Original Research

An information security behavioural model for the bring-your-own-device trend

Alfred Musarurwa, Stephen Flowerday, Liezel Cilliers
South African Journal of Information Management | Vol 20, No 1 | a980 | DOI: https://doi.org/10.4102/sajim.v20i1.980 | © 2018 Alfred Musarurwa, Stephen Flowerday, Liezel Cilliers | This work is licensed under CC Attribution 4.0
Submitted: 05 March 2018 | Published: 05 November 2018

About the author(s)

Alfred Musarurwa, Department of Information Systems, University of Fort Hare, South Africa
Stephen Flowerday, Department of Information Systems, University of Fort Hare, South Africa
Liezel Cilliers, Department of Information Systems, University of Fort Hare, South Africa

Abstract

Background: Organisations have found themselves in a race to embrace bringing your own device (BYOD) in their day-to-day business operations, while at the same time needing to maintain their information security management standards. BYOD is convenient for employees as it allows them to conduct business anywhere and at any time. However, this has resulted in organisations having to rethink their information security management, as BYOD now extends the information security management boundaries to wherever the employees takes their device and wherever there is a network access point.

Objective: While technical solutions are offered by various BYOD solution providers, the theme of this article is to propose employee behavioural change for organisations to mitigate the risks that are associated with the BYOD phenomenon.

Methods: For this purpose, a literature review was conducted, culminating in the identification of six key traits for the development of a behavioural intention model towards information security. Using the six traits, a questionnaire was developed and loaded on SurveyMonkey, and a survey was subsequently conducted among 270 employees of a selected bank in Zimbabwe.

Results: A total of 205 employees responded to the survey, with 179 of the responses being deemed usable (i.e. a response rate of 87%). Data obtained from the survey were subjected to statistical tests, the conclusions of which were used to create the BYOD information security behavioural (BISB) model.

Conclusion: The article concludes by proposing the BISB model as an effective option for mitigating the information security challenges in BYOD.


Keywords

BYOD; unintended administrator; behavioural intention; BISB

Metrics

Total abstract views: 4116
Total article views: 5813

 

Crossref Citations

1. Reliability, Validity, and Strength of a Unified Model for Information Security Policy Compliance
Alex Koohang, Jeretta Horn Nord, Zoroayka V. Sandoval, Joanna Paliszkiewicz
Journal of Computer Information Systems  vol: 61  issue: 2  first page: 99  year: 2021  
doi: 10.1080/08874417.2020.1779151

2. BYOD security issues: a systematic literature review
Melva Ratchford, Omar El-Gayar, Cherie Noteboom, Yong Wang
Information Security Journal: A Global Perspective  vol: 31  issue: 3  first page: 253  year: 2022  
doi: 10.1080/19393555.2021.1923873

3. Extending unified theory of acceptance and use of technology with ISO/IEC 27001 security standard to investigate factors influencing Bring Your Own Device adoption in South Africa
Thembekile Mayayise
SA Journal of Information Management  vol: 23  issue: 1  year: 2021  
doi: 10.4102/sajim.v23i1.1376

4. Exploring information systems security implications posed by BYOD for a financial services firm
Joel Chigada, Naailah Daniels
Business Information Review  vol: 38  issue: 3  first page: 115  year: 2021  
doi: 10.1177/02663821211036400