The Influence of Cognitive Factors and Personality Traits on Mobile Device User\u27s Information Security Behavior

As individuals have become more dependent on mobile devices to communicate, to seek information, and to conduct business, their susceptibility to various threats to information security has also increased. Research has consistently shown that a user’s intention is a significant antecedent of information security behavior. Although research on user’s intention has expanded in the last few years, not enough is known about how cognitive factors and personality traits impact the adoption and use of mobile device security technologies. The purpose of this research was to empirically investigate the influence of cognitive factors and personality traits on mobile device user’s intention in regard to mobile device security technologies. A conceptual model was developed by combining constructs from both the Protection Motivation Theory (PMT) and the Big Five Factor Personality Traits. The data was collected using a web-based survey according to specific inclusion and exclusion criteria. Respondents were limited to adults 18 years or older who have been using their mobile devices to access the internet for at least one year. The Partial Least Square Structural Equation Modeling (PLS-SEM) was used to analyze the data gathered from a total of 356 responses received. The findings of this study show that perceived threat severity, perceived threat susceptibility, perceived response costs, response efficacy, and mobile self-efficacy have a significant positive effect on user’s intention. In particular, mobile self-efficacy had the strongest effect on the intention to use mobile device security technologies. Most of the personality traits factors were not found significant, except for conscientiousness. The user’s intention to use mobile device security technologies was found to have a significant effect on the actual usage of mobile device security technologies. Hence, the results support the suitability of the PMT and personality factors in the mobile device security technologies context. This study has contributed to information security research by providing empirical results on factors that influence the use of mobile device security technologies

Bluetooth familiarity: methods of calculation, applications and limitations

We present an approach for utilising a mobile device’s Bluetooth sensor to automatically identify social interactions and relationships between individuals in the real world. We show that a high degree of accuracy is achievable in the automatic identification of mobile devices of familiar individuals. This has implications for mobile device security, social networking and in context aware information access on a mobile device

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

Mobile devices, including smartphones and tablets, enable users to access corporate data from anywhere. In 2013, people will purchase 1.2 billion mobile devices, surpassing personal computers as the most common method for accessing the Internet. However, security of these mobile devices is a major concern for organizations. The two leading mobile operating systems (OS), Google’s Android OS and Apple’s iOS, both have security concerns as do the mobile applications and the major application markets. ‘Bring your own devices,’ where employees supply their own equipment for work-related purposes, can cut costs for organizations, but failing to address security can significantly increase those costs. This paper focuses on the increasing need for mobile business and its related mobile device security concerns. We propose that future IT professionals should be aware of these issues and learn how to secure mobile devices through the integration of the topic into the IT Model Curriculum. Using the case of one undergraduate IT program, we developed a set of mobile device security education recommendations, which we then mapped to the IT Model Curriculum using the guidelines from Accreditation Board for Engineering and Technology (ABET). This mapping approach demonstrates one way how higher education institutions could integrate mobile device security into any IT curriculum

Ensuring Mobile Device Security and Compliance at the Workplace

AbstractEnd users urgently request using mobile devices at their workplace. They know these devices from their private life and appreciate functionality and usability, and want to benefit from these advantages at work as well. Limitations and restrictions would not be accepted by them. On the contrary, companies are obliged to employ substantial organizational and technical measures to ensure data security and compliance when allowing to use mobile devices at the workplace. So far, only individual arrangements have been presented addressing single issues in ensuring data security and compliance. However, companies need to follow a comprehensive set of measures addressing all relevant aspects of data security and compliance in order to play it safe. Thus, in this paper at first technical architectures for using mobile devices in enterprise IT are reviewed. Thereafter a set of compliance rules is presented and, as major contribution, technical measures are explained that enable a company to integrate mobile devices into enterprise IT while still complying with these rules comprehensively. Depending on the company context, one or more of the technical architectures have to be chosen impacting the specific technical measures for compliance as elaborated in this paper. Altogether this paper, for the first time, correlates technical architectures for using mobile devices at the workplace with technical measures to assure data security and compliance according to a comprehensive set of rules

Ensuring Mobile Device Security and Compliance at the Workplace

End users urgently request using mobile devices at their workplace. They know these devices from their private life and appreciate functionality and usability, and want to benefit from these advantages at work as well. Limitations and restrictions would not be accepted by them. On the contrary, companies are obliged to employ substantial organizational and technical measures to ensure data security and compliance when allowing to use mobile devices at the workplace. So far, only individual arrangements have been presented addressing single issues in ensuring data security and compliance. However, companies need to follow a comprehensive set of measures addressing all relevant aspects of data security and compliance in order to play it safe. Thus, in this paper at first technical architectures for using mobile devices in enterprise IT are reviewed. Thereafter a set of compliance rules is presented and, as major contribution, technical measures are explained that enable a company to integrate mobile devices into enterprise IT while still complying with these rules comprehensively. Depending on the company context, one or more of the technical architectures have to be chosen impacting the specific technical measures for compliance as elaborated in this paper. Altogether this paper, for the first time, correlates technical architectures for using mobile devices at the workplace with technical measures to assure data security and compliance according to a comprehensive set of rules

An investigation into the security behaviour of tertiary students regarding mobile device security

The use of mobile devices is becoming more popular by the day. With all the different features that the smart mobile devices possess, it is starting to replace personal computers both for personal use and business use. There are also more attacks concerning security on mobile devices because of their increased usage and the security measures not as effective and well-known as on personal computers. The perceived perception is that the young adult population does not act safely and they have a low level of technical advanced knowledge when using their mobile devices. Mobile users are largely responsible to protect themselves and other users from a security viewpoint. This paper reports on a study including a survey done regarding the behaviour of tertiary students concerning security of their mobile devices. Aspects of mobile device security will be discussed and the current status of tertiary students’ behaviour regarding mobile device security will be presented resulting from a survey conducted at a South African University. Findings indicate that tertiary students have diverse behaviour levels concerning mobile device security. The value of these results is that we can focus on specific content when educating smart device users on the subject of security including avoidance of risky or unsafe behaviour. Recommendations in this regard are presented in this paper

An Exploration of Mobile Device Security Artifacts At Institutions Of Higher Education

The explosive growth and rapid proliferation of smartphones and other mobile devices that access data over communication networks has necessitated advocating and implementing security constraints for the purpose of abetting safe computing. Remote data access using mobile devices is particularly popular among students at institutions of higher education. To ensure safe harbor for constituents, it is imperative for colleges and universities to establish, disseminate, and enforce mobile device security artifacts, where artifacts is defined as policies, procedures, guidelines or other documented or undocumented protocols. The purpose of this study is to explore the existence of, specific content of, and the general current state of published mobile device artifacts at higher education institutions. Results show that such artifacts are only sparsely available through public university websites, and even when available, rarely address mobile device security specifically

Automatic Activation of Mobile Device Security Upon Detection of Theft

This disclosure describes techniques to reduce the risk of a data breach when a mobile device is stolen. In certain modes, e.g., augmented reality (AR) mode, selfie mode, etc., optimal use of a mobile device requires that the user hold the device out at an arm’s length in a public location, leading to an increased likelihood of theft. With user permission, a potential risk state is activated upon detecting such use of the device. If sudden movement of the device, e.g., as detected by an on-board accelerometer, location sensor, or other sensor is detected, the device is automatically locked, requiring user authentication for data access. If the user permits, location tracking is also activated which can assist physical recovery of the device

Training Wheels: A New Approach to Teaching Mobile Device Security

Despite massive investments in cyber security education, training, and awareness programs, most people retain unsafe mobile computing habits. They not only jeopardize their own data, but also risk the security of their associated organizations. It appears that conventional training programs are not ingraining sound security practices on trainees. This research questions the efficacy of legacy SETA frameworks and proposes a new cyber training tool for mobile devices. The tool is called Training Wheels. Training Wheels stands a number of cyber security training practices on their heads: instead of using punitive methods of reinforcement it provides rewards to encourage good behavior, instead of summary measures of security compliance it gives real-time feedback, and instead of isolating participants it displays participants’ performance relative to their peers. These changes are grounded in established psychological theory. They are incorporated as key features of Training Wheels. Besides introducing the new training tool, this study also provides recommendations for its usage and implications for research