BYOD Risk Management: A Security Analysis for Gigantic Corporation
VerifiedAdded on 2023/06/04
|12
|4187
|235
Report
AI Summary
This report assesses the risks and vulnerabilities associated with Gigantic Corporation's Bring Your Own Device (BYOD) policy. It highlights the benefits of BYOD, such as reduced IT infrastructure costs and increased employee flexibility, while also detailing significant security threats, including data breaches, malware infections, and unauthorized access due to weak password protection and the mixing of personal and corporate data. The report addresses privacy concerns among employees regarding employer access to personal data and browsing activity. It further explores potential financial risks from unauthorized in-app purchases made on the corporate network. The conclusion emphasizes the need for Gigantic Corporation to implement robust mitigation measures to balance the advantages of BYOD with the imperative of safeguarding sensitive corporate information. Desklib provides access to this report and a wide array of study tools to assist students in understanding IT risk management and BYOD security.
Subject code, IT risk management, semester number
UNIVERSITY
DATE
{Student Id, student name} 1
UNIVERSITY
DATE
{Student Id, student name} 1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Subject code, IT risk management, semester number
Executive Summary
.This is a report highlighting the risks and vulnerabilities that Gigantic
Corporation faces from the use of the BYOD policy. The report analyzes different
vulnerabilities and how they may impact the corporation’s information system if
they occur. Users risk losing all the data on the devices if a breach occurs or even
losing their devices if it leads to it. The management of Gigantic Corporation will
have a better understanding on the threats that lack from implementing a BYOD
policy after going through this report. This should also help them in coming up
with the best alternative to mitigate the threats.
{Student Id, student name} 2
Executive Summary
.This is a report highlighting the risks and vulnerabilities that Gigantic
Corporation faces from the use of the BYOD policy. The report analyzes different
vulnerabilities and how they may impact the corporation’s information system if
they occur. Users risk losing all the data on the devices if a breach occurs or even
losing their devices if it leads to it. The management of Gigantic Corporation will
have a better understanding on the threats that lack from implementing a BYOD
policy after going through this report. This should also help them in coming up
with the best alternative to mitigate the threats.
{Student Id, student name} 2
Subject code, IT risk management, semester number
Table of Contents
Executive Summary...................................................................................................1
Introduction...............................................................................................................3
Importance of a BYOD approach to the corporation.............................................3
Vulnerabilities of BYOD to the Corporation.........................................................4
The Corporation Security threats...........................................................................5
BYOD privacy concerns........................................................................................5
Alternatives that Gigantic Corporation can choose from to mitigate BYOD risks6
Conclusion.................................................................................................................7
References...........................................................................................................8
{Student Id, student name} 3
Table of Contents
Executive Summary...................................................................................................1
Introduction...............................................................................................................3
Importance of a BYOD approach to the corporation.............................................3
Vulnerabilities of BYOD to the Corporation.........................................................4
The Corporation Security threats...........................................................................5
BYOD privacy concerns........................................................................................5
Alternatives that Gigantic Corporation can choose from to mitigate BYOD risks6
Conclusion.................................................................................................................7
References...........................................................................................................8
{Student Id, student name} 3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Subject code, IT risk management, semester number
Introduction
Most firms have chosen the trending wireless technologies and cloud computing in
storing their data and transmitting information. This also leads to the organizations
adopting a culture that allows staff members to work from their own devices as it
offers them a chance to maximize on the cloud services and wireless connections.
More people become connected through their devices on a common network.
Personal devices are also increasing as consumers demand for the products keeps
growing. Staff members hence find owning a personal device like a laptop or
smartphone and bringing it to work as normal and necessary. Employees prefer
carrying out all their tasks from their own devices reducing the workload of
transferring files from their devices to the corporation’s machines. This leads to an
increase in the number of personal devices brought in the work premises. Users
also want privacy with what they do with their devices hence require management
to avoid accessing their personal data even under the firm’s network (Jamil &
Zaki, 2011).
Gigantic Corporation is an organization offering Information technology services.
The organization operates on a BYOD approach allowing employees to carry out
their tasks with their own devices. Multiple employees hence carry their devices to
the workplace and add them to the corporation’s network framework anytime they
are working. The use of the personal devices goes beyond work related activities as
employees use their devices to store their own data or communicate with external
people. Personal use of the devices through the corporation’s network system
creates a loophole for data breach. Mitigation measures should be employed by the
management of the firm that will check the vulnerabilities of using personal
devices in the organization. Some measures they could use are installing firewalls
on the network that prohibits users visiting dangerous web links, using
authentication procedures to gain access to company data, regulating the devices
brought in the work premises and training employees on safe ways to manage the
data on their devices
Importance of a BYOD approach to the corporation
BYOD systems comes with its benefits. As the demand by staff members to work
from their devices keeps growing everyday so do the benefits of BYOD systems.
Less complications are experienced by users in terms of understanding operating
systems and applications on the machines as they know their way around their own
devices. Working from a personal device also allows employees to carry out their
duties virtually hence they can work from anywhere. Staff members need not to be
in the premises in order to access the corporation’s resources to do their duties.
Employers and the management also benefit from BYOD systems. Expenditure on
{Student Id, student name} 4
Introduction
Most firms have chosen the trending wireless technologies and cloud computing in
storing their data and transmitting information. This also leads to the organizations
adopting a culture that allows staff members to work from their own devices as it
offers them a chance to maximize on the cloud services and wireless connections.
More people become connected through their devices on a common network.
Personal devices are also increasing as consumers demand for the products keeps
growing. Staff members hence find owning a personal device like a laptop or
smartphone and bringing it to work as normal and necessary. Employees prefer
carrying out all their tasks from their own devices reducing the workload of
transferring files from their devices to the corporation’s machines. This leads to an
increase in the number of personal devices brought in the work premises. Users
also want privacy with what they do with their devices hence require management
to avoid accessing their personal data even under the firm’s network (Jamil &
Zaki, 2011).
Gigantic Corporation is an organization offering Information technology services.
The organization operates on a BYOD approach allowing employees to carry out
their tasks with their own devices. Multiple employees hence carry their devices to
the workplace and add them to the corporation’s network framework anytime they
are working. The use of the personal devices goes beyond work related activities as
employees use their devices to store their own data or communicate with external
people. Personal use of the devices through the corporation’s network system
creates a loophole for data breach. Mitigation measures should be employed by the
management of the firm that will check the vulnerabilities of using personal
devices in the organization. Some measures they could use are installing firewalls
on the network that prohibits users visiting dangerous web links, using
authentication procedures to gain access to company data, regulating the devices
brought in the work premises and training employees on safe ways to manage the
data on their devices
Importance of a BYOD approach to the corporation
BYOD systems comes with its benefits. As the demand by staff members to work
from their devices keeps growing everyday so do the benefits of BYOD systems.
Less complications are experienced by users in terms of understanding operating
systems and applications on the machines as they know their way around their own
devices. Working from a personal device also allows employees to carry out their
duties virtually hence they can work from anywhere. Staff members need not to be
in the premises in order to access the corporation’s resources to do their duties.
Employers and the management also benefit from BYOD systems. Expenditure on
{Student Id, student name} 4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Subject code, IT risk management, semester number
IT infrastructure reduces as less is spent on acquiring mobile devices for their
employees. Operational costs on maintenance of the devices and software upgrades
are also cut down as users update their personal devices by their own means.
Management is able to save on some capital allocating the money to a different
project.
Employees are permitted to operate with their devices at the workplace in most
firms. This creates a work environment that is efficient as the staff work
comfortably with their gadgets. Organizations and companies enjoy advantages for
using BYOD policy that include a rise in productivity, less expenditure to purchase
IT equipment, reduced expenses on managing devices plus employees enjoy more
freedom and are more mobile. Firms that allow staff to carry their own devices also
build their reputation allowing them to attract potential employees and retaining
them. Users of the devices are familiar with their gadgets, this reduces frustrations
that arise from machine delays or machine failure. Staff carry out their tasks
efficiently from their devices resulting in more revenue collected by the
organization. However, allowing staff to bring their devices to the work place
poses certain risks to the organization’s network and information system. Illegal
access by third parties or exposure of company data through individual devices are
risks that BYOD policy expose a firm’s system to.
BYOD systems have been operational for most firms and companies in recent
years. This is in spite of the vulnerabilities that the approach brings to the
organization’s information. The management of this organizations consider
stopping the habit which has become normal almost impossible. This will
negatively impact the business as staff members will find it uncomfortable to
adjust to a new system. The work rate will reduce for most users leading to a drop
in production for the entire organization. The alternative therefore for these firms is
to establish the security risks of incorporating A BYOD system and coming up
with solutions to lessen the risks. Different approaches to BYOD systems are used
by various firms. The approach that one chooses determines the security measures
that the firm will pick. While setting up the rules that determine the security
measure to put in place, several factors are considered including the practice of
BYOD in the work premises, the type of devices that users have, the number of
personal devices in the system plus their owners and the environment and time the
devices are in use. Putting this factors into consideration assists in creating a
difference between the advantages the BYOD system adds to the corporation and
the threats that come with the same. During the emergence of BYOD systems, the
strategy was a smart practice that led to IT departments spending less on IT
infrastructure plus cyber-attacks through this practice were minimal. With growth
{Student Id, student name} 5
IT infrastructure reduces as less is spent on acquiring mobile devices for their
employees. Operational costs on maintenance of the devices and software upgrades
are also cut down as users update their personal devices by their own means.
Management is able to save on some capital allocating the money to a different
project.
Employees are permitted to operate with their devices at the workplace in most
firms. This creates a work environment that is efficient as the staff work
comfortably with their gadgets. Organizations and companies enjoy advantages for
using BYOD policy that include a rise in productivity, less expenditure to purchase
IT equipment, reduced expenses on managing devices plus employees enjoy more
freedom and are more mobile. Firms that allow staff to carry their own devices also
build their reputation allowing them to attract potential employees and retaining
them. Users of the devices are familiar with their gadgets, this reduces frustrations
that arise from machine delays or machine failure. Staff carry out their tasks
efficiently from their devices resulting in more revenue collected by the
organization. However, allowing staff to bring their devices to the work place
poses certain risks to the organization’s network and information system. Illegal
access by third parties or exposure of company data through individual devices are
risks that BYOD policy expose a firm’s system to.
BYOD systems have been operational for most firms and companies in recent
years. This is in spite of the vulnerabilities that the approach brings to the
organization’s information. The management of this organizations consider
stopping the habit which has become normal almost impossible. This will
negatively impact the business as staff members will find it uncomfortable to
adjust to a new system. The work rate will reduce for most users leading to a drop
in production for the entire organization. The alternative therefore for these firms is
to establish the security risks of incorporating A BYOD system and coming up
with solutions to lessen the risks. Different approaches to BYOD systems are used
by various firms. The approach that one chooses determines the security measures
that the firm will pick. While setting up the rules that determine the security
measure to put in place, several factors are considered including the practice of
BYOD in the work premises, the type of devices that users have, the number of
personal devices in the system plus their owners and the environment and time the
devices are in use. Putting this factors into consideration assists in creating a
difference between the advantages the BYOD system adds to the corporation and
the threats that come with the same. During the emergence of BYOD systems, the
strategy was a smart practice that led to IT departments spending less on IT
infrastructure plus cyber-attacks through this practice were minimal. With growth
{Student Id, student name} 5
Subject code, IT risk management, semester number
in technology cyber-attacks have increased leading to doubts in installing a
network system with BYOD capabilities.
Vulnerabilities of BYOD to the Corporation
Implementing a BYOD approach will lead to the network of the system
experiencing various technical challenges. This includes devices colliding to gain
access to sharable resources of the network like printers. Incompatibility of
applications and running different operating system that cannot integrate. The
network might also experience congestion of devices while connecting to wireless
technologies like Bluetooth leading to slow transmission of files among users.
BYOD systems will create privacy and security weaknesses. The two are major
risks that the corporation plus its staff members are exposed to. The staff members
will be worried about their privacy while using their devices when connected to the
corporation’s network. How confidential is their personal online activities while in
the workplace is there concern. Employees also want to know the extent to which
their employers have the capacity to gain access to their personal data through the
system. The corporation on the other hand will be worried about the security of
their data. They would like to identify the behaviors of staff that may put the firm’s
data at risk.
The Corporation Security threats
Users customize their devices with unlocking features and rooting protocols that do
not comply with vendor configuration terms. This creates a security risk as some of
these unlocking techniques create a loophole for malicious applications to install in
the devices. The corporation’s data which is stored in these devices gets damaged
through the apps (Omeje, 2017).
Implementing BYOD policy also leads to users mixing personal data and corporate
data under one device. The cross contamination may lead to employees
unintentionally deleting work files. Chances of users deleting corporate data along
with their personal data are high for staff members who host their personal and
work data on one device. This is a vulnerability especially if some employees are
reluctant to organize their data
Among the risk that the corporation faces is security breach by mobile
applications. Several applications exist which corrupt other applications or files.
Some of these applications can gain access to corporate data and even damage it.
Staff members using personal devices are vulnerable to these malicious
applications. Users that are not keen while downloading applications might install
the malicious apps. This creates a loophole for the applications to gain access to
their data and the firm’s data.
{Student Id, student name} 6
in technology cyber-attacks have increased leading to doubts in installing a
network system with BYOD capabilities.
Vulnerabilities of BYOD to the Corporation
Implementing a BYOD approach will lead to the network of the system
experiencing various technical challenges. This includes devices colliding to gain
access to sharable resources of the network like printers. Incompatibility of
applications and running different operating system that cannot integrate. The
network might also experience congestion of devices while connecting to wireless
technologies like Bluetooth leading to slow transmission of files among users.
BYOD systems will create privacy and security weaknesses. The two are major
risks that the corporation plus its staff members are exposed to. The staff members
will be worried about their privacy while using their devices when connected to the
corporation’s network. How confidential is their personal online activities while in
the workplace is there concern. Employees also want to know the extent to which
their employers have the capacity to gain access to their personal data through the
system. The corporation on the other hand will be worried about the security of
their data. They would like to identify the behaviors of staff that may put the firm’s
data at risk.
The Corporation Security threats
Users customize their devices with unlocking features and rooting protocols that do
not comply with vendor configuration terms. This creates a security risk as some of
these unlocking techniques create a loophole for malicious applications to install in
the devices. The corporation’s data which is stored in these devices gets damaged
through the apps (Omeje, 2017).
Implementing BYOD policy also leads to users mixing personal data and corporate
data under one device. The cross contamination may lead to employees
unintentionally deleting work files. Chances of users deleting corporate data along
with their personal data are high for staff members who host their personal and
work data on one device. This is a vulnerability especially if some employees are
reluctant to organize their data
Among the risk that the corporation faces is security breach by mobile
applications. Several applications exist which corrupt other applications or files.
Some of these applications can gain access to corporate data and even damage it.
Staff members using personal devices are vulnerable to these malicious
applications. Users that are not keen while downloading applications might install
the malicious apps. This creates a loophole for the applications to gain access to
their data and the firm’s data.
{Student Id, student name} 6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Subject code, IT risk management, semester number
Another risk that the organization faces from implementing a BYOD policy is
exposure of their data. As staff transfer, process and store the corporation’s data on
their personal devices management loses track of control and visibility of the data.
Researchers have found that nearly 20 percent of personal mobile devices users
will lose their devices or will be stolen from them eventually. Half of the devices
are never recovered. Some of the devices are stolen since their value is high in the
market but the need to illegally access information in the device is also a growing
factor. The corporation’s sensitive data could be out there in the open if an
employee loses a device carrying such information
One of the risks that makes the corporation’s data vulnerable from applying a
BYOD policy is that a number of users may opt to use their devices without setting
a password protection mechanism. This creates a loophole for unauthorized access
to data stored in the devices. If an employee’s mobile device hosts organization
files and is not encrypted, chances of third party individuals accessing the files are
high especially if the user shares his devices with others beyond the work
premises.
The corporation might also incur additional charges from the personal purchases
that the employees make under the corporation’s network. Organizations incur the
expenses through user triggered in app purchases. Normally, users will pay for the
applications or software they buy for their personal use. This might be different for
Gigantic Corporation whose network system allows users to purchase or upgrade
software related to their work. Employees buy the applications and the cost is
directly credited to the firm. Users might buy software and applications for their
personal use and still forward the bill to the corporation (Crossler, Bélanger &
Ormond, 2017).
BYOD privacy concerns
The employees of the corporation are the most concerned about their privacy on
the firm’s network. Implementing a BYOD structure in the workplace also allows
the network administrators to gain access to the devices connected on the
corporation’s network. Staff members are worried that their employers can view
their personal data and see what they do during their browsing sessions when
connecting their personal devices to the company’s network. This are known as big
brother concerns whereby the staff feel that the employers access their online
social life such as social media accounts or bank records. Companies however are
worried that the behaviors and activities of the workers on their network might
expose the corporation’s data to a security breach. This gives them a reason to
monitor all devices connected on their network. The corporation finds the
employees spare time browsing as a threat to their system (Khan & Ayyoob, 2017).
{Student Id, student name} 7
Another risk that the organization faces from implementing a BYOD policy is
exposure of their data. As staff transfer, process and store the corporation’s data on
their personal devices management loses track of control and visibility of the data.
Researchers have found that nearly 20 percent of personal mobile devices users
will lose their devices or will be stolen from them eventually. Half of the devices
are never recovered. Some of the devices are stolen since their value is high in the
market but the need to illegally access information in the device is also a growing
factor. The corporation’s sensitive data could be out there in the open if an
employee loses a device carrying such information
One of the risks that makes the corporation’s data vulnerable from applying a
BYOD policy is that a number of users may opt to use their devices without setting
a password protection mechanism. This creates a loophole for unauthorized access
to data stored in the devices. If an employee’s mobile device hosts organization
files and is not encrypted, chances of third party individuals accessing the files are
high especially if the user shares his devices with others beyond the work
premises.
The corporation might also incur additional charges from the personal purchases
that the employees make under the corporation’s network. Organizations incur the
expenses through user triggered in app purchases. Normally, users will pay for the
applications or software they buy for their personal use. This might be different for
Gigantic Corporation whose network system allows users to purchase or upgrade
software related to their work. Employees buy the applications and the cost is
directly credited to the firm. Users might buy software and applications for their
personal use and still forward the bill to the corporation (Crossler, Bélanger &
Ormond, 2017).
BYOD privacy concerns
The employees of the corporation are the most concerned about their privacy on
the firm’s network. Implementing a BYOD structure in the workplace also allows
the network administrators to gain access to the devices connected on the
corporation’s network. Staff members are worried that their employers can view
their personal data and see what they do during their browsing sessions when
connecting their personal devices to the company’s network. This are known as big
brother concerns whereby the staff feel that the employers access their online
social life such as social media accounts or bank records. Companies however are
worried that the behaviors and activities of the workers on their network might
expose the corporation’s data to a security breach. This gives them a reason to
monitor all devices connected on their network. The corporation finds the
employees spare time browsing as a threat to their system (Khan & Ayyoob, 2017).
{Student Id, student name} 7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Subject code, IT risk management, semester number
Certain protocols entail that a data sweep is done in the event of a data breach as a
security measure. This puts the users at risk of losing all their personal data. The
system is designed to automatically erase all the data when it senses a security
breach. The firm’s data and personal files stored in the system is deleted.
Big brother privacy
BYOD systems also enable the network administrators to monitor the physical
location of their employees through their devices.
Fig. big brother privacy
Since the devices on the network are known and registered under the corporation’s
network, the employers can track their workers by monitoring their devices. This is
a big brother type of privacy violation.
Certain security protocols entail that all devices be collected in the event of a data
breach. Any devices requested for investigations must be submitted. This exposes
the personal data of the employees who had stored personal files and corporation’s
data on the same device (Chang, Zhong, & Grabosky 2018)).
Alternatives that Gigantic Corporation can choose from to mitigate BYOD risks
The corporation has several options to mitigate the vulnerabilities of the system to
security threats (Mitchell, Fisher, Watson & Jarocki, 2017).
They could hire cloud computing services to offer a secondary database to store
their data. This incorporated with a central server will provide a backup storage
plan. The organization will not lose its data in the event of a data sweep.
Employees who misplace their mobile devices or get stolen will also be able to
recover their data (Harris, 2017).
Data loss prevention
Applying Data Loss Prevention tools is a good option too. The technique allows
the network administrators to monitor the employees’ activities on the network.
{Student Id, student name} 8
Certain protocols entail that a data sweep is done in the event of a data breach as a
security measure. This puts the users at risk of losing all their personal data. The
system is designed to automatically erase all the data when it senses a security
breach. The firm’s data and personal files stored in the system is deleted.
Big brother privacy
BYOD systems also enable the network administrators to monitor the physical
location of their employees through their devices.
Fig. big brother privacy
Since the devices on the network are known and registered under the corporation’s
network, the employers can track their workers by monitoring their devices. This is
a big brother type of privacy violation.
Certain security protocols entail that all devices be collected in the event of a data
breach. Any devices requested for investigations must be submitted. This exposes
the personal data of the employees who had stored personal files and corporation’s
data on the same device (Chang, Zhong, & Grabosky 2018)).
Alternatives that Gigantic Corporation can choose from to mitigate BYOD risks
The corporation has several options to mitigate the vulnerabilities of the system to
security threats (Mitchell, Fisher, Watson & Jarocki, 2017).
They could hire cloud computing services to offer a secondary database to store
their data. This incorporated with a central server will provide a backup storage
plan. The organization will not lose its data in the event of a data sweep.
Employees who misplace their mobile devices or get stolen will also be able to
recover their data (Harris, 2017).
Data loss prevention
Applying Data Loss Prevention tools is a good option too. The technique allows
the network administrators to monitor the employees’ activities on the network.
{Student Id, student name} 8
Subject code, IT risk management, semester number
They do this by following up on any sensitive data that is on the network (Martin,
Martin, Hankin, Darzi & Kinross, 2017). DLP places a water mark on sensitive
data and checks for any alteration of the data as it is being transferred within the
system. This helps in identifying the source of any security breach.
The administrators will be able to respond quickly to any leak (Hillson,& Murray ,
2017).
Updating operating systems
Another technique that the corporation can add as a security measure is regularly
updating the operating system and the software of their system. Multiple software
and applications have regular updates and security patches released by the vendors.
This patches should be installed (Herrera, Ron & Rabadão, 2017). The corporation
should ensure that the users with personal devices are updating their antivirus and
authentication measures. This will be a good security measure in ensuring
corporate data stored on the personal devices is safe from unauthorized access by
third parties (Mishra, Mathur, Jain & Rathore, 2013).
Implement network access control
The corporation could also implement Network Access Control protocols that
implement authentication measures in regulating transfer of files among devices in
the network. The NAC technique adds encryption processes that require only
authorized personnel access the firm’s data (Sadgrove, 2016).
Designing of restrictive policy
This will design a restrictive policy that regulates the end devices that can get
access to certain resources on the network. The management will be able to control
the period when employees can access the firm’s network resources (Tsikrika,
Akhgar, Katos, Vrochidis, Burnap & Williams, 2017) Administrators can
configure strict protocols that lock out personal devices from the firm’s network
limiting the employees from accessing the resources (Pritchard & PMP 2014).
{Student Id, student name} 9
They do this by following up on any sensitive data that is on the network (Martin,
Martin, Hankin, Darzi & Kinross, 2017). DLP places a water mark on sensitive
data and checks for any alteration of the data as it is being transferred within the
system. This helps in identifying the source of any security breach.
The administrators will be able to respond quickly to any leak (Hillson,& Murray ,
2017).
Updating operating systems
Another technique that the corporation can add as a security measure is regularly
updating the operating system and the software of their system. Multiple software
and applications have regular updates and security patches released by the vendors.
This patches should be installed (Herrera, Ron & Rabadão, 2017). The corporation
should ensure that the users with personal devices are updating their antivirus and
authentication measures. This will be a good security measure in ensuring
corporate data stored on the personal devices is safe from unauthorized access by
third parties (Mishra, Mathur, Jain & Rathore, 2013).
Implement network access control
The corporation could also implement Network Access Control protocols that
implement authentication measures in regulating transfer of files among devices in
the network. The NAC technique adds encryption processes that require only
authorized personnel access the firm’s data (Sadgrove, 2016).
Designing of restrictive policy
This will design a restrictive policy that regulates the end devices that can get
access to certain resources on the network. The management will be able to control
the period when employees can access the firm’s network resources (Tsikrika,
Akhgar, Katos, Vrochidis, Burnap & Williams, 2017) Administrators can
configure strict protocols that lock out personal devices from the firm’s network
limiting the employees from accessing the resources (Pritchard & PMP 2014).
{Student Id, student name} 9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Subject code, IT risk management, semester number
Conclusion
In this current times, employees working with their own devices is a norm.
Employees find carrying out there tasks from their devices comfortable and
efficient (Harris, 2017)).The opportunity of working from your personal device
comes with a number of benefits making it hard to pass by (Lam, 2014). The
corporation should come up with an alternative that will strike a balance between
the advantages the firm enjoys for allowing employees work with their own device
and the vulnerabilities that expose their network from the same (Daniele, Maugeri
& Nagurney, 2017). The corporation should not shy away from the use of personal
devices in their workplace due to the risks of the policy. The organization should
develop a strategy to mitigate the risks of allowing personal mobile devices to join
their network (Bessis, 2015).
The corporation could create a BYOD policy that contains the rules to be followed
in using personal devices at the workplace. The policy assists in controlling the
behavior of users while using the firm’s network resources. The policy stipulates
regulatory measures including the type of devices allowed in the work premises,
the applications and software compatible with the firm’s network and the web
addresses that have been restricted to visit and the reasons why (Chen, Hong, &Liu
, 2018). The policy should also stipulate the consequences that follow if an
employee violates the rules in the policy (Hillson & Murray, 2017).
The corporation should also conduct a risk analysis on the company’s network
regularly to make sure that all the authentication procedures and other security
measures are running as required. This will also assist them in discovering and
sharing new applications and software that their employees have installed in
different devices (Gollmann & Meier, 2009).
The management of Gigantic Corporation should embrace BYOD policy as it will
result in better productivity in their services and increased employees’ satisfaction
leading to efficiency in running their operations (Pritchard & PMP 2014). The risks
that come with implementing BYOD have ways to mitigate. The management
should consider the best alternative that is compatible with their activities. This
could mean employing restrictive measures in accessing resources of the network.
Employees may end up being frustrated and unsatisfied with their working
conditions (Carlin & Curran, 2013).
{Student Id, student name} 10
Conclusion
In this current times, employees working with their own devices is a norm.
Employees find carrying out there tasks from their devices comfortable and
efficient (Harris, 2017)).The opportunity of working from your personal device
comes with a number of benefits making it hard to pass by (Lam, 2014). The
corporation should come up with an alternative that will strike a balance between
the advantages the firm enjoys for allowing employees work with their own device
and the vulnerabilities that expose their network from the same (Daniele, Maugeri
& Nagurney, 2017). The corporation should not shy away from the use of personal
devices in their workplace due to the risks of the policy. The organization should
develop a strategy to mitigate the risks of allowing personal mobile devices to join
their network (Bessis, 2015).
The corporation could create a BYOD policy that contains the rules to be followed
in using personal devices at the workplace. The policy assists in controlling the
behavior of users while using the firm’s network resources. The policy stipulates
regulatory measures including the type of devices allowed in the work premises,
the applications and software compatible with the firm’s network and the web
addresses that have been restricted to visit and the reasons why (Chen, Hong, &Liu
, 2018). The policy should also stipulate the consequences that follow if an
employee violates the rules in the policy (Hillson & Murray, 2017).
The corporation should also conduct a risk analysis on the company’s network
regularly to make sure that all the authentication procedures and other security
measures are running as required. This will also assist them in discovering and
sharing new applications and software that their employees have installed in
different devices (Gollmann & Meier, 2009).
The management of Gigantic Corporation should embrace BYOD policy as it will
result in better productivity in their services and increased employees’ satisfaction
leading to efficiency in running their operations (Pritchard & PMP 2014). The risks
that come with implementing BYOD have ways to mitigate. The management
should consider the best alternative that is compatible with their activities. This
could mean employing restrictive measures in accessing resources of the network.
Employees may end up being frustrated and unsatisfied with their working
conditions (Carlin & Curran, 2013).
{Student Id, student name} 10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Subject code, IT risk management, semester number
References
Anwar, M., He, W., Ash, I., Yuan, X., Li, L., & Xu, L. (2017). Gender difference
and employees' cybersecurity behaviors. Computers in Human Behavior, 69, 437-
443.
Bessis, J. (2015). Risk management in banking. John Wiley & Sons.
Carlin, S., & Curran, K. (2013). Cloud computing security. In Pervasive and
Ubiquitous Technology Innovations for Ambient Intelligence
Environments (pp. 12-17). IGI Global.
Chang, L. Y., Zhong, L. Y., & Grabosky, P. N. (2018). Citizen co‐production of
cyber security: Self‐help, vigilantes, and cybercrime. Regulation &
Governance, 12(1), 101-114.
Chen, Y., Hong, J., & Liu, C. C. (2018). Modeling of intrusion and defense for
assessment of cyber security at power substations. IEEE Transactions on
Smart Grid, 9(4), 2541-2552.
Crossler, R. E., Bélanger, F., & Ormond, D. (2017). The quest for complete
security: An empirical analysis of users’ multi-layered protection from
security threats. Information Systems Frontiers, 1-15.
Daniele, P., Maugeri, A., & Nagurney, A. (2017). Cybersecurity investments with
nonlinear budget constraints: Analysis of the marginal expected utilities.
In Operations Research, Engineering, and Cyber Security (pp. 117-134).
Springer, Cham.
Gollmann, D., & Meier, J. (2009). Computer Security–ESORICS 2006: 11th
European Symposium on Research in Computer Security, Hamburg,
Germany, September 18-20, 2006, Proceedings (Vol. 4189). Springer
Science & Business Media.
Harris, E. (2017). Strategic project risk appraisal and management. Routledge.
Herrera, A. V., Ron, M., & Rabadão, C. (2017, June). National cyber-security
policies oriented to BYOD (bring your own device): Systematic review.
In Information Systems and Technologies (CISTI), 2017 12th Iberian
Conference on (pp. 1-4). IEEE.
Hillson, D., & Murray-Webster, R. (2017). Understanding and managing risk
attitude. Routledge.
{Student Id, student name} 11
References
Anwar, M., He, W., Ash, I., Yuan, X., Li, L., & Xu, L. (2017). Gender difference
and employees' cybersecurity behaviors. Computers in Human Behavior, 69, 437-
443.
Bessis, J. (2015). Risk management in banking. John Wiley & Sons.
Carlin, S., & Curran, K. (2013). Cloud computing security. In Pervasive and
Ubiquitous Technology Innovations for Ambient Intelligence
Environments (pp. 12-17). IGI Global.
Chang, L. Y., Zhong, L. Y., & Grabosky, P. N. (2018). Citizen co‐production of
cyber security: Self‐help, vigilantes, and cybercrime. Regulation &
Governance, 12(1), 101-114.
Chen, Y., Hong, J., & Liu, C. C. (2018). Modeling of intrusion and defense for
assessment of cyber security at power substations. IEEE Transactions on
Smart Grid, 9(4), 2541-2552.
Crossler, R. E., Bélanger, F., & Ormond, D. (2017). The quest for complete
security: An empirical analysis of users’ multi-layered protection from
security threats. Information Systems Frontiers, 1-15.
Daniele, P., Maugeri, A., & Nagurney, A. (2017). Cybersecurity investments with
nonlinear budget constraints: Analysis of the marginal expected utilities.
In Operations Research, Engineering, and Cyber Security (pp. 117-134).
Springer, Cham.
Gollmann, D., & Meier, J. (2009). Computer Security–ESORICS 2006: 11th
European Symposium on Research in Computer Security, Hamburg,
Germany, September 18-20, 2006, Proceedings (Vol. 4189). Springer
Science & Business Media.
Harris, E. (2017). Strategic project risk appraisal and management. Routledge.
Herrera, A. V., Ron, M., & Rabadão, C. (2017, June). National cyber-security
policies oriented to BYOD (bring your own device): Systematic review.
In Information Systems and Technologies (CISTI), 2017 12th Iberian
Conference on (pp. 1-4). IEEE.
Hillson, D., & Murray-Webster, R. (2017). Understanding and managing risk
attitude. Routledge.
{Student Id, student name} 11
Subject code, IT risk management, semester number
Jamil, D., & Zaki, H. (2011). Cloud computing security. International Journal of
Engineering Science and Technology, 3(4).
KHAN, M., & AYYOOB, M. (2017). Computer security in the human
life. computer security in the human life, 6(1), 35-42.
Lam, J. (2014). Enterprise risk management: from incentives to controls. John
Wiley & Sons.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity
and healthcare: how safe are we?. Bmj, 358, j3179.
Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing
security. International Journal on Recent and Innovation Trends in
Computing and Communication, 1(1), 36-39.
Mitchell, R., Fisher, A., Watson, S., & Jarocki, J. (2017, January). Linkography
ontology refinement and cyber security. In Computing and Communication
Workshop and Conference (CCWC), 2017 IEEE 7th Annual (pp. 1-9). IEEE.
Omeje, K. (2017). High stakes and stakeholders: Oil conflict and security in
Nigeria. Routledge.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance.
Auerbach Publications.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance.
Auerbach Publications.
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.
Tsikrika, T., Akhgar, B., Katos, V., Vrochidis, S., Burnap, P., & Williams, M. L.
(2017, February). 1st international workshop on search and mining terrorist
online content & advances in data science for cyber security and risk on the
web. In Proceedings of the Tenth ACM International Conference on Web
Search and Data Mining (pp. 823-824). ACM.
{Student Id, student name} 12
Jamil, D., & Zaki, H. (2011). Cloud computing security. International Journal of
Engineering Science and Technology, 3(4).
KHAN, M., & AYYOOB, M. (2017). Computer security in the human
life. computer security in the human life, 6(1), 35-42.
Lam, J. (2014). Enterprise risk management: from incentives to controls. John
Wiley & Sons.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity
and healthcare: how safe are we?. Bmj, 358, j3179.
Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing
security. International Journal on Recent and Innovation Trends in
Computing and Communication, 1(1), 36-39.
Mitchell, R., Fisher, A., Watson, S., & Jarocki, J. (2017, January). Linkography
ontology refinement and cyber security. In Computing and Communication
Workshop and Conference (CCWC), 2017 IEEE 7th Annual (pp. 1-9). IEEE.
Omeje, K. (2017). High stakes and stakeholders: Oil conflict and security in
Nigeria. Routledge.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance.
Auerbach Publications.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: concepts and guidance.
Auerbach Publications.
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.
Tsikrika, T., Akhgar, B., Katos, V., Vrochidis, S., Burnap, P., & Williams, M. L.
(2017, February). 1st international workshop on search and mining terrorist
online content & advances in data science for cyber security and risk on the
web. In Proceedings of the Tenth ACM International Conference on Web
Search and Data Mining (pp. 823-824). ACM.
{Student Id, student name} 12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.