Enhancing Organizational Data Security on Employee-Connected Devices Using BYOD Policy

Abstract

To address a business need, most organizations allow employees to use their own devices to enhance productivity and job satisfaction. For this purpose, the Bring Your Own Device (BYOD) policy provides controllable access for employees to organize data through their personal devices. Although the BYOD practice implies plenty of advantages, this also opens the door to a variety of security risks. This study investigates these security risks and proposes a complementary encryption approach with a digital signature that uses symmetric and asymmetric algorithms, depending on the organization’s digital certificate, to secure sensitive information stored in employees’ devices within the framework of BYOD policies. The method uses Advanced Encryption System (AES), Blowfish, RSA and ElGamal with a digital signature to achieve strong encryption and address critical security considerations such as user authentication, confidentiality and data integrity. The proposed encryption approach offers a robust and effective cryptographic solution for securing sensitive information in organizational settings that involve BYOD policies. The study includes experimental results demonstrating the proposed approach’s efficiency and performance, with reasonable encryption and decryption times for different key and file sizes. The results of the study revealed that AES and Blowfish have the best execution time. AES has a good balance of security and performance. RSA performs better than ElGamal in encryption and signature verification, while RSA is slower than ElGamal in decryption. The study also provides a comparative analysis with previous studies of the four encryption algorithms, highlighting the strengths and weaknesses of each approach.