Addressing the Challenges of the ‘Bring Your Own Device Opportunity
| By Ansaldi, Holly | |
| Proquest LLC |
The advancing capabilities of smartphones have triggered drastic changes within the workplace, such as the introduction of "bring your own device" (BYOD) programs. BYOD programs have resulted from the escalating importance of smartphones, tablets, and mobile computing in offices, school, and government offices. Companies have seen numerous benefits-increased employee satisfaction, improved productivity, reduced costs, and an expanded number of mobile users-from allowing employees to use their own devices in the workplace. But companies are also facing new security, policy, and legal challenges as employees use personal mobile devices to access networks and confidential data. Although these changes continue to grow in complexity, companies have found few solutions to the challenges they present.
The BYOD Revolution
Many companies, charitable organizations, and government agencies are considering the implementation of BYOD programs. As an alternative to traditional work environments, these programs allow employees to utilize a personal computing device for conducting business processes and accessing company data ("Bring Your Own Device,"
This movement has gained momentum as the use of mobile devices has grown; in 2012, 44% of Americans owned a anartphone; of these individuals, 71% used their smartphones in the workplace ("Our Mobile Planet:
Some businesses have begun to see this shift as an opportunity to merge new technologies with their business needs (
The Benefits of BYOD Programs
The organizations that approach BYOD programs in the correct manner are gaming valuable competitive advantages within their industries. According to a recent study conducted by
According to a
BYOD programs go beyond improving employee conditions: organizations benefit from reduced costs. For example, after implementing a BYOD program, the
Challenges of BYOD Programs
Despite the numerous benefits of BYOD programs, organizations still face policy, legal, and security challenges. Before implementing a similar program, companies should consider the risks involved. One of the biggest challenges is the lack of a standard set of protocols for BYOD programs, which leaves many organizations unaware of the security risks or unsure of which policies they can set up on their own. A study conducted by research firm ITIC found that 71% of businesses that allow BYOD have no specific policies or procedures in place to ensure security (
Equal-access questions present another challenging legal issue for BYOD programs (
Perhaps the most substantial challenges of BYOD programs relate to security risks. Within an organization's network, IT departments can maintain the security requirements of hardware and can set password control and encryption; however, without knowledge of the legal ramifications or a set of policies for BYOD hardware, confidential data can be leaked for use by competitors or to hurt the organization's profitability. In addition, a breach of hardware security can give unauthorized individuals access to more secure data and networks.
Companies should also consider additional challenges, such as employees who work internationally-for example, some countries might consider remote wipes of personal devices to be illegal. Furthermore, although personal devices could be utilized in simple work environments, employees might be less willing to use smartphones at higher data-plan rates when offered the same reimbursement rate (
Future Risks and Possible Responses
Goal convergence occurs when related, but distinctly separate, trends are working toward an overall goal. With the various challenges introduced by BYOD, organizations would be well advised to remain mindful of achieving goal convergence, rather than introducing goal conflicts; in this way, technology can serve the best interests of the organization as a whole. Although some organizations might respond impulsively to some of these challenges, there are rational and strategic ways to significantly reduce the risks associated with BYOD programs. For example, companies can utilize new device technologies and applications or even current technologies, such as virtual desktops. In addition, the communication and implementation of a company-wide policy should be maintained.
As the business environment evolves, managers continue to consider possible solutions to the challenges of BYOD programs. With more advanced smartphone applications, risks to the security of communications-in particular, mobile e-mail-become greater; however, recently developed mobile devices have more advanced security, better functionality, and tiie ability to run a single client over multiple device families. This helps assuage some of these security concerns.
Furthermore, dual-identity phones, currently in production and slated for release later this year, enable users to run two separate interfaces on the same device; this would provide additional security for organizations by dividing work and personal data (Lucas Mearían, "Dual-Identity Smartphones Could Bridge BYOD Private, Corporate Divide," Computerworld,
The TTB introduced another alternative by setting up virtual desktops that avoided saving data on personal devices while maintaining a mobile work environment (
In order to address the concerns over governance and policies, responses to risk need to be wider in scope. Proper governance begins with an oiganization's policies on protocols and monitoring prior to the implementation of a BYOD program. These policies should include organizational positions on remote wipes and confiscation; employee responsibilities, in terms of hardware and software requirements; allowable activities and devices; and procedures for support (Brandel 2012). Although these positions might not be universal to each organization or industry, setting ground rules is a vital step for organizational security. Given the rapid turnover of new technology, allowable devices for employees are always changing; thus, it is important to maintain certain policy standards throughout the organization.
Maintaining communication with employees who participate in these programs is also important when developing policies. This includes both proper training on the risks associated with BYOD programs and informing stakeholders throughout the organizational ladder about the reasons for adopting certain policies (Brandel 2012). This continuous approach engages all stakeholders-employees in particular-in the governance process, which could help them better regulate their activities and understand why they should not violate the policies. Engaging stakeholders lends effective support to the organization's goal convergence.
Engagement and communication with legal counsel and human resources can also assist in legal challenges that can result from the implementation of BYOD programs (
After applying BYOD policies, organizational technicians (or consultants) should implement and test controls, such as remote device wipe, restrictions on e-mail forwarding, and screening for e-mail that contains malicious software. Organizations should apply both preventive controls, such as antivirus software, as well as detective and corrective controls, such as firewall alert mechanisms. Testing these controls is another effective response to risks that can be uniquely introduced by a BYOD program, regardless of how long it has been in place; testing does not need to be a one-time effort, and it is never too late to test controls.
The Role of CPAs
The part of CPAs in this process is clear- whether working internally or externally, they can assist in the establishment of proper protocols and controls in order to maintain a company's security. Once a BYOD program is established, CPAs can play a vital role in testing the controls and maintaining knowledge of the risks associated with these programs. CPAs possess basic knowledge of accounting and information systems, and they can demonstrate their value to an organization through an analysis of risks, responses, and monitoring.
Although BYOD programs still present a number of risks that have yet to be adequately mitigated, the benefits are worthy of consideration. Moreover, it is imperative for managers to prepare their organization, set up policies, test controls, communicate with necessary parties, and understand other technological options in order to give their organization the best chance for a successful implementation of a BYOD program.
BYOD programs go beyond improving employee conditions: organizations benefit from reduced costs.
Once a BYOD program is established, CPAs can play a vital role in testing the controls and maintaining knowledge of the risks associated with these programs.
This article was published with the assistance of
| Copyright: | (c) 2013 New York State Society of Certified Public Accountants |
| Wordcount: | 2011 |



Employee Plan ‘Fix-It’ Programs and How to Use Them
Nordic Equipment for Worldwide Markets
Advisor News
- The overlooked retirement security risk that must be addressed
- What advisors should know about hedge funds in retirement planning
- Retirement control is top success measure for middle class, ACLI says
- Industry groups applaud House passage of Financial Exploitation Prevention Act
- Younger workers more likely to be eligible for a retirement plan after changing jobs
More Advisor NewsAnnuity News
- MassMutual Ranks No. 100 on the 2026 Fortune 500® List
- What’s fueling record annuity growth?
- Jackson Named InvestmentNews 2026 Annuities Provider of the Year
- State Farm’s agency overhaul: What distribution can learn
- IRI, ACLI express support for CLEAR Forms Act
More Annuity NewsHealth/Employee Benefits News
- HAFA praises bill to establish multifactor authentication for ACA enrollees
- Corvese, Famiglietti bill to protect patients’ insurance rights signed into law
- More Hoosiers go uninsured, resulting in higher emergency department usage
- WA CARES FUND BENEFITS OPEN, LAUNCHING NATION'S FIRST PUBLIC LONG-TERM CARE INSURANCE PROGRAM
- 16,000 new moms to benefit from expanded Medicaid coverage starting Wednesday
More Health/Employee Benefits NewsLife Insurance News
- ‘Recession-Proof’ Insurance Is Trending. Safety Net or Scam?
- Winged Keel Group Expands National Presence and PPLI Leadership, Welcomes SBSI, Inc. (dba NFP Insurance Solutions)
- MassMutual Ranks No. 100 on the 2026 Fortune 500® List
- 180-year Old New York Life Adds to Tokenized Funds
- Never stop learning: A lesson for the next generation of advisors
More Life Insurance News