Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Management issues for Bring Your Own Device
University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics. (Information Systems)
University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics. (Information Systems)ORCID iD: 0000-0002-7858-9471
University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics. (Information Systems)ORCID iD: 0000-0002-8607-948X
2015 (English)In: Proceedings of 12th European, Mediterranean & Middle Eastern Conference on Information Systems 2015 (EMCIS2015) / [ed] Kostantinos Lambrinoudakis, Vincenzo Morabito, Marinos Themistocleous, European, Mediterranean & Middle Eastern Conference on Information Systems (EMCIS) , 2015Conference paper, Published paper (Refereed)
Abstract [en]

Bring Your Own Device (BYOD) is an emerging research area focusing on the organisational adoption of (primarily mobile) devices used for both private and work purposes. There are many information security related problems concerning the use of BYOD and it should therefore be considered an issue of strategic importance for senior managers. This paper presents a systematic literature analysis using a BYOD strategic management framework to assess developing research trends. The analysis reveals early work in the analysis and design aspects of BYOD strategies, but a lack of research in operationalizing (planning, implementation and evaluating) strategy – the action phase. The resulting research agenda identifies twelve management issues for further research and four overall research directions that may stimulate future research.

Place, publisher, year, edition, pages
European, Mediterranean & Middle Eastern Conference on Information Systems (EMCIS) , 2015.
Keywords [en]
BYOD Bring Your Own Device, information security management, strategic management
National Category
Information Systems
Research subject
Information Systems
Identifiers
URN: urn:nbn:se:his:diva-11004Scopus ID: 2-s2.0-85084023843Local ID: 1 2ISBN: 978-960-6897-08-5 (print)OAI: oai:DiVA.org:his-11004DiVA, id: diva2:817936
Conference
European, Mediterranean & Middle Eastern Conference on Information Systems 2015 (EMCIS2015), 1-2 June, Athens, Greece
Note

Received the Best Paper Award

Available from: 2015-06-08 Created: 2015-06-08 Last updated: 2020-08-10Bibliographically approved
In thesis
1. Mobile Device Strategy: A management framework for securing company information assets on mobile devices
Open this publication in new window or tab >>Mobile Device Strategy: A management framework for securing company information assets on mobile devices
2016 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The problem addressed by this research is a demand for increased flexibility in access to organisational information, driven by the increasing popularity of mobile devices. Employees increasingly bring private devices to work (Bring Your Own Device, BYOD) or use work devices for private purposes (Choose Your Own Device, CYOD). This puts managers in a difficult position, since they want the benefits of mobility, without exposing organisational data to further risk. The research focuses on management (particularly information security management) issues in the design and implementation of strategies for mobile devices.  There are two objectives. The first is to identify existing information security management strategies for mobile and dual-use devices. The second is to develop a framework for analysing, evaluating and implementing a mobile device strategy.

The overall research strategy is inspired by Design Science; where the mission is to develop an artefact, in this case a framework, which will help to solve a practical problem. Methods include literature review, theoretical development, and the collection and analysis of qualitative data through interviews with executives. The main result of this work is the framework, which deals with the complete process, including analysis, design and implementation of a mobile device management strategy. It helps researchers to understand necessary steps in analysing phenomenon like BYOD and gives practitioners guidance in which analyses to conduct when working on strategies for mobile devices. The framework was developed primarily through theoretical work (with inspiration from the mobile security and strategic management literature, and the ISO/IEC 27000 standard), and evaluated and refined through the empirical studies. The results include twelve management issues, a research agenda, argumentation for CYOD and, guidance for researchers and practitioners.

Place, publisher, year, edition, pages
Skövde: University of Skövde, 2016. p. 76
Series
Dissertation Series ; 15 (2016)
Keywords
Strategic Management, Mobile device, Information security, information security management, information management, BYOD, CYOD, mobile strategy, mobile device strategy, management framework
National Category
Information Systems
Research subject
Information Systems
Identifiers
urn:nbn:se:his:diva-13125 (URN)978-91-982690-5-5 (ISBN)
Presentation
2016-11-29, G207, Högskolan i Skövde, Skövde, 13:00 (English)
Opponent
Supervisors
Funder
Knowledge Foundation
Available from: 2016-12-05 Created: 2016-11-22 Last updated: 2023-01-03Bibliographically approved
2. Managing information security for mobile devices in small and medium-sized enterprises: Information management, Information security management, mobile device
Open this publication in new window or tab >>Managing information security for mobile devices in small and medium-sized enterprises: Information management, Information security management, mobile device
2020 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The rapid proliferation of mobile devices makes mobile security a weak point in many organisations’ security management. Though there are a number of frameworks and methods available for improving security management, few of these target mobile devices, and most are designed for large organisations. Small and medium size organisations are known to be vulnerable to mobile threats, and often subject to the same legal requirements as larger organisations. However, they typically lack the resources and specialist competences necessary to use the available frameworks.

This thesis describes an Action Design Research project to devise and test a low cost, low learning curve method for improving mobile security management. The project is conducted together with a small Swedish consulting company and evaluated in several other companies. In order to solve the challenge that SMEs faces; three objectives have been set:

1. Identify existing solutions at a strategic level to managing information that is accessible with mobile devices and their suitability for SMEs.

2. Develop a framework to support SMEs to manage information in a secure way on mobile devices.

3. Evaluate the framework in practice.

The results show that simple theoretical models can be integrated with well-known analysis techniques to inform managers and provide practical help for small companies to improve mobile security practice. The most important contribution to both science and practice is a structured approach for managers to deal with mobile devices, or for that matter other technology advances that do not fit into the existing management system. The journey to the final solution also produced several smaller contributions to science, for example insights from C-suites about strategies and work with mobile devices, differences and similarities between CYOD (choose your own device) and BYOD (bring your own device), the role of security policies in organisations, and twelve identified management issues with mobile devices.

Place, publisher, year, edition, pages
Skövde: University of Skövde, 2020. p. 228
Series
Dissertation Series ; 32
Keywords
Information management, Information security management, mobile device
National Category
Information Systems
Research subject
Information Systems
Identifiers
urn:nbn:se:his:diva-18889 (URN)978-91-984918-4-5 (ISBN)
Public defence
2020-09-11, G109, Högskolevägen 1, Skövde, 13:00 (English)
Opponent
Supervisors
Funder
Knowledge Foundation
Available from: 2020-08-10 Created: 2020-08-10 Last updated: 2020-08-20Bibliographically approved

Open Access in DiVA

Management issues for Bring Your Own Device(568 kB)4024 downloads
File information
File name FULLTEXT01.pdfFile size 568 kBChecksum SHA-512
d2aca6d68555e68cce3e2174221728ea6fe4850d65b987ddd0324e3efdc617f4e13ca547b166a7e814e2c75286525c374a2212640a9244b091e064b29100b73f
Type fulltextMimetype application/pdf

Scopus

Authority records

Brodin, MartinRose, JeremyÅhlfeldt, Rose-Mharie

Search in DiVA

By author/editor
Brodin, MartinRose, JeremyÅhlfeldt, Rose-Mharie
By organisation
The Informatics Research CentreSchool of Informatics
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 4024 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 9868 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf