Compliance with bring your own device security policies in organizations: A systematic literature review

Abstract

The omnipresence of Bring Your Own Device (BYOD) in organizations and employees’ lives makes it a challenge to ensure adherence to security policy. In such situation, it is vital to understand the features of BYOD that impact the threat landscape, as well as identifying factors that contribute to security policy compliant behavior to create a secure environment in organizations. Though research on BYOD has progressed, the field still lacks a systematic literature analysis, as previous reviews have focused on traditional computing security policy compliance, leaving out the BYOD environment. A total of 21 articles published from 2012 to 2019 were reviewed systematically to answer a formulated set of research questions. The study reveals the unique features of the BYOD computing environment in organizations. This review provides an overview of the theories used to explain and predict security behaviors in this field and a detailed understanding of factors that influence BYOD security policy compliance behavior. Literature gaps for further research are proposed in this paper to present new insights in this field of research. Studies on BYOD security policy compliance remain scarce, which makes this review a novel contribution to human security behavioral studies.