ABSTRACT
BYOD has become the rhetoric in the revolution towards “Consumerization of IT”. People demand the freedom to work on the device of their choice. Skilled resources help your business perform at its best. Consumerization is well established in the organization and will drive continued transformation of business and IT models in the forthcoming years. By embracing this trend and adopting a bring-your-own-device (BYOD) strategy, organizations can improve productivity, satisfaction, talent recruitment and employee retention. It is one of the biggest trends sweeping the employment landscape today. Employees are becoming more accustomed to having newer technology at their fingertips due to increasing smartphones and tablets use. BYOD is making significant profit; with about 60% of employees in developed market use their own technology at work. BYOD can be leveraged anywhere and anytime possibility by moving the entire network of the organization in the cloud.
Key terms: BYOD Policy, Security, Growth, Cloud Computing, IaaS, PaaS, SaaS.
BYOD
The bring-your-own-device (BYOD) trend is going strong in the enterprise. While companies that allow BYOD [1] have the potential to increase its business value, their IT departments are tasked with the reality of managing multiple devices and keeping the data on them safe. Companies should have well chalked-out policies that allow employees to use personal devices, which will protect the interests of the company and address the numerous security and integrity concerns. Defining the BYOD policy [2] will be handled by resource persons according to the requirement. Employees must agree to the terms and conditions set forth in the policy in order to be able to connect their device to the company network. The company can have option to reimburse the gadgets of employees. For an effective BYOD implementation, the following policies should be implemented:
- The devices and operating systems that the company will be supporting should be properly specified.
- As an additional security, all the devices would be password protected.
- The applications which employees can access from their personal devices should be properly determined.
- No external application should be allowed to use inside the organizational premises.
CLOUD COMPUTING
Cloud computing [8] is seen as the next wave of Technology which will accelerate the pace of the IT industry. Cloud services will increase the computing power without investing much on infrastructure. The cloud offers services include SPI – Software, Platform and Infrastructure. Cloud services enable users to remotely utilize the services in the pay-per use model. Cloud computing is the manipulation of hidden computing resources that are provided as services to the clients through the internet. A cloud can be public, private and hybrid. A public cloud can be accessed by anyone who is using the internet. A private cloud is a closed network that supplies deployed services to a limited number of people. Virtual private cloud is offered as a commercial computer service through public cloud. The goal of cloud computing is to provide easy, flexible and reliable access to computing resources and software services. A hybrid cloud is a combination of private and public cloud. This works by leasing a extend services to the private cloud. The availability and flexibility of free open source cloud platforms are mainly used to deploy the private and hybrid cloud computing environments.
SERVICES OFFERED IN CLOUD
Cloud [7] is mainly intended to use what we need. According to it, the cloud can have many kinds of services like everything as a service, Infrastructure as a service, Platform as a service, Software as a Service, Hardware as a Service, Workplace as a Service, Data as a service and Security as a service. The main services in the cloud are explained below.
SaaS- SaaS is a software delivery method that provides access to software and its functions remotely as a Web-based service. Software as a Service allows organizations to access business functionality at a cost typically less than paying for licensed applications.
IaaS- Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.
PaaS- Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones.
GROWTH OF BYOD
As per a survey conducted by TechRepublic [6], 44% of companies either have implemented BYOD policies and 18% are planning to do by the end of 2013. BYOD is already a well-established concept in businesses and is still on the rise. According to a survey conducted by Good Technology, one of the leading vendors of mobile management software, the percentage of BYOD supporting enterprises rose from 72% to 76% between 2011 and 2012.
IMPLEMENTATION
BYOD [4] can be implemented with cloud to form borderless network which will allow each and every employees to work on whatever time they like. To make the best use of cloud and BYOD, It can be implemented as private cloud. It will increase the security of the organization network infrastructure and able to limit the intrusion. Every organization can use multiple soft wares for manipulating their business, so the cloud service can be implemented as everything as a Service. It may also be wise to implement a tiered access level to Cloud services/applications across the organization so as to only allow access on an ‘as needed basis’. An organization can implement cloud by leasing out to private vendor, Otherwise the organization can form the own cloud server by using OpenStack or other software. For effective implementation of BYOD, an organization should tailor out it needs and then it can identify the use cases and requirements. Then an organization can use a standard architecture for implementation and it can rollout the roadmap.
RISKS INVOLVED IN IMPLEMENTING BYOD
There should be proper Risk Management plan for deploying BYOD in an organization, keeping into account the expectations of stakeholders and other sponsors. There are many internal and external factors like politics, economics, social issues, industry trends etc., which might affect BYOD implementation. The following risks are involved in implementing BYOD:
- Technological risks
- Legal risks
- Project Management risks
- Organizational risks
- Security risks
- Regulatory risks
COSTS INVOLVED IN IMPLEMENTING BYOD
Though BYOD doesn’t involve much of direct costs, as there is minimal change w.r.t the hardware involved or consultation, but it does involve some tacit and indirect costs which should be taken care by the organizations. Some of the costs involved are:
- Cost of implementing and managing an MDM solution
- Costs of BYOD policy development and program management
- Updating in-place enterprise security and help desk
- Risk management expenses
- Internal app development costs
BENEFITS OF BYOD & CLOUD
According to research, employees who are offered BYOD [5] are more likely to be productive in the workplace. Due to streamlining of work process, BYOD allows better balance between the personal and professional life of an employee. Some of the benefits of BYOD include:
- Reduction in hardware costs
- Increase in employee satisfaction
- Minimizing training and technical support overheads
- Flexibility
- Productivity at work.
- Empower people and more profit for organization.
KEY CHALLENGES IN BYOD
Even though the BYOD [4] can be used to empower people and their work, but by handing over the entire network to the private vendor, there may be a chance of vulnerability to organization. The main key challenges in BYOD are
- Data Leaks at private data center
- Device Loss
- End Node Problem
- Data Breaches
- Privacy
- The company has to bear a part of price to the gadget.
CONCLUSION
The days of a static, one-size-fits-all policy applied to company-owned assets are over. Today, IT departments need to understand what devices are trying to connect to their networks, so they can provide convenient, secure access to those that are authorized, including personal iPads and smartphones. By moving the network into cloud, the organization reduces a lot of costs and look beyond on improving the organization value. Thus this technology makes the organization to high perform by stepping into employee’s shoes. Even though the organization can practice best security standard at its steps but it can’t prevent all failures, so risk transfer is often necessary.
By: Information Technology Research Group, Alexis Foundation
REFERENCES
- Bradford Networks, Network World, ”Bring Your Own Device (BYOD) Unleashed in the Age of IT Consumerization”, 2011.
- Osterman, ”A Better Method of Authentication”,2012.
- Cisco, cisco.com
- Zdnetwork, zdnet.com
- Intel, intel.com
- Spectrum, spectrum.com
- Introduction to open stack cloud computing, Dialogic Corporation,
- Zhang Xin, Lai song-qing,”Research on cloud computing data security model based on multi-dimension”, 2012.
