South African Journal of Information Management (Nov 2018)

An information security behavioural model for the bring-your-own-device trend

  • Alfred Musarurwa,
  • Stephen Flowerday,
  • Liezel Cilliers

DOI
https://doi.org/10.4102/sajim.v20i1.980
Journal volume & issue
Vol. 20, no. 1
pp. e1 – e9

Abstract

Read online

Background: Organisations have found themselves in a race to embrace bringing your own device (BYOD) in their day-to-day business operations, while at the same time needing to maintain their information security management standards. BYOD is convenient for employees as it allows them to conduct business anywhere and at any time. However, this has resulted in organisations having to rethink their information security management, as BYOD now extends the information security management boundaries to wherever the employees takes their device and wherever there is a network access point. Objective: While technical solutions are offered by various BYOD solution providers, the theme of this article is to propose employee behavioural change for organisations to mitigate the risks that are associated with the BYOD phenomenon. Methods: For this purpose, a literature review was conducted, culminating in the identification of six key traits for the development of a behavioural intention model towards information security. Using the six traits, a questionnaire was developed and loaded on SurveyMonkey, and a survey was subsequently conducted among 270 employees of a selected bank in Zimbabwe. Results: A total of 205 employees responded to the survey, with 179 of the responses being deemed usable (i.e. a response rate of 87%). Data obtained from the survey were subjected to statistical tests, the conclusions of which were used to create the BYOD information security behavioural (BISB) model. Conclusion: The article concludes by proposing the BISB model as an effective option for mitigating the information security challenges in BYOD.

Keywords