BYOD adoption concerns in the South African financial institution sector

Bring Your Own Device (BYOD) is an emerging trend and practice that is growing in use in many organizations. There is however very limited literature on BYOD in the context of financial institutions from a developing country perspective. The dearth of such studies is problematic because financial institutions deal with a lot of sensitive and confidential information and therefore their adoption of BYOD could be detrimental to their practice. This study contributes to this gap in literature by providing empirical observation that show how technological and contextual factors affect financial institutions adoption of BYOD. Following a qualitative approach, and using semi structured interviews as a source of data collection; the findings show that cost, complexity, a culture of innovation, and top management support were factors that were perceived as enablers of BYOD. South African organizations in the financial services use BYOD to help add value to their work as opposed to it being a cost saving necessity. However, the continuous changes in government regulation regarding the use of data; and the lack of conducive ICT infrastructure were deemed as hindrances to BYOD. As a result of the changing regulations and the lack of knowhow on implementation of these regulations, most organizations failed to formalize their BYOD strategies

Using the Control Balance Theory to Explain Social Media Deviance

Online Social Media Deviance (OSMD) is one the rise; however, research in this area traditionally has lacked a strong theoretical foundation. Following calls to reveal the theoretical underpinnings of this complex phenomenon, our study examines the causes of OSMD from several novel angles not used in the literature before, including: (1) the influence of control imbalances (CIs) on deviant behavior, (2) the role of perceived accountability and deindividuation in engendering CI, (3) and the role of IT in influencing accountability and deindividuation. Using an innovative factorial survey method that enabled us to manipulate the IT artifacts for a nuanced view, we tested our model with 507 adults and found strong support for our model. The results should thus have a strong impetus not only on future SM research but also for social media (SM) designers who can use these ideas to further develop SM networks that are safe, supportive, responsible, and constructive

Sensitizing Employees’ Corporate IS Security Risk Perception

Motivated by recent practical observations of employees’ unapproved sourcing of cloud services at work, this study empirically evaluates bring your own cloud (BYOC) policies and social interactions of the IT department to sensitize employees’ security risk perception. Based on social information processing theory, BYOC strategies varying in the level of restriction from the obligatory, recommended, permitted, not regulated, to the prohibited usage of cloud services in the organization as well as social information including IT department’s policies, recommendations and responsiveness, are assessed according to their influence on employees’ perceived security risk to the organization. Results of a mixed-method approach containing expert interviews and survey data of 115 computer users in SME and large-scale enterprises analyzed using Kruskal-Wallis and WarpPLS-SEM identify the organizational-wide prohibition of and IT department’s advices against the cloud service usage at the workplace as the most effective actions to guarantee the protection of the organizational IT assets

Future of Flexible Work in the Digital Age: Bring Your Own Device Challenges of Privacy Protection

The future of work is getting increasingly flexible due to the rising expectations of employees away from traditional 9-to-5 office work towards flexible work hours, which drives employees to use their mobile devices for work. This ever-growing phenomenon of Bring Your Own Device (BYOD) creates security risks for companies, which leads to an implementation of mobile device management (MDM) solutions to secure and monitor employees’ mobile devices. We present insights from two multinational case companies, where works councils have expressed their concerns for privacy intrusion into employees’ lives through BYOD. To examine whether employees share works councils’ concerns, we conducted a survey with 542 employees from three countries: United States, Germany, and South Korea. Results of a structural equation modeling show that American employees place greater emphasis on BYOD risks associated with privacy concerns compared to employees from Germany and South Korea

Unraveling the Effect of Personal Innovativeness on Bring-Your-Own-Device (BYOD) Intention - The Role of Perceptions Towards Enterprise-Provided and Privately-Owned Technologies

Consumerization of information technology (IT) refers to consumer technologies finding their way into enterprises. In this context, bring-your-own-device (BYOD) describes the phenomenon of privately-owned mobile devices being brought into organizations. While research on the general topic is scarce, initial studies have identified personal innovativeness in IT as one important driver for this behavior. However, the reasons why innovative people are more likely to use their privately-owned devices for work remain largely undiscovered. This study argues that technology acceptance factors with respect to both the enterprise-provided as well as the privately-owned mobile devices are important mediators. Moreover, a model using perceived usefulness and perceived ease of use as mediators is derived. The model’s underlying hypotheses are then tested using data from a quantitative survey in Germany. The results show that beliefs towards the ease of use of both the enterprise-provided as well as the privately owned mobile IT mediate the relationship between personal innovativeness in IT and BYOD intention. The findings are discussed with respect to implications for theory and practice and an outlook is given on potential future research

Neural Correlates of Protection Motivation for Secure IT Behaviors: An fMRI Examination

Information security management programs have long included “fear appeals”, managerial communiqués designed to promote secure behaviors among organizational insiders. However, recent research has found a conflict between the predictions of contemporary fear appeal theory for how we expect individuals to experience fear appeals and what actually occurs in IS security situations. Using the opportunity presented by neuroimaging tools to examine cognitive and affective reactions to fear appeals, we take a comparative look at the contentions of fear appeal theory and the realities of what insiders experience neurologically when exposed to ecologically relevant IS security fear appeals. Our fMRI results suggest that fear appeals elicit threat and threat response assessments, which partially supports fear appeal theory but does not support the presence of an actual fear response. Furthermore, appraisals of recommended threat responses had a stronger impact on intentions to enact security behaviors than appraisals of the threat itself, which suggests that a focus on threats might be misplaced. Instead, focusing on ways to make the responses to the threats more appealing to users might work better. These controversial findings suggest future research that should explore how fear appeals play out in IS security and in what ways

Shared Benefits and Information Privacy: What Determines Smart Meter Technology Adoption?

An unexplored gap in IT adoption research concerns the positive role of shared benefits even when personal information is exposed. To explore the evaluation paradigm of shared benefits versus the forfeiture of personal information, we analyze how utility consumers use smart metering technology (SMT). In this context, utility companies can monitor electricity usage and directly control consumers’ appliances to disable them during peak load conditions. Such information could reveal consumers’ habits and lifestyles and, thus, stimulating concerns about their privacy and the loss of control over their appliances. Responding to calls for theory contextualization, we assess the efficacy of applying extant adoption theories in this emergent context while adding the perspective of the psychological ownership of information. We use the factorial survey method to assess consumers’ intentions to adopt SMT in the presence of specific conditions that could reduce the degree of their privacy or their control over their appliances and electricity usage data. Our findings suggest that, although the shared benefit of avoiding disruptions in electricity supply (brownouts) is a significant factor in electricity consumers’ decisions to adopt SMT, concerns about control and information privacy are also factors. Our findings extend the previous adoption research by exploring the role of shared benefits and could provide utility companies with insights into the best ways to present SMT to alleviate consumers’ concerns and maximize its adoption

Implications of Monitoring Mechanisms on Bring Your Own Device (BYOD) Adoption

Bring Your Own Device (BYOD) policies permit employees to use personal devices to access organizational information. Users gain convenience from the ability to work in geographically diverse locations, while organizations gain the benefit of increased productivity and reduced information technology expense. However, these symbiotic benefits come at a cost. Organizations’ security boundaries are now extended to include personal devices, which must be controlled to mitigate data exfiltration. This control comes in the form of monitoring employees’ personal devices, which infringe on their privacy. The monitoring mechanisms employed by organizations play a critical role in employee participation in a BYOD program. This study investigates the impact of monitoring mechanisms, privacy concerns, and job performance when evaluating whether to participate in a BYOD program. A factorial survey design was developed to test the hypotheses. Initial testing was performed and was used to modify the instrument for the main study currently in progress

Ranking Factors by Importance in Factorial Survey Analysis

Factorial survey analysis is a statistical technique with a long history of use in decision-oriented organizational and information systems (IS) research. The technique produces a collection of standardized regression coefficients that help one to rank survey factors by importance. However, such rankings may be invalid because a researcher might not account for two related issues: unequal factor (i.e., dimension) manipulation effect sizes and the inherent multilevel structure of factorial survey data. We address these concomitant issues by demonstrating the ranking problem in simulated datasets, explaining the ranking problem’s underlying statistical causes, and justifying the use of remediating statistical methods. In particular, we focus on coding proportional to effect, a technique in which one consolidates corresponding dimension-level dummy (0, 1) variables into a single re-calibrated independent variable that is regressed on the dependent variable. One then uses the resulting standardized coefficients to rank the factors. We assess the advantages, disadvantages, and limitations of remediation techniques and offer suggestions for future information systems research

Bring Your Own Device (BYOD) adoption in South African SMEs

The advancement in technological development is now altering the conventional order in the diffusion of IT innovation from a top-down approach (organisation to employees) to a bottom-up approach (employees to organisation). This change is more notable in developed economies and has led to the Bring Your Own Device (BYOD) phenomenon which promises increased productivity for employees and their organisations. There have been several studies on the corporate adoption of BYOD but few have investigated the phenomenon from a small and medium enterprise (SME) perspective and from developing countries specifically. This study investigated the BYOD phenomenon in South African SMEs. The goal was to identify contextual factors influencing BYOD adoption with the purpose of understanding how these factors shaped and reshaped by SME actions. The Perceived EReadiness Model (PERM) was adopted to unearth contextual BYOD adoption factors, while the Structuration Theory was adopted as the theoretical lens from which the social construction of the BYOD phenomenon was understood. The study adopted an interpretive stance and was qualitative in nature. Data was collected from SMEs using semi-structured interviews, and analysed using a thematic analysis approach. The findings show that for BYOD to be adopted and institutionalized in an SME there needs to be organisational readiness in terms of awareness, management support, business resources, human resources, employees' pressure, formal governance, and technological readiness. Specifically, business resources, management support and technological readiness were perceived to be of the outmost importance to the success of BYOD. Environmental factors of market forces, support from industry, government readiness and the sociocultural factor are identified. Findings from the structuration analysis reports the presence of rules and resources (structures) which SMEs draw upon in their BYOD actions and interactions. It provides understanding on the guiding structures such as "no training" and "no formal governance" within which BYOD meanings are formed, and actions such as allowing employees to use their devices to access organisational resources without the fear of security breaches and data theft, are enacted. While it is true that the successive adoption of ICTs in organisation depends on the availability of a conducive formal policy, findings in the study show that SMEs used their business resources and management support as guiding structures of domination which were legitimized by internal informal verbal rules, lack of an institutional BYOD specific policy, minimal industry support; and the presences of social pressure