Security Policy Opt-In Decisions in Bring-Your-Own-Device (Byod) - a Persuasion and Cognitive Elaboration Perspective PDF Download

Author: Xue Yang
Publisher:
ISBN:
Category :
Languages : en
Pages : 0

View

Book Description
Bring-Your-Own-Device (BYOD) has gained increased popularity in organizations but may engender information security concerns. To address these concerns, employees are expected to opt-in and comply with organizational BYOD security policy. This study investigates the factors that affect employees' opt-in decisions with BYOD security policy. Drawing on the theoretical lenses of persuasion and cognitive elaboration, we propose that employees' cognitive elaborations of BYOD security policy could be affected by the valence of justification of the BYOD security policy, the stringency of BYOD security measures, and the sequence of the introduction of BYOD security policy in relation to employees' use of personal devices to perform organizational tasks and such cognitive elaborations would in turn affect opt-in decisions. We conducted an experimental survey to test our propositions. The results indicate that positive BYOD security policy justification framing and post-task security policy exposure would lead to more positive cognitive elaboration, decision to opt-in, and compliance with the BYOD security policy. This research has significant implications for security management with respect to the design and implementation of BYOD security policy within an organization according to the nature of security policy and the task requirements. Full paper available at https://doi.org/10.1080/10919392.2019.1639913.

Author: Haruna Chiroma
Publisher: Springer Nature
ISBN: 3030662888
Category : Technology & Engineering
Languages : en
Pages : 316

View

Book Description
This book addresses theories and empirical procedures for the application of machine learning and data mining to solve problems in cyber dynamics. It explains the fundamentals of cyber dynamics, and presents how these resilient algorithms, strategies, techniques can be used for the development of the cyberspace environment such as: cloud computing services; cyber security; data analytics; and, disruptive technologies like blockchain. The book presents new machine learning and data mining approaches in solving problems in cyber dynamics. Basic concepts, related work reviews, illustrations, empirical results and tables are integrated in each chapter to enable the reader to fully understand the concepts, methodology, and the results presented. The book contains empirical solutions of problems in cyber dynamics ready for industrial applications. The book will be an excellent starting point for postgraduate students and researchers because each chapter is design to have future research directions.

Author: Bob Hayes
Publisher: Newnes
ISBN: 0124116108
Category : Computers
Languages : en
Pages : 21

View

Book Description
Bring Your Own Device (BYOD) to Work examines the emerging BYOD (Bring Your Own Device to work) trend in corporate IT. BYOD is the practice of employees bringing personally-owned mobile devices (e.g., smartphones, tablets, laptops) to the workplace, and using those devices to access company resources such as email, file servers, and databases. BYOD presents unique challenges in data privacy, confidentiality, security, productivity, and acceptable use that must be met proactively by information security professionals. This report provides solid background on the practice, original research on its pros and cons, and actionable recommendations for implementing a BYOD program. Successful programs are cross-functional efforts including information technology, human resources, finance, legal, security, and business operating teams. This report is a valuable resource to any security professional considering a BYOD program. Bring Your Own Device (BYOD) to Work is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. Presents research data associated with BYOD and productivity in the workplace Describes BYOD challenges, risks, and liabilities Makes recommendations for the components a clearly communicated BYOD program should contain

Author: Janvan Munyoki
Publisher: GRIN Verlag
ISBN: 3346825205
Category : Computers
Languages : en
Pages : 142

View

Book Description
Doctoral Thesis / Dissertation from the year 2016 in the subject Computer Science - Commercial Information Technology, grade: 3.923, Capella University (School of Technology), course: PHD in Information Technology, language: English, abstract: Research conducted by Tech Pro (2014) indicated that the Bring Your Own Device (BYOD) concept is gaining momentum, with 74% of organizations already having some BYOD program or planning to implement one. While BYOD offers several benefits, it also presents challenges that concern information technology leaders and information security managers. This correlational study used the systems theory framework to examine the relationship between information security managers’ intentions, perceptions of security, and compliance regarding BYOD implementation. Participants of the study consisted of information security managers in Kenya who had obtained the Certified Information Systems Manager certification. Data was collected from 54 information security managers through a survey instrument. The survey instrument integrated three other instruments with proven reliability developed by other researchers. Data was analyzed using a multiple regression analysis to test for a relationship between the variables of the study (security, compliance, and intent to implement BYOD). The multiple regression conducted in this study was insignificant, indicating a relationship did not exist between the study’s variables (F(2, 86) = 0.33, p = .718, R2 = .00). A significant negative relationship was found between security and compliance, indicating a weakly negative correlation (r = -.26, p = .016). Using the results from the study, information technology leaders may be able to develop strategies from which to implement BYOD successfully. Implications for social change include increased knowledge of securing personal devices for employees and consumers in general and reduction in costs associated with security and data breaches.

Author: Afnan Alsharif
Publisher:
ISBN: 9780438392427
Category : Universities and colleges
Languages : en
Pages : 34

View

Book Description
Security, privacy, Bring Your Own Device (BYOD), and other information technology usage policies are an essential component of a cybersecurity plan and its implementation within organizations. In this thesis, we present the method and results of a web-based content analysis describing the public availability of such policies for a randomly selected set of 52 U.S. educational institutions. Method: A set of Google searches was performed within each institution's main website, in 2016, using a set of security policy terms. Results: 90.4% Privacy Policy, 34.6% Information Security Policy, 42.3% Security Policy, 1.9% BYOD Policy, 82.7% Acceptable Use Policy, 28.8% Authentication and Password Policy, 19.2% Data Classification Policy, 11.9% Incident Response Policy, 2% Mobile Device Policy, 71.7% Network and VPN, 29.2% Cloud Services Policy, 3.8% Physical Security Policy, 82.7% Data Retention Policy, 30.8% Contractor Connection Policy, 96.2% Wireless Access Policy, 80.7% A Policy Change Log.

Author: Jessica Keyes
Publisher: CRC Press
ISBN: 1466565047
Category : Business & Economics
Languages : en
Pages : 451

View

Book Description
Where end-users once queued up to ask the IT department for permission to buy a new computer or a new version of software, they are now bypassing IT altogether and buying it on their own. From laptops and smartphones to iPads and virtually unlimited software apps, end-users have tasted their freedom and love it. IT will simply never be the same.Bri

Author: Jason A. Bougetz
Publisher:
ISBN:
Category : Computer security
Languages : en
Pages : 132

View

Book Description
Information Technology (IT) helps a business in the current state of mass information sharing and comprehension. Information Services (IS) departments allow a business to use new IT support services and knowledge in order to explore new ways of sharing data and doing business. Without IS constantly addressing new ways of doing business the environment for business operations can change dramatically, sometimes for the worse. Investigating, comprehending, sharing, supporting, and maintaining new IS policies and practices allows a business to stay competitive and secure in the every changing digital landscape. Bring Your Own Device (BYOD) practices have manifested as concepts and transformed into full blown new policies for companies both big and small. Without properly researching how to create a new BYOD policy, along with presenting the new policy to key stakeholders, the BYOD policy could experience company adoption resistance. In addition to policy research and stakeholders acceptance, BYOD policy enforcement is also needed in order for a policy to be successful. A successful policy can assist a company save money over the lifetime of the project. The agility that a new policy brings to a business helps transform the way the business conducts itself in the market place. Deciding what software a company should use and what security policies go into choosing a software package that will fit your business requires asking what a company needs a security suite to accomplish. Without setting proper standards on a global scale, the inconsistences pertaining to BYOD security could continue, making BYOD a challenge for a company to implement and understand. Keywords: Cybersecurity, Professor Daniel Draz, deficiency, cost, governance, digital, rules.

Author: Naval Postgraduate Naval Postgraduate School
Publisher: CreateSpace
ISBN: 9781512184419
Category :
Languages : en
Pages : 138

View

Book Description
The purpose of a bring-your-own-device (BYOD) program is to increase productivity as it allows individuals to access and manipulate data from non-traditional workplaces to support mission requirements. The United States Marine Corps (USMC) has started a pilot BYOD program, but a user policy for the USMC BYOD program has not yet been identified, despite the driving force that policy has on final implementation and potential acceptance. Therefore, this thesis answers the question, is it possible to develop a BYOD user policy for the USMC that minimizes risk for all parties while allowing for the intended flexibility? Three case studies were conducted on organizations that have implemented BYOD programs, comparing user policies and best practices to mitigate risks and address user privacy concerns. The case studies were also compared with governing Department of Defense instructions and National Institute of Standards and Technology guidance to identify a baseline of applicable security controls to formulate a viable user policy and agreement to support USMC security requirements. This thesis found that a clearly articulated user agreement tailored to the USMC's technological solution can be written to support the successful implementation of its BYOD program to ensure the benefits outweigh the potential risks.

Author: Naval Postgraduate Naval Postgraduate School
Publisher: Createspace Independent Publishing Platform
ISBN: 9781522986287
Category :
Languages : en
Pages : 138

View

Book Description
The purpose of a bring-your-own-device (BYOD) program is to increase productivity as it allows individuals to access and manipulate data from non-traditional workplaces to support mission requirements. The United States Marine Corps (USMC) has started a pilot BYOD program, but a user policy for the USMC BYOD program has not yet been identified, despite the driving force that policy has on final implementation and potential acceptance. Therefore, this book answers the question, is it possible to develop a BYOD user policy for the USMC that minimizes risk for all parties while allowing for the intended flexibility? Three case studies were conducted on organizations that have implemented BYOD programs, comparing user policies and best practices to mitigate risks and address user privacy concerns. The case studies were also compared with governing Department of Defense instructions and National Institute of Standards and Technology guidance to identify a baseline of applicable security controls to formulate a viable user policy and agreement to support USMC security requirements. This book found that a clearly articulated user agreement tailored to the USMC's technological solution can be written to support the successful implementation of its BYOD program to ensure the benefits outweigh the potential risks.

Author: National Institute National Institute of Standards and Technology
Publisher:
ISBN: 9781548713287
Category :
Languages : en
Pages : 46

View

Book Description
NIST SP 800-114 Rev 1 July 2016 Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. Each telework device is controlled by the organization, a third party (such as the organization''s contractors, business partners, and vendors), or the teleworker; the latter is known as bring your own device (BYOD). This publication provides recommendations for securing BYOD devices used for telework and remote access, as well as those directly attached to the enterprise''s own networks. Why buy a book you can download for free? First you gotta find it and make sure it''s the latest version (not always easy). Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it''s just 10 pages, no problem, but if it''s a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that''s paid $75 an hour has to do this himself (who has assistant''s anymore?). If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money. It''s much more cost-effective to just order the latest version from Amazon.com This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 � by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB), and is not affiliated with the National Institute of Standards and Technology. For more titles published by 4th Watch Books, please visit: cybah.webplus.net A full copy of all the pertinent cybersecurity standards is available on DVD-ROM in the CyberSecurity Standards Library disc which is available at Amazon.com. NIST SP 500-299 NIST Cloud Computing Security Reference Architecture NIST SP 500-291 NIST Cloud Computing Standards Roadmap Version 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 1 & 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 3 DRAFT NIST SP 1800-8 Securing Wireless Infusion Pumps NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs) NIST SP 800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 800-177 Trustworthy Email NIST SP 800-184 Guide for Cybersecurity Event Recovery NIST SP 800-190 Application Container Security Guide NIST SP 800-193 Platform Firmware Resiliency Guidelines NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 1800-2 Identity and Access Management for Electric Utilities NIST SP 1800-5 IT Asset Management: Financial Services NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security NIST SP 1800-7 Situational Awareness for Electric Utilities NIST SP 500-288 Specification for WS-Biometric Devices (WS-BD) NIST SP 500-304 Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information NIST SP 800-32 Public Key Technology and the Federal PKI Infrastructure NIST SP 800-63-3 Digital Identity Guidelines NIST SP 800-63a Digital Identity Guidelines - Enrollment and Identity Proofing NIST SP 800-63b Digital Identity Guidelines - Authentication and Lifecycle Management NIST SP 800-63c Digital Identity Guidelines NIST SP 800-178 Comparison of Attribute Based Access Control (ABAC) Standards