The establishment of a mobile phone information security culture: linking student awareness and behavioural intent

The information security behaviour of technology users has become an increasingly popular research area as security experts have come to recognise that while securing technology by means of firewalls, passwords and offsite backups is important, such security may be rendered ineffective if the technology users themselves are not information security conscious. The mobile phone has become a necessity for many students but, at the same time, it exposes them to security threats that may result in a loss of information. Students in developing countries are at a disadvantage because they have limited access to information relating to information security threats, unlike their counterparts in more developed societies who can readily access this information from sources like the Internet. The developmental environment is plagued with challenges like access to the Internet or limited access to computers. The poor security behaviour exhibited by student mobile phone users, which was confirmed by the findings of this study, is of particular interest in the university context as most undergraduate students are offered a computer-related course which covers certain information security-related principles. During the restructuring of the South African higher education system, smaller universities and technikons (polytechnics) were merged to form comprehensive universities. Thus, the resultant South African university landscape is made up of traditional and comprehensive universities as well as universities of technology. Ordinarily, one would expect university students to have similar profiles. However in the case of this study, the environment was a unique factor which had a direct impact on students’ learning experiences and learning outcomes. Mbeki (2004) refers to two economies within South Africa the first one is financially sound and globally integrated, and the other found in urban and rural areas consists of unemployed and unemployable people who do not benefit from progress in the first economy. Action research was the methodological approach which was chosen for the purposes of this study to collect the requisite data among a population of university students from the ‘second economy’. The study focuses on the relationship between awareness and behavioural intention in understanding mobile phone user information security behaviour. The study concludes by proposing a behaviour profile forecasting framework based on predefined security behavioural profiles. A key finding of this study is that the security behaviour exhibited by mobile phone users is influenced by a combination of information security awareness and information security behavioural intention, and not just information security awareness

Small hospitality enterprises and the internet: an IT governance model for conducting business online

The Internet has made a considerable impact on how business is conducted. Empowered by technology consumers are using the Internet as a tool to communicate and transact online. E-commerce (electronic commerce) presents opportunities for business to gain a competitive advantage, however it also posses certain challenges. Small and Medium Hospitality Enterprises (SMHEs) sector within the tourism industry, is one of the sectors which stands to benefit from using the Internet for business. Researchers agree that the contribution made by the tourism sector in developing economies is substantial. However, SMHEs are noted for their failure to derive optimal benefits from using the Internet for business to improve their competitiveness. This study which seeks to develop a model for use by SMHEs as a guide when making the decision to adopt technology was necessitated by the importance of SMHE’s contribution in the economy of developing countries. This model is based on the examination of existing theories and models such as; the Delone and McLean IS success model (2004), and the ITGI’s (2007) IT governance focus areas model. To elicit the desired outcomes, additional data was collected using questionnaires, interviews, and observations. The collected data was analysed and resulted in the development of a model that can be used by SMHEs in order to derive value from IT and to gain a competitive advantage