BYOD policy compliance: risks and strategies in organizations
Document Type
Article
Publication Date
1-2-2022
Abstract
The proliferation of mobile devices has brought the Bring Your Own Device (BYOD) trend in organizations, along with significant challenges when employees fail to comply with security policies. Previous reviews in this research area had focused solely on the technical issues surrounding BYOD implementation while leaving out the human behavior in complying with security policies which is a major contributing factor to security vulnerabilities. In this paper, we systematically review the literature to gather evidences related to security risks, challenges posed by employees' security policy noncompliance behavior and mitigation strategies to address them. The risks are mapped according to the People, Process and Technology (PPT) Model. The review reports that security policy compliance in a BYOD environment remains scarce which makes this review a novel contribution to research on human security behavior in Information System (IS). In addition, open research problems and future research directions are presented in the paper.
Keywords
Bring Your Own Device, BYOD, Security policy compliance, Security behavior, Risk and mitigation strategies
Divisions
Computer
Funders
Ministry of Education (MOE), Malaysia under the Fundamental Research Grant Scheme FRGS [FP056-2019A]
Publication Title
Journal of Computer Information Systems
Volume
62
Issue
1
Publisher
Taylor & Francis
Publisher Location
530 WALNUT STREET, STE 850, PHILADELPHIA, PA 19106 USA