A BYOD policy is a set of regulations regulating the amount of assistance to employee owned PCs, smartphones, and tablets by a corporate IT department.BYOD is an organizational policy that enables staff to connect via a corporate network to their private devices such as mobile phones, laptops and tablets. Employees can access company mails and also private information and apps.
BYOD is a growing trend for staff to remotely access any corporate network to carry out their job on their private devices such as smartphones, tablets, laptops, etc. The program includes BYOP, BYOT and BYOPC (Bring Your Own Phone, Technology & Personal Computer), and it is now promoted by businesses around the globe.
Throughout their visits, employees can therefore access their smartphone with official mail and connect to the office, and work on their laptop and use tablets to participate in meetings that are held in their office.Today, BYOD is essential as staff want to perform their best in the competitive world of today and businesses want to take full advantage of their resources (Zahadat et al, 2015).
The first challenge is security issues. Security is clearly the main factor in all BYOD issues and generally avoids the application of a BYOD policy by businesses. For example, for security reasons BYOD was not adopted by the Washington State Wenatchee Valley Medical Centre. The hospital system offers access only to smartphones that satisfy stringent security circumstances through the McAfee Enterprise Mobility Management product. "Patient health information is a priority and consumer devices are simply unable to secure this information on a personal widget passing the door," said Wenatchee Valley Medical Center's Senior Engineer, Don Lester(McGillicuddy, 2013).Generally speaking, IT stores are used to handling the device selection and each application installed on an end-to-end model, says David Willis, Gartner Inc.'s head of mobility and communication research.
Employees use their own devices and a wide range of devices, operating systems and software are endorsed. Organization, depending on how they are to be used, should recognize what supporting materials. Certain devices may be OK to limit access and access to other firewall programs for certain applications, such as e-mail (Garba et al, 2015).Two years ago, HDFC only allowed staff to use BlackBerry when the bank started allowing staff to use their own phones because the Smartphone brand enables crypting. The bank restricted staff to access the company email accounts with BlackBerrys. HDFC recognizes the popularity of the iPhone and the iPad and is trying, in its BYOD policy, to integrate Apple phones (Chou et al., 2017).
Heterogeneous customers and safety: The range of devices is comparatively low in the traditional user-supplied device setting. In general, smaller variation means less complexity, reduced complexity implies less exposure to human error, and less exposure to human error means greater safety.
Secondly, challenge of Malware Issues. Personnel-owned devices are vulnerable to malware and to malware. That's why some individuals called the phenomenon of BYOM (Bringing Your Own Malware). According to the Lookout, Google Store included 32 malicious apps known as BadNews. Interestingly, apps were 9 million times downloaded in 2013. Bit9 reports 100,000 Android applications suspected. Hackers are currently finding innovative techniques of accessing information on a desktop. According to researchers from Alabama University in Birmingham, hackers use music to cause mobile malware on their phone.
The unauthorized access to corporate information via mobile applications is another problem for companies. When staff download malicious applications on their mobile phones, they offer unauthorized access to critical business information to external users. It is difficult for safety software to be imposed and for these systems to include updates and patches. Staff can uninstall this software readily if they think it affects the efficiency of the device and degrades the end-user experience (Bonuccelli, 2019).
The devices used for private operations tend to be more vulnerable to malware; they do not necessarily provide safety on a number of consumer locations, after all, like many locations intended for operations in a business to business environment (Eslahi et al, 2014).
As identity theft and phishing scams are increasing incidents throughout the country, government agencies have established rigorous data management laws. One instance is the 1998 UK Data Protection Act. The Act governs the collection and storage of information. While no PCI DSS (Payment Card Industry Data Security Standard), which relates to loan Card transactions and HIPAA, which provides protection of privacy to people's health is not in accordance with this law in the United States, the organization must comply with other rules. Complexity improves when such information is stored and administered on an operator's own device.