Using Balanced Scorecard To Measure BYOD Effectiveness
From an organizational perspective, the concepts of performance management are very much the base that supports the balanced scorecard framework. Indeed, the balanced scorecard approach becomes very understandable when one realizes that, instead of being a radical new approach to performance management and measurement, it merely brings together and organizes tried-and-true performance-enhancing "best practices" that companies have been practicing for decades.
Heralded by the Harvard Business Review as one of the most significant management ideas of the past 75 years, balanced scorecard, has been implemented in companies to both measure and manage the IT effortand by extension BYOD.
For IT managers, the balanced scorecard is an invaluable tool that permits IT to link to the business side of the organization using a "cause-and-effect" approach. Some have likened the balanced scorecard to a new language, which enables IT and business line managers to think together about what IT can do to support business performance. A beneficial side effect of the use of the balanced scorecard is that, when all measures are reported, one can calculate the strength of relations between the various value drivers. For example, the relationship between BYOD usage and cost levels might infer that the usage of BYOD does not sufficiently contribute to results as expressed by the other (e.g., financial) performance measures.
BYOD: Mobile Devices Threats and Vulnerabilities
Mobile devices typically need to support multiple security objectives. These can be accomplished through a combination of security features built into the mobile devices and additional security controls applied to the mobile devices and other components of the enterprise IT infrastructure. The most common security objectives for mobile devices are as follows:
- ConfidentialityEnsure that transmitted and stored data cannot be read by unauthorized parties.
- IntegrityDetect any intentional or unintentional changes to transmitted and stored data.
- AvailabilityEnsure that users can access resources using mobile devices whenever needed.
To achieve these objectives, mobile devices should be secured against a variety of threats. Mobile devices often need additional protection because their nature generally places them at higher exposure to threats than other client devices (e.g., desktop and laptop devices only used within the organization's facilities and on the organization's networks). Before designing and deploying mobile device solutions, organizations should develop system threat models for the mobile devices and the resources that are accessed through the mobile devices. Threat modeling involves identifying resources of interest and the feasible threats, vulnerabilities, and security controls related to these resources, quantifying the likelihood of successful attacks and their impacts, and finally analyzing this information to determine where security controls need to be improved or added. Threat modeling helps organizations to identify security requirements and to design the mobile device solution to incorporate the controls needed to meet the security requirements. The major security concerns for these technologies that would be included in most mobile device threat models are discussed below.
Also new this issue:
Big Data Analytics Architectures, Frameworks, and Tools
Wullianallur Raghupathi and Viju Raghupathi
Like big data, the analytics associated with big data is also described by three primary characteristics: volume, velocity, and variety (http://www01.ibm.com/software/data/bigdata/). There is no doubt data will continue to be created and collected, continually leading to incredible volume of data. Second, this data is being accumulated at a rapid pace, and in real time. This is indicative of velocity. Third, gone are the days of data being collected in standard quantitative formats and stored in spreadsheets or relational databases. Increasingly, the data is in multimedia format and unstructured. This is the variety characteristic. Considering volume, velocity, and variety, the analytics techniques have also evolved to accommodate these characteristics to scale up to the complex and sophisticated analytics needed (Russom, 2011; Zikopoulos et al., 2013). Some practitioners and researchers have introduced a fourth characteristic: veracity (Ohlhorst, 2012). The implication of this is data assurance. That is, both the data and the analytics and outcomes are error-free and credible.
Simultaneously, the architectures and platforms, algorithms, methodologies, and tools have also scaled up in granularity and performance to match the demands of big data (Ferguson, 2012; Zikopoulos et al., 2012). For example, big data analytics is executed in distributed processing across several servers (nodes) to utilize the paradigm of parallel computing and a divide and process approach. It is evident that the analytics tools for structured and unstructured big data are very different from the traditional business intelligence (BI) tools. The architectures and tools for big data analytics have to necessarily be of industrial strength. Likewise, the models and techniques such as data mining and statistical approaches, algorithms, visualization techniques, etc., have to be mindful of the characteristics of big data analytics. For example, the National Oceanic and Atmospheric Administration (NOAA) uses big data analytics to assist with climate, ecosystem, and environment, weather forecasting and pattern analysis, and commercial translational applications. NASA engages big data analytics for aeronautical and other types of research (Ohlhorst, 2012). Pharmaceutical companies are using big data analytics for drug discovery, analysis of clinical trial data, side effects and reactions, etc. Banking companies are utilizing big data analytics for investments, loans, customer demographics, etc. Insurance and healthcare provider and media companies are other big data analytics industries.