What is it about?
Bring your own device (BYOD) is the practice of bringing an individual’s own technology into the organisation for use in that environment. BYOD became more commonplace in the COVID19 pandemic, as employees worked from home, often with their own equipment. This practice has brought with it both advantages and risks. The exposure of remnant data on devices can represent a data breach and have significant impact on both the individual and the organisation. Disturbingly, there has been consistent increases in the number of devices being found on public platforms containing such data. The potential impact to organisations is only heightened in a predominant work-from-home (WFH) environment. The question was asked - do publicly available BYOD policies sufficiently address this problem.
Featured Image
Photo by Marc-André Julien on Unsplash
Why is it important?
This study analysed a ‘snapshot’ of a sample of publicly available BYOD policies to determine if the documents were adequately addressing the issue of BYODs reaching end of life; being discarded, sold, stolen or a combination of these. The findings from the research show a majority of publicly available BYOD policies do not address this critical issue.
Perspectives
Bring Your Own Device policies (BYOD) are critical to enforce security provisions yet in addition to data remaining on devices being found on publicly available platforms, an analysis of publicly available BYOD policies also demonstrates the majority of these enforcement instruments are insufficient to mitigate data breaches.
Ben Scott
Edith Cowan University
Read the Original
This page is a summary of: A snapshot analysis of publicly available BYOD policies, February 2021, ACM (Association for Computing Machinery),
DOI: 10.1145/3437378.3437394.
You can read the full text:
Contributors
The following have contributed to this page
