Original Research

An information security behavioural model for the bring-your-own-device trend

Alfred Musarurwa, Stephen Flowerday, Liezel Cilliers
SA Journal of Information Management | Vol 20, No 1 | a980 | DOI: https://doi.org/10.4102/sajim.v20i1.980 | © 2018 Alfred Musarurwa, Stephen Flowerday, Liezel Cilliers | This work is licensed under CC Attribution 4.0
Submitted: 05 March 2018 | Published: 05 November 2018

About the author(s)

Alfred Musarurwa, Department of Information Systems, University of Fort Hare, South Africa
Stephen Flowerday, Department of Information Systems, University of Fort Hare, South Africa
Liezel Cilliers, Department of Information Systems, University of Fort Hare, South Africa

Share this article

Bookmark and Share


Background: Organisations have found themselves in a race to embrace bringing your own device (BYOD) in their day-to-day business operations, while at the same time needing to maintain their information security management standards. BYOD is convenient for employees as it allows them to conduct business anywhere and at any time. However, this has resulted in organisations having to rethink their information security management, as BYOD now extends the information security management boundaries to wherever the employees takes their device and wherever there is a network access point.

Objective: While technical solutions are offered by various BYOD solution providers, the theme of this article is to propose employee behavioural change for organisations to mitigate the risks that are associated with the BYOD phenomenon.

Methods: For this purpose, a literature review was conducted, culminating in the identification of six key traits for the development of a behavioural intention model towards information security. Using the six traits, a questionnaire was developed and loaded on SurveyMonkey, and a survey was subsequently conducted among 270 employees of a selected bank in Zimbabwe.

Results: A total of 205 employees responded to the survey, with 179 of the responses being deemed usable (i.e. a response rate of 87%). Data obtained from the survey were subjected to statistical tests, the conclusions of which were used to create the BYOD information security behavioural (BISB) model.

Conclusion: The article concludes by proposing the BISB model as an effective option for mitigating the information security challenges in BYOD.


BYOD; unintended administrator; behavioural intention; BISB


Total abstract views: 1147
Total article views: 1434


Crossref Citations

1. Reliability, Validity, and Strength of a Unified Model for Information Security Policy Compliance
Alex Koohang, Jeretta Horn Nord, Zoroayka V. Sandoval, Joanna Paliszkiewicz
Journal of Computer Information Systems  first page: 1  year: 2020  
doi: 10.1080/08874417.2020.1779151