TY - JOUR
T1 - A systematic approach to investigating how information security and privacy can be achieved in BYOD environments
AU - Bello, Abubakar Garba
AU - Murray, David
AU - Armarego, Jocelyn
PY - 2017
Y1 - 2017
N2 - Purpose-This paper's purpose is to provide a current best practice approach that can be used to identify and manage bring your own device (BYOD) security and privacy risks faced by organisations that use mobile devices as part of their business strategy. While BYOD deployment can provide work flexibility, boost employees' productivity and be cost cutting for organisations, there are also many information security and privacy issues, with some widely recognised, and others less understood. This paper focuses on BYOD adoption, and its associated risks and mitigation strategies, investigating how both information security and privacy can be effectively achieved in BYOD environments. Design/methodology/approach-This research paper used a qualitative research methodology, applying the case study approach to understand both organisational and employee views, thoughts, opinions and actions in BYOD environments. Findings-This paper identifies and understands BYOD risks, threats and influences, and determines effective controls and procedures for managing organisational and personal information resources in BYOD. Research limitations/implications-The scope of this paper is limited to the inquiry and findings from organisations operating in Australia. This paper also suggests key implications that lie within the ability of organisations to adequately develop and deploy successful BYOD management and practices. Originality/value-This paper expands previous research investigating BYOD practices, and also provides a current best practice approach that can be used by organisations to systematically investigate and understand how to manage security and privacy risks in BYOD environments.
AB - Purpose-This paper's purpose is to provide a current best practice approach that can be used to identify and manage bring your own device (BYOD) security and privacy risks faced by organisations that use mobile devices as part of their business strategy. While BYOD deployment can provide work flexibility, boost employees' productivity and be cost cutting for organisations, there are also many information security and privacy issues, with some widely recognised, and others less understood. This paper focuses on BYOD adoption, and its associated risks and mitigation strategies, investigating how both information security and privacy can be effectively achieved in BYOD environments. Design/methodology/approach-This research paper used a qualitative research methodology, applying the case study approach to understand both organisational and employee views, thoughts, opinions and actions in BYOD environments. Findings-This paper identifies and understands BYOD risks, threats and influences, and determines effective controls and procedures for managing organisational and personal information resources in BYOD. Research limitations/implications-The scope of this paper is limited to the inquiry and findings from organisations operating in Australia. This paper also suggests key implications that lie within the ability of organisations to adequately develop and deploy successful BYOD management and practices. Originality/value-This paper expands previous research investigating BYOD practices, and also provides a current best practice approach that can be used by organisations to systematically investigate and understand how to manage security and privacy risks in BYOD environments.
KW - computer security
KW - mobile computing
KW - privacy
KW - risk management
KW - security measures
UR - http://handle.westernsydney.edu.au:8081/1959.7/uws:45570
U2 - 10.1108/ICS-03-2016-0025
DO - 10.1108/ICS-03-2016-0025
M3 - Article
SN - 2056-4961
VL - 25
SP - 475
EP - 492
JO - Information and Computer Security
JF - Information and Computer Security
IS - 4
ER -