Ethics Guide Privacy Versus Productivity: The BYOD Dilemma?: Group 1

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 19

Ethics Guide

Privacy versus Productivity: The


BYOD Dilemma?

GROUP 1
 MS21A018    GOWRI LEKSHMI SJ
 MS21A025    JAGVIR SINGH JAGLAN
 MS21A032    KUMAR PARAKRAM
 MS21A044    PAVAN KUMAR REDDY
INTRODUCTION • Justin works in operations dept., boss calls for BYOD committee
for framing policy.
• Feedback/Views from active mobile users before decision.
• First meeting - coworkers constantly checking social media,
browsing Web, messaging their friends. need some guidance on
what is and is not acceptable.
• Justin views: No doubt, this needs to be addressed. we live on our
smartphones ,use them for everything, and they really do make us
more productive. We're not giving them up.
Facts
 Justin : meeting may be discussion about how to restrict smart devices to improve
productivity
 IS starts right into security issues.
 How they were going to secure company data from leaking out through new
smart devices.
 Discuss possibility of "configuring" people's personal devices to protect the
company's data.
Facts
• Justin agree 100 percent but thinks IS was being a little too cynical.,
• mobile devices aren't really a new data security threat. 20 years ago, one could copy
data onto a CD and take it out of office.
• Later, one could use a thumb drive or take it home on laptop and, if wanted to steal
it, copy it onto one of home computers.
• Now, we can take data on our own mobile devices if we want.
• Maybe it isn't what I'm taking out that's a threat; maybe it's what I'm bringing' in.
Facts
• IS dept doesn't know what apps I've got on my mobile device.
• Must be why they want to "configure" it.
• Maybe they want to make sure I'm not using an app to steal data.
• May be they want to see that I don't have malware that could
damage the corporate network. But they did mention that they
want to add apps of their own to it as well.
Facts
 That part makes me nervous. I heard that one company installs
key loggers, you know, a program that records all the user's
keystrokes into a file.
 IS dept regularly checks what owners are doing with their own
devices. What prevents them from looking at my personal
messages or pictures or seeing whom. I talk to? This sounds
like a big privacy issue. People won't like this at all.
 Plus, on the committee, I've learned one plan is to install a
program that IS can use to remotely wipe all programs off
mobile devices at their command. They say they need it in case
we lose our devices. OK, I get that. But what if someone makes
a mistake? Wipes out my device by accident? Will they wipe all
programs off my mobile device then?
Facts
 Right now, I'm not sure what to do. I told my boss that our productivity and morale
would tank if our personal devices were banned. I also told him that there would be a
full-scale revolt if the IS department loaded any type of monitoring software on our
devices. Honestly, I doubt they'll be able to get anything loaded onto any personal
device. The most talented people we've got might just quit.
 From IS perspective, they don't trust the programs I put on my mobile device.
They've also got some legitimate concerns about data walking out the door. Maybe
they should just buy me a smartphone and computer to use at work. Their hardware
costs would go up, but they'd be able to control their devices.
 I'll still bring my mobile device to work, but I'll use my own wireless network, not
theirs, and I won't do work with it. Is that why my boss wants me on this committee?
DISCUSSION QUESTIONS
1.Consider the decision to install monitoring software on an employee's personal
device.
a. Is this decision ethical according to the categorical imperative (pages 20-21)?
b. Is this decision ethical according to the utilitarian perspective (pages 46-47)?
C. How could monitoring software be used unethically by the IS department?
d. How would users react if they found out that the IS department wasreading their
personal text messages or viewing their browsing history?
DISCUSSION QUESTIONS

2. The IS department is concerned about data theft by employees. But employees are
concerned about the IS department using monitoring software to violate their privacy.
a. Which do you think is more likely to happen?
b. Which do you think would cause more harm to the organization? Why?
DISCUSSION QUESTIONS

3. In your opinion, which is the greater threat of mobile devices at work: the data the
employees take out or the programs they bring in? Explain your answer.
4. Is it ethical for an organization to monitor its employees' behavior if it purchased
the devices for them? Consider both the categorical imperative and utilitarian
perspectives.
DISCUSSION QUESTIONS
DEVICES AT WORK VS. DEVICES FOR WORK

Devices that are brought to the workplace but do not have access to the company
network are not usually problematic; however, due diligence is necessary in all cases
with strict, clearly defined BYOD policies and enforcement.

CHALLENGES OF BYOD SECURITY

BYOD has become increasingly common and awareness of security risks has grown,
BYOD security policies are becoming more widely adopted and accepted by both
companies and their employees.
THE NEED FOR BYOD SECURITY
DEFINING A BYOD SECURITY POLICY

• Essential elements of a BYOD policy, includes:

• Acceptable use: what applications and assets are


employees permitted to access from their personal
devices?
• Minimum required security controls for devices
• Company-provided components, such as SSL
certificates for device authentication
• Company rights for altering the device, such as remote
wiping for lost or stolen devices
Password POLICY

• Sensitive info, either belonging to company or its


customers, password protections are non-
negotiable. Most organizations require strong
passwords on mobile devices and computers. Some
enact regular password changes every 7 days, for
example may want to consider 2-factor
authentication for any applications and programs
accessed from employee-owned devices.
Privacy Provisions

• Company data belongs to company, but it happens


to be on a privately owned device. Privacy is a big
deal, and BYOD policy needs to address how
company to protect data while ensuring employees’
privacy. Some companies choose to tell workers to
expect no privacy when using personal devices for
work purposes.
Data Transfer Provisions

• If someone is using a certain app that’s unapproved


to transfer data, and this application is breached,
there could be serious legal ramifications. Data
should be encrypted, password protected and only
transferred on company mandated applications.
THANK YOU

You might also like