Investigating the influence of security, privacy, and legal concerns on employees' intention to use BYOD mobile devices

The concept of Bring-Your-Own-Device (BYOD) describes the trend of employees using their private mobile devices to manage corporate data from anywhere at any time. BYOD can increase employees' productivity and be cost-cutting for organizations. To implement BYOD, organizations are dependent on employees’ acceptance of BYOD, because employees' participation usually is voluntary. As employees' acceptance is affected by uncertainty, we investigate the influence of security, privacy, and legal concerns on the intention to use BYOD mobile devices. A research model is developed based on the theory of reasoned action (TRA) and the technology acceptance model (TAM), which is tested by means of structural equation modeling (SEM) with data collected from 151 employees. Our results indicate a significant impact of the concerns on employees’ acceptance. Moreover, our study reveals employees' indecision towards their intention to use their private mobile devices for working purposes. Several implications for future research and practitioners are given

Future of Flexible Work in the Digital Age: Bring Your Own Device Challenges of Privacy Protection

The future of work is getting increasingly flexible due to the rising expectations of employees away from traditional 9-to-5 office work towards flexible work hours, which drives employees to use their mobile devices for work. This ever-growing phenomenon of Bring Your Own Device (BYOD) creates security risks for companies, which leads to an implementation of mobile device management (MDM) solutions to secure and monitor employees’ mobile devices. We present insights from two multinational case companies, where works councils have expressed their concerns for privacy intrusion into employees’ lives through BYOD. To examine whether employees share works councils’ concerns, we conducted a survey with 542 employees from three countries: United States, Germany, and South Korea. Results of a structural equation modeling show that American employees place greater emphasis on BYOD risks associated with privacy concerns compared to employees from Germany and South Korea

Mobile information systems' security, privacy, and environmental sustainability aspects

[no abstract

Bring Your Own Device (BYOD): Risks to Adopters and Users

Bring your own device (BYOD) policy refers to a set of regulation broadly adopted by organizations that allows employee-owned mobile devices – like as laptops, smartphones, personal digital assistant and tablets – to the office for use and connection to the organizations IT infrastructure. BYOD offers numerous benefits ranging from plummeting organizational logistic cost, access to information at any time and boosting employee’s productivity. On the contrary, this concept presents various safety issues and challenges because of its characteristic security requirements. This study explored diverse literature databases to identify and classify BYOD policy adoption issues, possible control measures and guidelines that could hypothetically inform organizations and users that adopt and implement BYOD policy. The literature domain search yielded 110 articles, 26 of them were deemed to have met the inclusion standards. In this paper, a list of possible threats/vulnerabilities of BYOD adoption were identified. This investigation also identified and classified the impact of the threats/vulnerabilities on BYOD layered components according to security standards of “FIPS Publication 199” for classification. Finally, a checklist of measures that could be applied by organizations & users to mitigate BYOD vulnerabilities using a set layered approach of data, device, applications, and people were recommended

Unraveling the Effect of Personal Innovativeness on Bring-Your-Own-Device (BYOD) Intention - The Role of Perceptions Towards Enterprise-Provided and Privately-Owned Technologies

Consumerization of information technology (IT) refers to consumer technologies finding their way into enterprises. In this context, bring-your-own-device (BYOD) describes the phenomenon of privately-owned mobile devices being brought into organizations. While research on the general topic is scarce, initial studies have identified personal innovativeness in IT as one important driver for this behavior. However, the reasons why innovative people are more likely to use their privately-owned devices for work remain largely undiscovered. This study argues that technology acceptance factors with respect to both the enterprise-provided as well as the privately-owned mobile devices are important mediators. Moreover, a model using perceived usefulness and perceived ease of use as mediators is derived. The model’s underlying hypotheses are then tested using data from a quantitative survey in Germany. The results show that beliefs towards the ease of use of both the enterprise-provided as well as the privately owned mobile IT mediate the relationship between personal innovativeness in IT and BYOD intention. The findings are discussed with respect to implications for theory and practice and an outlook is given on potential future research

BYOD adoption concerns in the South African financial institution sector

Bring Your Own Device (BYOD) is an emerging trend and practice that is growing in use in many organizations. There is however very limited literature on BYOD in the context of financial institutions from a developing country perspective. The dearth of such studies is problematic because financial institutions deal with a lot of sensitive and confidential information and therefore their adoption of BYOD could be detrimental to their practice. This study contributes to this gap in literature by providing empirical observation that show how technological and contextual factors affect financial institutions adoption of BYOD. Following a qualitative approach, and using semi structured interviews as a source of data collection; the findings show that cost, complexity, a culture of innovation, and top management support were factors that were perceived as enablers of BYOD. South African organizations in the financial services use BYOD to help add value to their work as opposed to it being a cost saving necessity. However, the continuous changes in government regulation regarding the use of data; and the lack of conducive ICT infrastructure were deemed as hindrances to BYOD. As a result of the changing regulations and the lack of knowhow on implementation of these regulations, most organizations failed to formalize their BYOD strategies

Cybersecurity Strategies for Universities With Bring Your Own Device Programs

The bring your own device (BYOD) phenomenon has proliferated, making its way into different business and educational sectors and enabling multiple vectors of attack and vulnerability to protected data. The purpose of this multiple-case study was to explore the strategies information technology (IT) security professionals working in a university setting use to secure an environment to support BYOD in a university system. The study population was comprised of IT security professionals from the University of California campuses currently managing a network environment for at least 2 years where BYOD has been implemented. Protection motivation theory was the study\u27s conceptual framework. The data collection process included interviews with 10 IT security professionals and the gathering of publicly-accessible documents retrieved from the Internet (n = 59). Data collected from the interviews and member checking were triangulated with the publicly-accessible documents to identify major themes. Thematic analysis with the aid of NVivo 12 Plus was used to identify 4 themes: the ubiquity of BYOD in higher education, accessibility strategies for mobile devices, the effectiveness of BYOD strategies that minimize risk, and IT security professionals\u27 tasks include identifying and implementing network security strategies. The study\u27s implications for positive social change include increasing the number of users informed about cybersecurity and comfortable with defending their networks against foreign and domestic threats to information security and privacy. These changes may mitigate and reduce the spread of malware and viruses and improve overall cybersecurity in BYOD-enabled organizations

Cybersecurity Strategies for Universities With Bring Your Own Device Programs

The bring your own device (BYOD) phenomenon has proliferated, making its way into different business and educational sectors and enabling multiple vectors of attack and vulnerability to protected data. The purpose of this multiple-case study was to explore the strategies information technology (IT) security professionals working in a university setting use to secure an environment to support BYOD in a university system. The study population was comprised of IT security professionals from the University of California campuses currently managing a network environment for at least 2 years where BYOD has been implemented. Protection motivation theory was the study\u27s conceptual framework. The data collection process included interviews with 10 IT security professionals and the gathering of publicly-accessible documents retrieved from the Internet (n = 59). Data collected from the interviews and member checking were triangulated with the publicly-accessible documents to identify major themes. Thematic analysis with the aid of NVivo 12 Plus was used to identify 4 themes: the ubiquity of BYOD in higher education, accessibility strategies for mobile devices, the effectiveness of BYOD strategies that minimize risk, and IT security professionals\u27 tasks include identifying and implementing network security strategies. The study\u27s implications for positive social change include increasing the number of users informed about cybersecurity and comfortable with defending their networks against foreign and domestic threats to information security and privacy. These changes may mitigate and reduce the spread of malware and viruses and improve overall cybersecurity in BYOD-enabled organizations

Governing information security within the context of "bring your own device" in small, medium and micro enterprises

Throughout history, information has been core to the communication, processing and storage of most tasks in the organisation, in this case in Small-Medium and Micro Enterprises (SMMEs). The implementation of these tasks relies on Information and Communication Technology (ICT). ICT is constantly evolving, and with each developed ICT, it becomes important that organisations adapt to the changing environment. Organisations need to adapt to the changing environment by incorporating innovative ICT that allows employees to perform their tasks with ease anywhere and anytime, whilst reducing the costs affiliated with the ICT. In this modern, performing tasks with ease anywhere and anytime requires that the employee is mobile whilst using the ICT. As a result, a relatively new phenomenon called “Bring Your Own Device” (BYOD) is currently infiltrating most organisations, where personally-owned mobile devices are used to access organisational information that will be used to conduct the various tasks of the organisation. The use of BYOD in organisations breeds the previously mentioned benefits such as performing organisational tasks anywhere and anytime. However, with the benefits highlighted for BYOD, organisations should be aware that there are risks to the implementation of BYOD. Therefore, the implementation of BYOD deems that organisations should implement BYOD with proper management thereof