines the benefits of implementing BYOD for Aztek as well as threats and
susceptibilities of the implementation. Data security being one of the major concerns with
cloud based access solutions has been expounded in depth in terms of risks involved and
security controls to prevent and lessen data security. What follows is a risk management
outline including the definition, major and minor risk mitigation factors. Finally, a conclusion
and recommendation of the assessment report
The report findings about BYOD technology are that it is an emerging technology that can
assist organizations improve employee productivity thus increasing business productivity.
The following are the assessment recommendations for Aztek management
I. The risk assessment lead recommends that Aztek should implement BYOD for
increased employee productivity. The assessment report has indicated that
employee productivity boosts increased business productivity
II. BYOD deployment will enhance business processes flexibility for Aztek and therefore
the company should adopt the technology
III. To align its objectives with regulatory authorities, Aztek should ensure that for BYOD
implementation, all the compliance procedures will be followed
IV. To minimize costs and lessen maintenance expenses that are brought about IT
hardware and software acquisition, Aztek can install BYOD
V. With BYOD deployment, organizational staff are already experienced in using their
own devices and won’t require training and help desk support from the company
VI. BYOD is not only associated with benefits. However, it is surrounded with many
threats, weaknesses and risks. Aztek should perform and install security controls and
strategies, as well as train employees on how to setup and maintain a secure BYOD
environment
Executive Summary
The following report introduces Aztek Limited, a financial institution that is looking to adopt
BYOD technology. A discussion of BYOD implementation in the larger financial industry has
been laid out followed by the impacts of adopting BYOD for Aztek. In addition, this paper
also outlines the benefits of implementing BYOD for Aztek as well as threats and
susceptibilities of the implementation. Data security being one of the major concerns with
cloud based access solutions has been expounded in depth in terms of risks involved and
security controls to prevent and lessen data security. What follows is a risk management
outline including the definition, major and minor risk mitigation factors. Finally, a conclusion
and recommendation of the assessment report
The report findings about BYOD technology are that it is an emerging technology that can
assist organizations improve employee productivity thus increasing business productivity.
The following are the assessment recommendations for Aztek management
I. The risk assessment lead recommends that Aztek should implement BYOD for
increased employee productivity. The assessment report has indicated that
employee productivity boosts increased business productivity
II. BYOD deployment will enhance business processes flexibility for Aztek and therefore
the company should adopt the technology
III. To align its objectives with regulatory authorities, Aztek should ensure that for BYOD
implementation, all the compliance procedures will be followed
IV. To minimize costs and lessen maintenance expenses that are brought about IT
hardware and software acquisition, Aztek can install BYOD
V. With BYOD deployment, organizational staff are already experienced in using their
own devices and won’t require training and help desk support from the company
VI. BYOD is not only associated with benefits. However, it is surrounded with many
threats, weaknesses and risks. Aztek should perform and install security controls and
strategies, as well as train employees on how to setup and maintain a secure BYOD
environment
AZTEK BYOD ASSESSMENT REPORT 3
Table of Contents
1.0 Introduction...................................................................................................................3
1.1 Project scope............................................................................................................. 4
1.2 Assessment significance.............................................................................................4
2.0 Bring your own Device Technology...............................................................................4
3.0 Benefits of BYOD for organizations...............................................................................5
4.0 Financial services sector review.........................................................................................5
4.1 Industry compliance and government policies...............................................................6
5.0 Impacts of adopting BYOD for Aztec..................................................................................6
5.1 Benefits of BYOD implementation..................................................................................6
5.2 Threats and Vulnerabilities.............................................................................................7
6.0 Data security risks.............................................................................................................. 7
7. 0 Risk management..............................................................................................................8
7.1 Major IT Control Frameworks.........................................................................................8
7.2 Other existing BYOD control considerations..................................................................8
9.0 Conclusion..........................................................................................................................9
9.0 Recommendation.............................................................................................................10
10.0 References......................................................................................................................11
Table of Contents
1.0 Introduction...................................................................................................................3
1.1 Project scope............................................................................................................. 4
1.2 Assessment significance.............................................................................................4
2.0 Bring your own Device Technology...............................................................................4
3.0 Benefits of BYOD for organizations...............................................................................5
4.0 Financial services sector review.........................................................................................5
4.1 Industry compliance and government policies...............................................................6
5.0 Impacts of adopting BYOD for Aztec..................................................................................6
5.1 Benefits of BYOD implementation..................................................................................6
5.2 Threats and Vulnerabilities.............................................................................................7
6.0 Data security risks.............................................................................................................. 7
7. 0 Risk management..............................................................................................................8
7.1 Major IT Control Frameworks.........................................................................................8
7.2 Other existing BYOD control considerations..................................................................8
9.0 Conclusion..........................................................................................................................9
9.0 Recommendation.............................................................................................................10
10.0 References......................................................................................................................11
AZTEK BYOD ASSESSMENT REPORT 4
1.0 Introduction
There’s no denying the impact that technology has brought in modern organizations.
Technology is increasingly changing the way business operate and function by transforming
business processes including manufacturing, processing, branding, market, advertising and
more. In addition, technology is also transforming the way employees work and carry out
their tasks as well as the way clients and other stakeholders engage with businesses (Garlati,
2011). This is from the dawn of ubiquitous mobile computing technology that is
progressively on the rise. Organizational industries such as the financial services sector has
not been left behind by the digital shift. Adjusting to emerging technologies such as mobile
computing is challenging for any business. Today's financial services establishments are
especially faced with data security and risk management challenges and requirements. In an
attempt to gain a competitive advantage and enhance customer experience, financial
organizations are presently focused on adopting newer technologies in the market. Bring
Your Own Device (BYOD) is an emerging technology that permits workers to bring their own
technology at work and use them to carry out work related tasks (TrendMicro, 2012). This
report seeks to discuss the impacts of adopting BYOD technology for Aztec Limited, an
Australian based financial services provider.
1.1 Project scope
This report will focus on delivering a BYOD risk assessment study for Aztec Limited in terms
expounding on BYOD emerging technology, the state of the financial services industry on
BYOD adoption, risks associated with BYOD advancement, data security and finally a
comprehensive risk assessment.
1.2 Assessment significance
Evaluation of BYOD adoption at Aztek will enable organizational management to make
informed decisions on advances that will help the business explore options that will help
the business on cost savings, increase employee satisfaction as well as improve business
productivity and efficiency. The assessment will provide Aztek with procedures that will
affect BYOD implementations including the adoption of BYOD in the general financial sector,
benefits, associated risks and how to manage them in the event of happening. In addition,
the assessment will enable Aztek management learn of ways to minimize business costs
with BYOD technology.
1.0 Introduction
There’s no denying the impact that technology has brought in modern organizations.
Technology is increasingly changing the way business operate and function by transforming
business processes including manufacturing, processing, branding, market, advertising and
more. In addition, technology is also transforming the way employees work and carry out
their tasks as well as the way clients and other stakeholders engage with businesses (Garlati,
2011). This is from the dawn of ubiquitous mobile computing technology that is
progressively on the rise. Organizational industries such as the financial services sector has
not been left behind by the digital shift. Adjusting to emerging technologies such as mobile
computing is challenging for any business. Today's financial services establishments are
especially faced with data security and risk management challenges and requirements. In an
attempt to gain a competitive advantage and enhance customer experience, financial
organizations are presently focused on adopting newer technologies in the market. Bring
Your Own Device (BYOD) is an emerging technology that permits workers to bring their own
technology at work and use them to carry out work related tasks (TrendMicro, 2012). This
report seeks to discuss the impacts of adopting BYOD technology for Aztec Limited, an
Australian based financial services provider.
1.1 Project scope
This report will focus on delivering a BYOD risk assessment study for Aztec Limited in terms
expounding on BYOD emerging technology, the state of the financial services industry on
BYOD adoption, risks associated with BYOD advancement, data security and finally a
comprehensive risk assessment.
1.2 Assessment significance
Evaluation of BYOD adoption at Aztek will enable organizational management to make
informed decisions on advances that will help the business explore options that will help
the business on cost savings, increase employee satisfaction as well as improve business
productivity and efficiency. The assessment will provide Aztek with procedures that will
affect BYOD implementations including the adoption of BYOD in the general financial sector,
benefits, associated risks and how to manage them in the event of happening. In addition,
the assessment will enable Aztek management learn of ways to minimize business costs
with BYOD technology.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
AZTEK BYOD ASSESSMENT REPORT 5
2.0 Bring your own Device Technology
According to a (TrendMicro, 2012) report, employees have a preference to utilize their
own devices in the office as they are already used to them and are simple to use, more
appropriate, and permit them to combine their work operations with personal activities
(Garlati, 2011). Bring Your Own Device (BYOD) denotes to the concept of allowing company
staff to bring in personal computing devices such as laptops, smart phones and tablets to
the workstation, and to utilize them to obtain admittance to business systems and
information (Hurst, 2012). This technology can also be referred to as bring your own
phone (BYOP), bring your own technology (BYOT), and bring your own personal
computer (BYOPC) (Monnappa, 2016). The ubiquitous nature of mobile computing devices
such as PDAs, tablets, e-readers and smart phones are seeing many people use them in day
to day life (Bradley, 2011). This has led to several companies permitting staff to carry their
own hand held computing devices to the office (Bodley-Scott, 2014). Organizations
including IBM already allows employees to take and use their devices at work because of
professed business productivity gains and cost reduction (IBM, 2017). In the business world,
BYOD is making noteworthy progress with over 75 percent of employees high level markets
like Russia and Brazil with more than 40 percent using their own devices at the
workplace (Advisor, 2017). Research has as well shown that it is impossible to prevent
employees from bringing their own technology at work (Advisor, 2017). BYOD prevents the
ICT function in an organization from bothering with complicated developments in the
market since device owners take it upon themselves to ensure device security and update
saving them a lot of time. For establishments that embrace BYOD, only few are worried
with probable security issues that unsecured mobile technology (Mielach, 2012).
3.0 Benefits of BYOD for organizations
As part of a disruptive technology, BYOD paradigm offers a lot of benefits for business
organizations. According to (Jeff, 2012) one of the factors that associate BYOD with
benefiting a business is cost reduction. Although there are limitations, both businesses and
employees seem to opt for BYOD technology. The following are benefits for adopting BYOD
in a business organization according to (ComputerSolutions, 2017)
i) Improved productivity – research has indicated that business that have embraced
experience increased business productivity
ii) Enhanced flexibility – mobile devices attract a business workforce in that they can
work from wherever they could be. They can access company network remotely with
a variety of hand-held computing devices
iii) Decreased hardware asset procurement – a modern business cannot survive without
computer technology including software and hardware. By allowing BYOD
implementation organizations don’t require to purchase hardware for use in the
business since employees use their own devices hence lessening hardware
acquisition costs for the business
2.0 Bring your own Device Technology
According to a (TrendMicro, 2012) report, employees have a preference to utilize their
own devices in the office as they are already used to them and are simple to use, more
appropriate, and permit them to combine their work operations with personal activities
(Garlati, 2011). Bring Your Own Device (BYOD) denotes to the concept of allowing company
staff to bring in personal computing devices such as laptops, smart phones and tablets to
the workstation, and to utilize them to obtain admittance to business systems and
information (Hurst, 2012). This technology can also be referred to as bring your own
phone (BYOP), bring your own technology (BYOT), and bring your own personal
computer (BYOPC) (Monnappa, 2016). The ubiquitous nature of mobile computing devices
such as PDAs, tablets, e-readers and smart phones are seeing many people use them in day
to day life (Bradley, 2011). This has led to several companies permitting staff to carry their
own hand held computing devices to the office (Bodley-Scott, 2014). Organizations
including IBM already allows employees to take and use their devices at work because of
professed business productivity gains and cost reduction (IBM, 2017). In the business world,
BYOD is making noteworthy progress with over 75 percent of employees high level markets
like Russia and Brazil with more than 40 percent using their own devices at the
workplace (Advisor, 2017). Research has as well shown that it is impossible to prevent
employees from bringing their own technology at work (Advisor, 2017). BYOD prevents the
ICT function in an organization from bothering with complicated developments in the
market since device owners take it upon themselves to ensure device security and update
saving them a lot of time. For establishments that embrace BYOD, only few are worried
with probable security issues that unsecured mobile technology (Mielach, 2012).
3.0 Benefits of BYOD for organizations
As part of a disruptive technology, BYOD paradigm offers a lot of benefits for business
organizations. According to (Jeff, 2012) one of the factors that associate BYOD with
benefiting a business is cost reduction. Although there are limitations, both businesses and
employees seem to opt for BYOD technology. The following are benefits for adopting BYOD
in a business organization according to (ComputerSolutions, 2017)
i) Improved productivity – research has indicated that business that have embraced
experience increased business productivity
ii) Enhanced flexibility – mobile devices attract a business workforce in that they can
work from wherever they could be. They can access company network remotely with
a variety of hand-held computing devices
iii) Decreased hardware asset procurement – a modern business cannot survive without
computer technology including software and hardware. By allowing BYOD
implementation organizations don’t require to purchase hardware for use in the
business since employees use their own devices hence lessening hardware
acquisition costs for the business
AZTEK BYOD ASSESSMENT REPORT 6
iv) Cost reductions – as stated above an organization is able to minimize hardware
software and acquisition which helps the entire business cut on expenses by tasking
employees with such responsibility
v) Cheaper device and infrastructure maintenance
vi) Organizational staff are already experienced in using their own devices and won’t
require training and help desk support. In addition, staff always ensure that their
devices are updated to the latest patches and other software updates which is
beneficial for the company.
4.0 Financial services sector review
Technology has brought in numerous advantages for financial businesses (Celik, 2013). Bring
Your Own Device (BYOD) as an emerging technology is there on the rise in being adopted by
many industries, however the financial industry has embraced BYOD much more that other
sectors (Nerney, 2016). Because of a growing and ever expanding BYOD concept, it is
important that financial services sector must also adopt the technology (Lund & Silva, 2015).
Like mentioned before, some organizations that allow BYOD are not bothered with the data
security issue which is very risky. Like other industries, many financial institutes are also
taking necessary precautions with mobile device usage by employees which is also
hazardous. According to a current survey (Advisor, 2017), more than two-thirds of financial
establishments are yet to optimize and install enterprise related mobile device management
with regard to BYOD adoption (Winjnhoven & Wassenaar, 2010).
4.1 Industry compliance and government policies
An Australian government agency for managing information management in the workplace,
(AGIMO) is on the edge of allowing a strategy document for increasing mobility technology
that will include tablets, smartphones, notebooks, mobile applications for governmental
departments and public servants (Trevor, 2013). For financial institutes, BYOD embracing
starts with looking into governmental policies and compliance standards that could guide its
adoption. Therefore, organizations should first and foremost assess the end-to-end effects
of BYOD in the business, chiefly in terms of privacy, security, compliance, data access,
content and workforce mobile device usage guidelines. In addition, financial organizations
need to choose the right service providers for maximum scalability, flexibility BYOD
deployment management and solutions (Framingham, Gens, Levitas, & Segal, 2011). It is
important to have a wide range of partners, service workers and recognized professional
experts knowledgeable in mobility services, networks and security to assist organizations in
ensuring better BYOD management.
4.0 Impacts of adopting BYOD for Aztec
iv) Cost reductions – as stated above an organization is able to minimize hardware
software and acquisition which helps the entire business cut on expenses by tasking
employees with such responsibility
v) Cheaper device and infrastructure maintenance
vi) Organizational staff are already experienced in using their own devices and won’t
require training and help desk support. In addition, staff always ensure that their
devices are updated to the latest patches and other software updates which is
beneficial for the company.
4.0 Financial services sector review
Technology has brought in numerous advantages for financial businesses (Celik, 2013). Bring
Your Own Device (BYOD) as an emerging technology is there on the rise in being adopted by
many industries, however the financial industry has embraced BYOD much more that other
sectors (Nerney, 2016). Because of a growing and ever expanding BYOD concept, it is
important that financial services sector must also adopt the technology (Lund & Silva, 2015).
Like mentioned before, some organizations that allow BYOD are not bothered with the data
security issue which is very risky. Like other industries, many financial institutes are also
taking necessary precautions with mobile device usage by employees which is also
hazardous. According to a current survey (Advisor, 2017), more than two-thirds of financial
establishments are yet to optimize and install enterprise related mobile device management
with regard to BYOD adoption (Winjnhoven & Wassenaar, 2010).
4.1 Industry compliance and government policies
An Australian government agency for managing information management in the workplace,
(AGIMO) is on the edge of allowing a strategy document for increasing mobility technology
that will include tablets, smartphones, notebooks, mobile applications for governmental
departments and public servants (Trevor, 2013). For financial institutes, BYOD embracing
starts with looking into governmental policies and compliance standards that could guide its
adoption. Therefore, organizations should first and foremost assess the end-to-end effects
of BYOD in the business, chiefly in terms of privacy, security, compliance, data access,
content and workforce mobile device usage guidelines. In addition, financial organizations
need to choose the right service providers for maximum scalability, flexibility BYOD
deployment management and solutions (Framingham, Gens, Levitas, & Segal, 2011). It is
important to have a wide range of partners, service workers and recognized professional
experts knowledgeable in mobility services, networks and security to assist organizations in
ensuring better BYOD management.
4.0 Impacts of adopting BYOD for Aztec
AZTEK BYOD ASSESSMENT REPORT 7
Organizations are increasingly opening their data and information systems to mobile
devices including smart phones, notebooks, personal digital assistants (PDAs), iPads and
others. This trend has created the BYOD technology that is also referred to as IT
‘consumerization’ in the workplace. Both organizational customers and the workforce are
now favoring the performing and accomplishing tasks through the use of their own
individual devices over devices provided by an organization (Framingham, Gens, Levitas, &
Segal, 2011). Bring your own device (BYOD) paradigm is therefore is a rising development
for business IT. There are several benefits for permitting users to carry and use their
personal devices to work as well as some concerns including data security issues (Bradley,
2011).
Many financial organizations embrace bring your own device (BYOD) with the notion that
the technology will help them in reducing operational costs (Miller, 2016). However the real
value of bring your own device (BYOD) technology is to enhance employee experience and
satisfaction as well as quickening technical adoption in an organization. With happy and
satisfied employees, there results business productivity. Implementing BYOD for financial
organizations is a bit more sensitive as it involves more than shifting company infrastructure
to employees owned devices. It involves hidden and complicated impacts, in that policies
and procedures need to be laid out in well-defined processes before BYOD adoption (Miller,
2016). Preliminary success for any BYOD deployment, a business has to do enough
preparation with regards to complex requirements and risk management procedures. The
two major important factors to consider in trying to implement bring your own device
technology at the early stages include security (BankTech, 2013). Lack of security
procedures with BYOD implementation can have adverse effects for a business and can even
lead to downtime. The other critical factor has to do with legal compliance policies. It is
crucial to establish trust models in terms of understanding what the BYOD technology
means with regard to legal obligations (BankTech, 2013).
Technology deployment in a business provides a lot of business changes. In this case,
deploying BYOD at Aztek can have either advantages as well as provide some risks. However
risks can be prevented before they occur by installing controls to detect and avoid them in
the company.
5.1 Benefits of BYOD implementation
Increased employee satisfaction. If staff are allowed to use their own technology, it
increases their work experience s which motivates to work more responsibly and
efficiently which will in turn improve productivity for Aztek company
Reduce hardware and software acquisition costs since employees will be using their
own devices. This means that Aztek company will not need to buy mobile devices
for the company reducing business expenses
Reduction in maintenance expenses. Aztek will only need to maintain the devices
that belong to the organization since employees will take care of the maintenance
of their own devices
Organizations are increasingly opening their data and information systems to mobile
devices including smart phones, notebooks, personal digital assistants (PDAs), iPads and
others. This trend has created the BYOD technology that is also referred to as IT
‘consumerization’ in the workplace. Both organizational customers and the workforce are
now favoring the performing and accomplishing tasks through the use of their own
individual devices over devices provided by an organization (Framingham, Gens, Levitas, &
Segal, 2011). Bring your own device (BYOD) paradigm is therefore is a rising development
for business IT. There are several benefits for permitting users to carry and use their
personal devices to work as well as some concerns including data security issues (Bradley,
2011).
Many financial organizations embrace bring your own device (BYOD) with the notion that
the technology will help them in reducing operational costs (Miller, 2016). However the real
value of bring your own device (BYOD) technology is to enhance employee experience and
satisfaction as well as quickening technical adoption in an organization. With happy and
satisfied employees, there results business productivity. Implementing BYOD for financial
organizations is a bit more sensitive as it involves more than shifting company infrastructure
to employees owned devices. It involves hidden and complicated impacts, in that policies
and procedures need to be laid out in well-defined processes before BYOD adoption (Miller,
2016). Preliminary success for any BYOD deployment, a business has to do enough
preparation with regards to complex requirements and risk management procedures. The
two major important factors to consider in trying to implement bring your own device
technology at the early stages include security (BankTech, 2013). Lack of security
procedures with BYOD implementation can have adverse effects for a business and can even
lead to downtime. The other critical factor has to do with legal compliance policies. It is
crucial to establish trust models in terms of understanding what the BYOD technology
means with regard to legal obligations (BankTech, 2013).
Technology deployment in a business provides a lot of business changes. In this case,
deploying BYOD at Aztek can have either advantages as well as provide some risks. However
risks can be prevented before they occur by installing controls to detect and avoid them in
the company.
5.1 Benefits of BYOD implementation
Increased employee satisfaction. If staff are allowed to use their own technology, it
increases their work experience s which motivates to work more responsibly and
efficiently which will in turn improve productivity for Aztek company
Reduce hardware and software acquisition costs since employees will be using their
own devices. This means that Aztek company will not need to buy mobile devices
for the company reducing business expenses
Reduction in maintenance expenses. Aztek will only need to maintain the devices
that belong to the organization since employees will take care of the maintenance
of their own devices
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
AZTEK BYOD ASSESSMENT REPORT 8
Mobility leading to increased business flexibility. since employees are allowed to use
their own technology, they can perform work remotely from anywhere including at
home and on commute which improves business efficiency
Aztek will gain a competitive advantage since by adopting BYOD they will be
embracing the digital shift which is increasingly improving all business functions in
terms of how businesses engage with existing and prospective customers as well as
partners and stakeholders.
5.2 Threats and Vulnerabilities
Many technology advances come with a share of risks. This is because of the fact that
modern technologies are accessed through the Internet that connects all categories of
networks and users including fraudulent users. As a result, data security breaches are on
the increase. The recent ransom ware attack, wanna cry saw organizations including
financial agencies suffer data and financial loss for organizations in over 150 countries
(Woollaston, 2017). Major risks associated with adopting BYOD for Aztek could include the
following;
Data insecurity from hackers
Lack of proper security controls in employee devices
Lack of proper mobile device usage could bring in data security susceptibilities
Mobile device theft since employees use them outside the organizations which can
lead to data access by the wrong hands
BYOD pressures the ICT department to be acquainted with a wide range of mobile
gadgets in an effort to link them to the company network since every individual
person in the organization will have a different version of a cell phone, notebook or
tablet.
Some companies may be using applications that cannot be installed or are not
compatible with particular mobile computing devices that employees bring into the
business which could make business procedures stop and affect business
performance
6.0 Data security risks
Disputably, a huge concern for BYOD adoption in a financial institution is data and
information security (Pillay, et al., 2013). The use of personal devices therefore introduces a
lot of risks for the organization. Data security could include the following
Data loss – employees can easily lose company data as they carry the devices outside
company premises
Data leakage – since individuals are using their own data, it easy to leak company
information easily to unauthorized sources which could harm the organization
Lack of management and control over devices and data contained in them – the
organization is limited in controlling and managing employees personal devices
Susceptibilities due to malicious software installations by users which could harm the
organization by creating risks
Mobility leading to increased business flexibility. since employees are allowed to use
their own technology, they can perform work remotely from anywhere including at
home and on commute which improves business efficiency
Aztek will gain a competitive advantage since by adopting BYOD they will be
embracing the digital shift which is increasingly improving all business functions in
terms of how businesses engage with existing and prospective customers as well as
partners and stakeholders.
5.2 Threats and Vulnerabilities
Many technology advances come with a share of risks. This is because of the fact that
modern technologies are accessed through the Internet that connects all categories of
networks and users including fraudulent users. As a result, data security breaches are on
the increase. The recent ransom ware attack, wanna cry saw organizations including
financial agencies suffer data and financial loss for organizations in over 150 countries
(Woollaston, 2017). Major risks associated with adopting BYOD for Aztek could include the
following;
Data insecurity from hackers
Lack of proper security controls in employee devices
Lack of proper mobile device usage could bring in data security susceptibilities
Mobile device theft since employees use them outside the organizations which can
lead to data access by the wrong hands
BYOD pressures the ICT department to be acquainted with a wide range of mobile
gadgets in an effort to link them to the company network since every individual
person in the organization will have a different version of a cell phone, notebook or
tablet.
Some companies may be using applications that cannot be installed or are not
compatible with particular mobile computing devices that employees bring into the
business which could make business procedures stop and affect business
performance
6.0 Data security risks
Disputably, a huge concern for BYOD adoption in a financial institution is data and
information security (Pillay, et al., 2013). The use of personal devices therefore introduces a
lot of risks for the organization. Data security could include the following
Data loss – employees can easily lose company data as they carry the devices outside
company premises
Data leakage – since individuals are using their own data, it easy to leak company
information easily to unauthorized sources which could harm the organization
Lack of management and control over devices and data contained in them – the
organization is limited in controlling and managing employees personal devices
Susceptibilities due to malicious software installations by users which could harm the
organization by creating risks
AZTEK BYOD ASSESSMENT REPORT 9
Therefore, for financial establishments, data security risks and other data compromises,
prompts organizational management to upgrade urgency in enabling the setting up of a
robust secure environment for BYOD implementation
7. 0 Risk management
Risk assessment refers to an evaluation of IT methodologies that are used to manage risks.
Risk management can also be defined as activities that combine risks identification, risk
evaluation, strategies to cope with risk and mitigation possibilities (Berg, 2010). As far as
organizations are concerned, they can be faced with very many risks factors and therefore
require risk management procedures. BYOD brings about many risks as discussed above. It is
therefore crucial for organizations including Aztek to have ways to identify and manage
those risks.
7.1 Major IT Control Frameworks
Personally owned, company enabled - BYOD devices can fall in the the POCE group
framework category where they purchased or acquired by an individual but
controlled by an organization to ensure security (Hassell, 2012).
Corporate owned, personally enabled – BYOD control and management can also be
under COPE category where they owned by an organization but used privately by an
individual employee (Hassell, 2012).
7.2 Other existing BYOD control considerations
Security procedures and policies - include setting security policies for organizational
to control acceptable BYOD devices and informing employees of standardized
security practices to follow.
Security culture – involves a set of collaboration, thinking and behaviors amongst
employees with regard to how they understand their role towards decreasing data
security risks (Thomson, 2010).
Security Strategy – includes well defined approach to ensure that BYOD application
will boost employee productivity and satisfaction without creating risks (Siponen,
2006)
Security controls – combined with security strategy, security controls reduce BYOD
risks, threats and associated vulnerabilities.
Security training and awareness - educate users on the importance of and security
implementation in their devices (Crossler & Belanger, 2009).
8. 0 Data security approaches
Technology will keep on advancing creating more complexities and concerns such as data
security concerns. Improved technologies also mean that hackers and intruders also get
Therefore, for financial establishments, data security risks and other data compromises,
prompts organizational management to upgrade urgency in enabling the setting up of a
robust secure environment for BYOD implementation
7. 0 Risk management
Risk assessment refers to an evaluation of IT methodologies that are used to manage risks.
Risk management can also be defined as activities that combine risks identification, risk
evaluation, strategies to cope with risk and mitigation possibilities (Berg, 2010). As far as
organizations are concerned, they can be faced with very many risks factors and therefore
require risk management procedures. BYOD brings about many risks as discussed above. It is
therefore crucial for organizations including Aztek to have ways to identify and manage
those risks.
7.1 Major IT Control Frameworks
Personally owned, company enabled - BYOD devices can fall in the the POCE group
framework category where they purchased or acquired by an individual but
controlled by an organization to ensure security (Hassell, 2012).
Corporate owned, personally enabled – BYOD control and management can also be
under COPE category where they owned by an organization but used privately by an
individual employee (Hassell, 2012).
7.2 Other existing BYOD control considerations
Security procedures and policies - include setting security policies for organizational
to control acceptable BYOD devices and informing employees of standardized
security practices to follow.
Security culture – involves a set of collaboration, thinking and behaviors amongst
employees with regard to how they understand their role towards decreasing data
security risks (Thomson, 2010).
Security Strategy – includes well defined approach to ensure that BYOD application
will boost employee productivity and satisfaction without creating risks (Siponen,
2006)
Security controls – combined with security strategy, security controls reduce BYOD
risks, threats and associated vulnerabilities.
Security training and awareness - educate users on the importance of and security
implementation in their devices (Crossler & Belanger, 2009).
8. 0 Data security approaches
Technology will keep on advancing creating more complexities and concerns such as data
security concerns. Improved technologies also mean that hackers and intruders also get
AZTEK BYOD ASSESSMENT REPORT 10
access to upgraded intrusion tactics. Organizations that embrace BYOD have to therefore a
secure BYOD environment (Paloma, 2013). Organizations such as Aztek can use the
following policies to ensure a safe BYOD environment
Integrated policies and procedures control and management: policy and procedures
allow data, systems and applications security by authenticating and authorizing the
users. It will therefore be important for Aztek to deploy policies to manage mobile
device usage to ensure a secure BYOD environment
Another way to enable a secure BYOD environment is to ensure corporate network
and access security services. BYOD success requires that ICT unit in the business
provide the right levels of network and security access to the business network in
this case based on each user device and profile. Company employees at Aztek should
also be able to securely access the suitable data, services and applications by use of
encryption protocols and authentication factors
Implementing additional levels of security in employee devices with access
procedures as well as employee devices owned by the company. This proves
essential in ensuring protection of delicate data in the company.
Mobile device management(MDM) which permits ICT department to monitor
devices connected to the organizational and hence deny access from suspicious
devices and applications as well as deleting access of employee device that have
been reported stolen
Ensure secure data communications by using secure encryption standards between
mobile devices and company network substructures including wireless and wired
networks
9.0 Conclusion
BYOD implementation is more and more on the rise (Cisco, 2012). There includes valid
motives why some organizations would consider embracing bring your own device (BYOD)
approach such as to save costs and maintenance of IT resources. Also, mobile computing
devices are progressively on the increase in the world today. On one hand, consumers feel
at ease when using their own devices to access organization networks which as stated
above is very beneficial for the businesses especially the financial institutions. However, on
the other hand, organizations need to take into consideration the security measures of
mobile device computing and as well as compliance obligations governing mobile device
usage. Several organizations have already concluded that BYOD adoption is worth the risks.
Others are yet to embrace BYOD technology as they probably tend to conclude the risks
involved could be too much for the business. As such, it suffices that BYOD adoption is a
matter of an organization weighing the pros and cons of implementation and then deciding
on whether to allow the technology or not. Those that allow BYOD adoption need to
enforce procedures for data security such as mobile device management and requiring that
mobile device access to the company network is monitored and controlled by IT personnel.
With this, they will be able to reduce infrastructure costs and IT resources maintenance
fees. Conversely, organizations that choose not to embrace BYOD may be able to control
data security at a higher level and deal with IT resources procurement and maintenance
costs. Whatever option an organization goes by, it is important to note that technology will
continuously develop and that together with such advances are associated risks. The
access to upgraded intrusion tactics. Organizations that embrace BYOD have to therefore a
secure BYOD environment (Paloma, 2013). Organizations such as Aztek can use the
following policies to ensure a safe BYOD environment
Integrated policies and procedures control and management: policy and procedures
allow data, systems and applications security by authenticating and authorizing the
users. It will therefore be important for Aztek to deploy policies to manage mobile
device usage to ensure a secure BYOD environment
Another way to enable a secure BYOD environment is to ensure corporate network
and access security services. BYOD success requires that ICT unit in the business
provide the right levels of network and security access to the business network in
this case based on each user device and profile. Company employees at Aztek should
also be able to securely access the suitable data, services and applications by use of
encryption protocols and authentication factors
Implementing additional levels of security in employee devices with access
procedures as well as employee devices owned by the company. This proves
essential in ensuring protection of delicate data in the company.
Mobile device management(MDM) which permits ICT department to monitor
devices connected to the organizational and hence deny access from suspicious
devices and applications as well as deleting access of employee device that have
been reported stolen
Ensure secure data communications by using secure encryption standards between
mobile devices and company network substructures including wireless and wired
networks
9.0 Conclusion
BYOD implementation is more and more on the rise (Cisco, 2012). There includes valid
motives why some organizations would consider embracing bring your own device (BYOD)
approach such as to save costs and maintenance of IT resources. Also, mobile computing
devices are progressively on the increase in the world today. On one hand, consumers feel
at ease when using their own devices to access organization networks which as stated
above is very beneficial for the businesses especially the financial institutions. However, on
the other hand, organizations need to take into consideration the security measures of
mobile device computing and as well as compliance obligations governing mobile device
usage. Several organizations have already concluded that BYOD adoption is worth the risks.
Others are yet to embrace BYOD technology as they probably tend to conclude the risks
involved could be too much for the business. As such, it suffices that BYOD adoption is a
matter of an organization weighing the pros and cons of implementation and then deciding
on whether to allow the technology or not. Those that allow BYOD adoption need to
enforce procedures for data security such as mobile device management and requiring that
mobile device access to the company network is monitored and controlled by IT personnel.
With this, they will be able to reduce infrastructure costs and IT resources maintenance
fees. Conversely, organizations that choose not to embrace BYOD may be able to control
data security at a higher level and deal with IT resources procurement and maintenance
costs. Whatever option an organization goes by, it is important to note that technology will
continuously develop and that together with such advances are associated risks. The
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
AZTEK BYOD ASSESSMENT REPORT 11
important thing is to develop procedures that will help the business manage the likelihood
of such risks.
9.0 Recommendation
The risk assessment lead recommend that Atzek takes on the adoption of BYOD in the
organization so as to save on expenses associated with procuring and maintain IT resources.
Such a move will also enable Atzek create a satisfactory working environment for its
workforce. As for risks, threats and susceptibilities that could be associated with such
implementation, the business can install methodologies that will entirely prevent as well as
lessen BYOD implementation risks such as mobile device management, encryption
protocols, device authentication and authorization. This will enable conforming to the digital
revolution as well as safeguarding organizational data and information
10.0 References
important thing is to develop procedures that will help the business manage the likelihood
of such risks.
9.0 Recommendation
The risk assessment lead recommend that Atzek takes on the adoption of BYOD in the
organization so as to save on expenses associated with procuring and maintain IT resources.
Such a move will also enable Atzek create a satisfactory working environment for its
workforce. As for risks, threats and susceptibilities that could be associated with such
implementation, the business can install methodologies that will entirely prevent as well as
lessen BYOD implementation risks such as mobile device management, encryption
protocols, device authentication and authorization. This will enable conforming to the digital
revolution as well as safeguarding organizational data and information
10.0 References
AZTEK BYOD ASSESSMENT REPORT 12
Advisor. (2017, January 3). 23 BYOD Statistics You Should Be Familiar With. Retrieved
from www.ingrammicroadvisor.com: http://www.ingrammicroadvisor.com/data-
center/23-byod-statistics-you-should-be-familiar-with
BankTech. (2013, June 13 ). Preparing Your Bank for BYOD. Retrieved from
www.banktech.com: http://www.banktech.com/channels/preparing-your-bank-for-
byod/a/d-id/1295146?
Berg, P. (2010, June ). RISK MANAGEMENT: PROCEDURES, METHODS AND
EXPERIENCES . Retrieved from
http://www.gnedenko-forum.org/Journal/2010/022010/RTA_2_2010-09.pdf
Bodley-Scott, J. (2014, June 11). BYOD for the financial services sector - are you ready?
Retrieved from www.bobsguide.com:
http://www.bobsguide.com/guide/news/2014/Jun/11/byod-for-the-financial-services-
sector-are-you-ready/
Bradley, T. (2011, December 20). Pros and Cons of Bringing Your Own Device to Work.
Retrieved from PC World:
https://www.pcworld.com/article/246760/pros_and_cons_of_byod_bring_your_own_
device_.html
Celik, H. (2013). The Impacts of Information Technologies on Financial Institutions.
Globalization of Financial Institutions, 175-183.
Cisco. (2012). Introduction: BYOD Has Gone Global. Retrieved from www.cisco.com:
https://www.cisco.com/c/dam/en_us/about/ac79/docs/re/BYOD_Horizons-Global.pdf
ComputerSolutions. (2017, October 2). THE PROS & CONS OF BYOD IN THE
WORKPLACE. Retrieved from www.ezcomputersolutions.com:
https://www.ezcomputersolutions.com/blog/the-pros-cons-of-byod/
Crossler, E., & Belanger, F. (2009). The Effects of Security Education Training and
Awareness. Journal of Information System Security , 3-22.
Framingham, M., Gens, F., Levitas, D., & Segal, R. (2011). Consumerization of IT
study:Closing the consumerization gap. Retrieved from International Data
Corporation.
Garlati, C. (2011). Trend micro consumerization report 2011. Retrieved from
www.bringyourownit.com: https://bringyourownit.com/2011/09/26/trend-micro-
consumerization-report-2011/
Hassell, J. (2012, May 17). 7 Tips for Establishing a Successful BYOD Policy. Retrieved
from www.cio.com: https://www.cio.com/article/2395944/consumer-technology/7-
tips-for-establishing-a-successful-byod-policy.html
Hurst, B. (2012, August 6). Happiness Is … Bringing Your Own Computer Devices to Work.
Retrieved from www.retailwire.com:
http://www.retailwire.com/discussion/happiness-is-bringing-your-own-computer-
devices-to-work/
IBM. (2017, October 3). IBM Mobile solutions . Retrieved from www.ibm.com:
https://www.ibm.com/mobile/
Advisor. (2017, January 3). 23 BYOD Statistics You Should Be Familiar With. Retrieved
from www.ingrammicroadvisor.com: http://www.ingrammicroadvisor.com/data-
center/23-byod-statistics-you-should-be-familiar-with
BankTech. (2013, June 13 ). Preparing Your Bank for BYOD. Retrieved from
www.banktech.com: http://www.banktech.com/channels/preparing-your-bank-for-
byod/a/d-id/1295146?
Berg, P. (2010, June ). RISK MANAGEMENT: PROCEDURES, METHODS AND
EXPERIENCES . Retrieved from
http://www.gnedenko-forum.org/Journal/2010/022010/RTA_2_2010-09.pdf
Bodley-Scott, J. (2014, June 11). BYOD for the financial services sector - are you ready?
Retrieved from www.bobsguide.com:
http://www.bobsguide.com/guide/news/2014/Jun/11/byod-for-the-financial-services-
sector-are-you-ready/
Bradley, T. (2011, December 20). Pros and Cons of Bringing Your Own Device to Work.
Retrieved from PC World:
https://www.pcworld.com/article/246760/pros_and_cons_of_byod_bring_your_own_
device_.html
Celik, H. (2013). The Impacts of Information Technologies on Financial Institutions.
Globalization of Financial Institutions, 175-183.
Cisco. (2012). Introduction: BYOD Has Gone Global. Retrieved from www.cisco.com:
https://www.cisco.com/c/dam/en_us/about/ac79/docs/re/BYOD_Horizons-Global.pdf
ComputerSolutions. (2017, October 2). THE PROS & CONS OF BYOD IN THE
WORKPLACE. Retrieved from www.ezcomputersolutions.com:
https://www.ezcomputersolutions.com/blog/the-pros-cons-of-byod/
Crossler, E., & Belanger, F. (2009). The Effects of Security Education Training and
Awareness. Journal of Information System Security , 3-22.
Framingham, M., Gens, F., Levitas, D., & Segal, R. (2011). Consumerization of IT
study:Closing the consumerization gap. Retrieved from International Data
Corporation.
Garlati, C. (2011). Trend micro consumerization report 2011. Retrieved from
www.bringyourownit.com: https://bringyourownit.com/2011/09/26/trend-micro-
consumerization-report-2011/
Hassell, J. (2012, May 17). 7 Tips for Establishing a Successful BYOD Policy. Retrieved
from www.cio.com: https://www.cio.com/article/2395944/consumer-technology/7-
tips-for-establishing-a-successful-byod-policy.html
Hurst, B. (2012, August 6). Happiness Is … Bringing Your Own Computer Devices to Work.
Retrieved from www.retailwire.com:
http://www.retailwire.com/discussion/happiness-is-bringing-your-own-computer-
devices-to-work/
IBM. (2017, October 3). IBM Mobile solutions . Retrieved from www.ibm.com:
https://www.ibm.com/mobile/
AZTEK BYOD ASSESSMENT REPORT 13
Jeff, J. (2012, August 2). BYOD: Organizations Question Risk vs Benefit. Retrieved from
Microsoft: https://cloudblogs.microsoft.com/microsoftsecure/2012/08/02/byod-
organizations-question-risk-vs-benefit/
Lund, D., & Silva, J. (2015, October ). Financial Services Optimizing BYOD Strategies for
Success. Retrieved from www.business.att.com:
https://www.business.att.com/content/whitepaper/optimizing-byod-strategies-for-
success-whitepaper.pdf
Mielach, D. (2012, April 26). Worker BYOD: A Double-Edged Sword for Employers.
Retrieved from www.businessnewsdaily.com:
http://www.businessnewsdaily.com/2423-byod-risk-benefits.html
Miller, D. (2016, December 29). Can BYOD Work for Banks? Retrieved from
www.ericom.com: https://www.ericom.com/communities/blog/can-byod-work-for-
banks-and-financial-institutions
Monnappa, A. (2016, December 1). What is BYOD (Bring Your Own Device) and Why Is It
Important? Retrieved from www.simplilearn.com:
https://www.simplilearn.com/what-is-byod-and-why-it-is-important-article
Nerney, C. (2016, November 25). BYOD policy for financial firms. Retrieved from
www.mobilebusinessinsights.com: https://mobilebusinessinsights.com/2016/11/byod-
policy-for-financial-firms/
Paloma, J. (2013, February 19). A Secure BYOD Environment. Retrieved from Microsoft :
https://technet.microsoft.com/en-us/security/jj991910.aspx
Pillay, A., Nham, E., Tan, G., Diaki, H., Senanayake, S., & Saurabh, D. (2013). Does BYOD
increase risks or drive benefits? Retrieved from minerva-access.unimelb.edu.au:
https://minerva-access.unimelb.edu.au/bitstream/handle/11343/33345/300314_2013_t
an_risk.pdf?sequence=1
Siponen, M. (2006). Information Security Standards Focus on the Existence of Process, Not
Its. Communications of the ACM, 8-19 .
Thomson, K. (2010). “Information Security Conscience: a precondition to an Information
Security Culture. Journal of Information System Security, 3-19.
TrendMicro. (2012). Enterprise readiness of consumer mobile platforms. Retrieved from
www.trendmicro.com:
https://www.trendmicro.de/cloud-content/us/pdfs/business/reports/rpt_enterprise_read
iness_consumerization_mobile_p
Trevor, C. (2013, February 25). Public servants to soon know if they can BYO devices to
work. Retrieved from The Sydney Morning Herald:
http://www.smh.com.au/it-pro/government-it/public-servants-to-soon-know-if-they-
can-byo-devices-to-work-20130225-2f1uk.html
Winjnhoven, A., & Wassenaar, D. (2010). Impact of Information Technology on
Organizations: The State of the. lnfernational Journal of lnformafion Management ,
35-53.
Woollaston, V. (2017, May 22). WannaCry ransomware: what is it and how to protect
yourself. Retrieved from www.wired.co.uk: http://www.wired.co.uk/article/wannacry-
ransomware-virus-patch
Jeff, J. (2012, August 2). BYOD: Organizations Question Risk vs Benefit. Retrieved from
Microsoft: https://cloudblogs.microsoft.com/microsoftsecure/2012/08/02/byod-
organizations-question-risk-vs-benefit/
Lund, D., & Silva, J. (2015, October ). Financial Services Optimizing BYOD Strategies for
Success. Retrieved from www.business.att.com:
https://www.business.att.com/content/whitepaper/optimizing-byod-strategies-for-
success-whitepaper.pdf
Mielach, D. (2012, April 26). Worker BYOD: A Double-Edged Sword for Employers.
Retrieved from www.businessnewsdaily.com:
http://www.businessnewsdaily.com/2423-byod-risk-benefits.html
Miller, D. (2016, December 29). Can BYOD Work for Banks? Retrieved from
www.ericom.com: https://www.ericom.com/communities/blog/can-byod-work-for-
banks-and-financial-institutions
Monnappa, A. (2016, December 1). What is BYOD (Bring Your Own Device) and Why Is It
Important? Retrieved from www.simplilearn.com:
https://www.simplilearn.com/what-is-byod-and-why-it-is-important-article
Nerney, C. (2016, November 25). BYOD policy for financial firms. Retrieved from
www.mobilebusinessinsights.com: https://mobilebusinessinsights.com/2016/11/byod-
policy-for-financial-firms/
Paloma, J. (2013, February 19). A Secure BYOD Environment. Retrieved from Microsoft :
https://technet.microsoft.com/en-us/security/jj991910.aspx
Pillay, A., Nham, E., Tan, G., Diaki, H., Senanayake, S., & Saurabh, D. (2013). Does BYOD
increase risks or drive benefits? Retrieved from minerva-access.unimelb.edu.au:
https://minerva-access.unimelb.edu.au/bitstream/handle/11343/33345/300314_2013_t
an_risk.pdf?sequence=1
Siponen, M. (2006). Information Security Standards Focus on the Existence of Process, Not
Its. Communications of the ACM, 8-19 .
Thomson, K. (2010). “Information Security Conscience: a precondition to an Information
Security Culture. Journal of Information System Security, 3-19.
TrendMicro. (2012). Enterprise readiness of consumer mobile platforms. Retrieved from
www.trendmicro.com:
https://www.trendmicro.de/cloud-content/us/pdfs/business/reports/rpt_enterprise_read
iness_consumerization_mobile_p
Trevor, C. (2013, February 25). Public servants to soon know if they can BYO devices to
work. Retrieved from The Sydney Morning Herald:
http://www.smh.com.au/it-pro/government-it/public-servants-to-soon-know-if-they-
can-byo-devices-to-work-20130225-2f1uk.html
Winjnhoven, A., & Wassenaar, D. (2010). Impact of Information Technology on
Organizations: The State of the. lnfernational Journal of lnformafion Management ,
35-53.
Woollaston, V. (2017, May 22). WannaCry ransomware: what is it and how to protect
yourself. Retrieved from www.wired.co.uk: http://www.wired.co.uk/article/wannacry-
ransomware-virus-patch
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
AZTEK BYOD ASSESSMENT REPORT 14
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.