Litcius/Paper detail

BYOD Policy Compliance: Risks and Strategies in Organizations

Rathika Palanisamy, Azah Anir Norman, Miss Laiha Mat Kiah

2020Journal of Computer Information Systems46 citationsDOI

Abstract

The proliferation of mobile devices has brought the Bring Your Own Device (BYOD) trend in organizations, along with significant challenges when employees fail to comply with security policies. Previous reviews in this research area had focused solely on the technical issues surrounding BYOD implementation while leaving out the human behavior in complying with security policies which is a major contributing factor to security vulnerabilities. In this paper, we systematically review the literature to gather evidences related to security risks, challenges posed by employees’ security policy noncompliance behavior and mitigation strategies to address them. The risks are mapped according to the People, Process and Technology (PPT) Model. The review reports that security policy compliance in a BYOD environment remains scarce which makes this review a novel contribution to research on human security behavior in Information System (IS). In addition, open research problems and future research directions are presented in the paper.

Topics & Concepts

Bring your own deviceCompliance (psychology)Security policyBusinessProcess (computing)Risk analysis (engineering)Information securityComputer securityMobile deviceInternet privacyComputer sciencePsychologySocial psychologyOperating systemInformation and Cyber SecurityPrivacy, Security, and Data ProtectionCybercrime and Law Enforcement Studies