Employees’ BYOD security policy compliance in the public sector
Document Type
Article
Publication Date
1-1-2024
Abstract
The proliferation of the Bring Your Own Device (BYOD) policy has instigated a widespread change across organizations. However, employees’ compliance toward BYOD security policy remains a challenge. Building on the organizational control, security culture, and social cognitive theory, a research framework for analyzing BYOD security policy compliance factors was developed in this study. To validate the framework, 346 responses were obtained from three Critical National Information Infrastructure (CNII) agencies. Using Partial Least Square-Sequential Equation Modelling (PLS-SEM), the study confirmed that perceived mandatoriness, self-efficacy, and psychological ownership are influential in predicting BYOD security policy compliance. Specification of policy is associated with perceived mandatoriness. Self-efficacy is associated with both BYOD IT support and SETA. Further, security culture was found to have no significant relationship with BYOD security policy compliance. © 2023 International Association for Computer Information Systems.
Keywords
Compliance control, Personnel training, Bring your own device security policy, Bring your own devices, Organizational control theory, Organizational controls, Policy compliance, Public sector, Public sector security policy, Security awareness, Security culture, Security policy, Security policy compliance, Security training, Social cognitive theory, Security systems
Divisions
Computer,infosystem
Funders
Ministry of Higher Education, Malaysia,Kementerian Pendidikan Malaysia [Grant no. FP056-2019A, FRGS/1/2019/ICT04/UM/02/1]
Publication Title
Journal of Computer Information Systems
Volume
64
Issue
1
Publisher
Taylor and Francis Ltd.