Coping with BYOD Security Threat: From Management Perspective

Bring Your Own Device (BYOD) has been a generational phenomenon and the trend is still growing. While BYOD increases convenience, efficiency, productivity and flexibility, it also brings a range of new security risks such as ease of device loss, data contamination, and loss of control to corporate network. Management should consider adopting specific technical measures, establishing additional BYOD security policies, explaining to employees, and educating them to apply measures and to comply with the policies. Based on the protection motivation theory (PMT), this study proposes a theoretical model to identify factors affecting organizations’ coping with security threat of BYOD, which so far has not been empirically studied in the literature. This model also enriches general PMT by investigating how unique BYOD features may affect managers' risk analysis perception and finally the intention to adopt BYOD security measures and policies.

[1]  Ritu Agarwal,et al.  Practicing Safe Computing: A Multimedia Empirical Examination of Home Computer User Security Behavioral Intentions , 2010, MIS Q..

[2]  Amitava Dutta,et al.  Management's Role in Information Security in a Cyber Economy , 2002 .

[3]  Zoran Marjanovic Effectiveness of security controls in BYOD environments , 2013 .

[4]  Jeffrey M. Voas,et al.  BYOD: Security and Privacy Considerations , 2012, IT Professional.

[5]  D. Sandy Staples,et al.  Dimensions of Information Systems Success , 1999, Commun. Assoc. Inf. Syst..

[6]  W. Scott 'Institutionalized Organizations: Formal Structure as Myth and Ceremony', American Journal of Sociology, 83, pp. 340-63. , 2016 .

[7]  Younghwa Lee,et al.  Threat or coping appraisal: determinants of SMB executives’ decision to adopt anti-malware software , 2009, Eur. J. Inf. Syst..

[8]  Randall Young,et al.  Evaluating the Perceived Impact of Collaborative Exchange and Formalization on Information Security , 2010, Journal of International Technology and Information Management.

[9]  Hormazd Romer,et al.  Best practices for BYOD security , 2014 .

[10]  Detmar W. Straub,et al.  Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..

[11]  Detmar W. Straub,et al.  Security lapses and the omission of information security measures: A threat control model and empirical test , 2008, Comput. Hum. Behav..

[12]  David Rivera,et al.  Analysis of security controls for BYOD (Bring Your Own Device) , 2013 .

[13]  Yufei Yuan,et al.  Understanding user behaviour in coping with security threats of mobile device loss and theft , 2014, Int. J. Mob. Commun..

[14]  Robert E. Crossler,et al.  Understanding Compliance with Bring Your Own Device Policies Utilizing Protection Motivation Theory: Bridging the Intention-Behavior Gap , 2014, J. Inf. Syst..

[15]  R. W. Rogers,et al.  A Protection Motivation Theory of Fear Appeals and Attitude Change1. , 1975, The Journal of psychology.

[16]  R. Rogers Cognitive and physiological processes in fear appeals and attitude change: a revised theory of prote , 1983 .