Security Issues with Mobile IT: A Narrative Review of Bring Your Own Device (BYOD).

Joy I Udobi ,Felix C Aguboshim

doi:10.7176/jiea/8-1-07

Abstract

The use of employee-owned mobile devices such as smart phones, tablets, laptops, etc., to access business enterprise content or networks otherwise referred to as of ‘Bring Your Own Device’ (BYOD) has further made the confidentiality, integrity, and availability of organizations’ data become insecure, and prone to breaches and fraudulent activities. In this study, the authors explored a narrative review that focuses on the theoretical underpinnings of vast works of literature that revealed significant information on the conceptual framework, existing systems that adopt BYOD security, analysis, and synthesis of prior research. Using some keywords “BYOD system security”, “BYOD security threats”, “cyber-attacks and security”, etc., an electronic database search extracted peer-reviewed articles from the last five years. The thematic analysis of fifty-one articles retrieved revealed that breaches and fraudulent activities exist with the use of BYOD that may be perpetrated against organization’s data, intentionally or maliciously. Good policies and guidelines on the use of BYOD coupled with good formulation and communication of same, should be adhered to avert some forms of security breaches. There is the need to preserve user’s privacy, organizations’ data confidentiality, integrity, and availability, and secure same in the devices of employees using their own devices to process corporate and personal data, by using acceptable and effective BYOD Policy and Mobile Device Management Solution (MDMS). This may increase mutual trust and BYOD adoption rate, new innovations and influence that can positively impact the organizations and their employees. Keyword: BYOD, security threats, password, cyber-attacks and security, Information security. DOI : 10.7176/JIEA/8-1-07

Highlights

Bring your own device (BYOD) is a system where employees are allowed to use their mobile devices anywhere to access privileged organization data
The main objective of this study was to inform Information Technology (IT), managers of organizational security function, the strategies to withstand most security threats, vulnerabilities, and risks associated with Bring Your Own Device’ (BYOD) systems www.iiste.org
Results show that 70 percent of IT professionals use unauthorized applications that has resulted in as much as half their company’s data loss incidents. 44 percent of employees share work devices with others without supervision. 39 percent of IT professionals’ access unauthorized parts of a company’s network or facility. 46 percent of employees admitted to have transferred files between work and personal computers when working from home. 18 percent of employees share passwords with co-workers with China, India, and Italy topping this proportion with 25 percent (CISCO, 2008)

Summary

Introduction

Bring your own device (BYOD) is a system where employees are allowed to use their mobile devices anywhere to access privileged organization data. Allowing employees to use their own devices to access company information gives rise to a number of issues that a business must answer in order to comply with its data protection obligations. To address this issue, many organizations are turning to Mobile Device Management (MDM) products and services. This paper focuses on the data and the user with the aim to address the increased potential for data leakage and security challenges associated with MET exemplified by BYOD policies. The main objective of this study was to inform IT, managers of organizational security function, the strategies to withstand most security threats, vulnerabilities, and risks associated with BYOD systems

Objectives

Methods

Results

Conclusion