The new acronym is BYOD or Bring Your Own Device, basically your device holds your information – it’s also used in the medical industry, and an Aruba study reports that over 86% of health care personnel use these mobile devices, and one day you can keep your medical information on these devices as well….This certainly may assist in the adoption of Electronic Medical Records (EMRs), but on the same day a report of a rogue app that apparently will steal all your photos on your device – after you’ve given permission (that terms of use policy we all accept before installing software) – so how then would be it easy to steal your medical records
http://gizmodo.com/5889051/rogue-apps-can-access-and-steal-your-entire-iphone-photo-library
Dr. Steven Brown
Comments
BYOD saves upfront business costs however, it is an accident waiting to happen. I disagree with businesses of any industry allowing BYOD on their networks unless; the employee (consents) allows for hardened kernel of the mobile OS running said devices, baseline security configurations based on industry compliant standards such as SOX, PCI/DSS, or HIPAA and AUP.
The real problem is trusting the user to know better, to know safe email usage, web browsing, application installation, virus basics, and to be ethical. This is a real challenge.
Rootkits and viruses are becoming more and more elusive such as with the DUQU trojan that is even using a ‘unknown programming language’ (Kaspersky, 2012). I can see this being a good angle for research however, the company’s INFOSEC team can allow BYOD while collecting vital data.
I do see a privacy issue here, once my personal system is connected to my job, what access does my employer get to non-work essential data (my personal data). It is fair to surmise that employers are vigilante when it comes to social media such as Facebook, Twitter, LinkedIN and so forth. What personal data can be used against a employee when dealing with BYOD or social media? It appears that we are moving into a transparent society whereby, in the future job hiring will be done mostly behind the scene and the interview process will consist more of psyche tests and face-to-face character / integrity sit-down.
The future employer will know so much about you due to BYOD data mining and social media outlets that we all willingly share that hiring may be left to personality + credentials. The employer’s hiring job will become much easier, less cumbersome and less costly.