Högskolan i Skövde

his.sePublications
Change search
Refine search result
1 - 12 of 12
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Amorim, Joni A.
    et al.
    University of Skövde, The Informatics Research Centre. University of Skövde, School of Humanities and Informatics.
    Hendrix, Maurice
    Coventry University Technology Park, Coventry, UK.
    Andler, Sten F.
    University of Skövde, The Informatics Research Centre. University of Skövde, School of Humanities and Informatics.
    Llinas, James
    State University of New York at Buffalo, USA.
    Gustavsson, Per M.
    Försvarshögskolan, Militärvetenskapliga institutionen (MVI), Ledningsvetenskapliga avdelningen (LVA).
    Brodin, Martin
    Actea Consulting, Sweden.
    Cyber Security Training Perspectives2013Conference paper (Refereed)
    Abstract [en]

    Building comprehensive cyber security strategies to protect people, infrastructure and assets demands research on methods and practices to reduce risks. Once the methods and practices are identified, there is a need to develop training for the manystakeholders involved, from security experts to the end user. In thispaper, we discuss new approaches for training, which includes the development of serious games for training on cyber security. The identification of the theoretical framework to be used for situation and threat assessment receives special consideration.

  • 2.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    A Framework for GDPR Compliance for Small- and Medium-Sized Enterprises2019In: European Journal for Security Research, ISSN 2365-0931, E-ISSN 2365-1695, Vol. 4, no 2, p. 243-264Article in journal (Refereed)
    Abstract [en]

    The EU’s General Data Protection (GDPR) is an EU regulation that affects everyone in the EU and all organisations outside the EU that wants to do business with the EU. GDPR introduces tougher requirements for processing personal data, which may be difficult for many small- and medium-sized enterprises (SMEs) to follow without major adjustments. This work uses design science to develop a framework for SMEs to adapt to GDPR. The framework was empirically evaluated in three different types of organisations, resulting of GDPR compliance according to their Data Protection Officers. It was also theoretical evaluated against scientific literature including the identified implications of GDPR. In this paper the framework is presented, from initial analysis and design to implementation and future work, with advice on how to work with each part to achieve compliance. The paper also highlights some of the most important changes in GDPR compared to its predecessor, Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (DIR95).

    Download full text (pdf)
    fulltext
  • 3.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. Actea Consulting AB.
    BYOD vs. CYOD: What is the difference?2016In: Proceedings of the 9th IADIS International Conference: Information Systems 2016 / [ed] Miguel Baptista Nunes, Pedro Isaías, Philip Powell, IADIS Press, 2016, p. 55-62Conference paper (Refereed)
    Abstract [en]

    During the last years mobile devices have become very popular to use both for work and pleasure. Different strategies have evolved to increase productivity and to satisfy the employees. In this paper, we look at the two most popular strategies and look at the strengths and weaknesses of those. This is done by a systematic literature review and semi-structured interviews with CIO’s or equivalent roles. We conclude that BYOD and CYOD comes with similar strengths, but CYOD brings a little fewer security risks.

    Download full text (pdf)
    fulltext
  • 4.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Combining ISMS with strategic management: The case of BYOD2015In: Information Systems 2015: Proceedings of the 8th IADIS International Conference / [ed] Miguel Baptista Nunes, Pedro Isaias, Philip Powell, IADIS Press, 2015, p. 161-168Conference paper (Refereed)
    Abstract [en]

    Bring Your Own Device (BYOD) (where employees use their private devices for work) causes problems for organisations since their management systems are seldom designed for this purpose. If BYOD is not adequately regulated, many security and privacy issues may result. This paper proposes an analysis-design-action framework for designing a suitable security management strategy by combining Johnson and Scholes’ strategic management model with the ISO/IEC 27000-series.

    Download full text (pdf)
    Combining ISM with strategic management - the case of BYOD
  • 5.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Management of Mobile Devices: How to Implement a New Strategy2016In: Proceedings of The 27th International Business Information Management Association Conference: Innovation Management and Education Excellence Vision 2020: From Regional Development Sustainability to Global Economic Growth / [ed] Khalid S. Soliman, International Business Information Management Association (IBIMA), 2016, p. 1261-1268Conference paper (Refereed)
    Abstract [en]

    Since smartphones entered the market the need for them has exploded, today 85 % believe that their mobile is a central part of their life. Despite the major focus on mobile devices and increased budgets, there are still many organisations missing a strategy for mobile devices. This article investigates the most important steps to take when implementing a mobile device strategy by conducting an empirical study with interviews with CIO or equivalent roles in 13 organisations with 50 to 15 000 employees. The result is an improved framework for mobile device implementation.

    Download full text (pdf)
    fulltext
  • 6.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment. Actea Consulting AB.
    Managing information security for mobile devices in small and medium-sized enterprises: Information management, Information security management, mobile device2020Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    The rapid proliferation of mobile devices makes mobile security a weak point in many organisations’ security management. Though there are a number of frameworks and methods available for improving security management, few of these target mobile devices, and most are designed for large organisations. Small and medium size organisations are known to be vulnerable to mobile threats, and often subject to the same legal requirements as larger organisations. However, they typically lack the resources and specialist competences necessary to use the available frameworks.

    This thesis describes an Action Design Research project to devise and test a low cost, low learning curve method for improving mobile security management. The project is conducted together with a small Swedish consulting company and evaluated in several other companies. In order to solve the challenge that SMEs faces; three objectives have been set:

    1. Identify existing solutions at a strategic level to managing information that is accessible with mobile devices and their suitability for SMEs.

    2. Develop a framework to support SMEs to manage information in a secure way on mobile devices.

    3. Evaluate the framework in practice.

    The results show that simple theoretical models can be integrated with well-known analysis techniques to inform managers and provide practical help for small companies to improve mobile security practice. The most important contribution to both science and practice is a structured approach for managers to deal with mobile devices, or for that matter other technology advances that do not fit into the existing management system. The journey to the final solution also produced several smaller contributions to science, for example insights from C-suites about strategies and work with mobile devices, differences and similarities between CYOD (choose your own device) and BYOD (bring your own device), the role of security policies in organisations, and twelve identified management issues with mobile devices.

    Download full text (pdf)
    fulltext
  • 7.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. Actea Consulting AB.
    Mobile Device Strategy: A management framework for securing company information assets on mobile devices2016Licentiate thesis, comprehensive summary (Other academic)
    Abstract [en]

    The problem addressed by this research is a demand for increased flexibility in access to organisational information, driven by the increasing popularity of mobile devices. Employees increasingly bring private devices to work (Bring Your Own Device, BYOD) or use work devices for private purposes (Choose Your Own Device, CYOD). This puts managers in a difficult position, since they want the benefits of mobility, without exposing organisational data to further risk. The research focuses on management (particularly information security management) issues in the design and implementation of strategies for mobile devices.  There are two objectives. The first is to identify existing information security management strategies for mobile and dual-use devices. The second is to develop a framework for analysing, evaluating and implementing a mobile device strategy.

    The overall research strategy is inspired by Design Science; where the mission is to develop an artefact, in this case a framework, which will help to solve a practical problem. Methods include literature review, theoretical development, and the collection and analysis of qualitative data through interviews with executives. The main result of this work is the framework, which deals with the complete process, including analysis, design and implementation of a mobile device management strategy. It helps researchers to understand necessary steps in analysing phenomenon like BYOD and gives practitioners guidance in which analyses to conduct when working on strategies for mobile devices. The framework was developed primarily through theoretical work (with inspiration from the mobile security and strategic management literature, and the ISO/IEC 27000 standard), and evaluated and refined through the empirical studies. The results include twelve management issues, a research agenda, argumentation for CYOD and, guidance for researchers and practitioners.

    Download full text (pdf)
    MOBILE DEVICE STRATEGY
  • 8.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. Actea Consulting AB.
    Mobile Device Strategy: From a Management Point of View2017In: Journal of Mobile Technologies, Knowledge and Society, E-ISSN 2155-4811, Vol. 2017, article id 593035Article in journal (Refereed)
    Abstract [en]

    In recent years, mobile devices have become an indispensable part of working life. However, in many cases the same device is also used privately, which has blurred the line between personal and company data. This situation needs to be analysed, and a long-term strategy implemented for organisations not to lose control of their data. This article is based on interviews with executives and a theoretical framework for managing mobile devices. Empirical input from practice is used to update the framework to help organisations to better respond to emerging trends for mobile devices.

    Download full text (pdf)
    Mobile Device Strategy: From a Management Point of View
  • 9.
    Brodin, Martin
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre. Actea Consulting AB, Sweden.
    Security strategies for managing mobile devices in SMEs: A theoretical evaluation2017In: Proceedings of the 8th International Conference on Information, Intelligence, Systems & Applications (IISA), IEEE, 2017, p. 89-94Conference paper (Refereed)
    Abstract [en]

    With mobile devices connecting personal and business lives together creating opportunities for both employees and employers the need for a longtime mobile strategy increases. The scientific literature provides four different approaches which are analyzed together with an approach from a governmental agency. As basis for the analysis is identified security challenges which are adopted to a SMEs environment. The conclusion is that most of the framework manage the security challenges well, but only two take benefits with mobile devices into account.

  • 10.
    Brodin, Martin
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Rose, Jeremy
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Improving mobile security management in SME’s: the MSME framework2020In: Journal of Information System Security, ISSN 1551-0123, E-ISSN 1551-0808, Vol. 16, no 1, p. 47-75Article in journal (Refereed)
    Abstract [en]

    The rapid proliferation of mobile devices makes mobile security a weak point in many organisations’ security management. Though there are a number of frameworks and methods available for improving security management, few of these target mobile devices, and most are designed for large organisations. Small and medium size organisations are known to be vulnerable to mobile threats, and often subject to the same legal requirements as larger organisations (for example the European General Data Protection Regulation). However they typically lack the resources and specialist competences necessary to use the available commercial frameworks. This article describes an Action Design Research project to devise and test a low cost, low learning curve framework for improving mobile security management. The project is conducted together with a small Swedish consulting company with the pseudonym Novukon. The results show that simple theoretical models can be integrated with well-known analysis techniques to inform managers and provide practical help for small companies to improve mobile security practice. A set of nine design principles are included to guide further research.

  • 11.
    Brodin, Martin
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Rose, Jeremy
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Mobile information security management for small organisation technology upgrades: the policy-driven approach and the evolving implementation approach2020In: International Journal of Mobile Communications, ISSN 1470-949X, E-ISSN 1741-5217, Vol. 18, no 5, p. 598-618Article in journal (Refereed)
    Abstract [en]

    Information security management researchers are often focused on the information security policy, its implementation and evaluation as the primary means of ensuring that organisations protect their valuable data. However, information security is usually nested with a variety of other concerns (for instance technology upgrades, information access, efficiency and sustainability issues, employee satisfaction), so this policy-driven approach is seldom operated in isolation. We investigate the approach as implied in the mobile information security literature, provide a literature-inspired characterisation and use it to analyse an iPad implementation for politicians in a Swedish municipality. The analysis provides only a partial explanation for security work in this kind of small organisation technology upgrade, so we develop a complementary approach: the evolving implementation approach. A suggestion is made for how the two approaches can be reconciled, and implications for both practitioners and researchers derived.

  • 12.
    Brodin, Martin
    et al.
    University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics.
    Rose, Jeremy
    University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics.
    Åhlfeldt, Rose-Mharie
    University of Skövde, The Informatics Research Centre. University of Skövde, School of Informatics.
    Management issues for Bring Your Own Device2015In: Proceedings of 12th European, Mediterranean & Middle Eastern Conference on Information Systems 2015 (EMCIS2015) / [ed] Kostantinos Lambrinoudakis, Vincenzo Morabito, Marinos Themistocleous, European, Mediterranean & Middle Eastern Conference on Information Systems (EMCIS) , 2015Conference paper (Refereed)
    Abstract [en]

    Bring Your Own Device (BYOD) is an emerging research area focusing on the organisational adoption of (primarily mobile) devices used for both private and work purposes. There are many information security related problems concerning the use of BYOD and it should therefore be considered an issue of strategic importance for senior managers. This paper presents a systematic literature analysis using a BYOD strategic management framework to assess developing research trends. The analysis reveals early work in the analysis and design aspects of BYOD strategies, but a lack of research in operationalizing (planning, implementation and evaluating) strategy – the action phase. The resulting research agenda identifies twelve management issues for further research and four overall research directions that may stimulate future research.

    Download full text (pdf)
    Management issues for Bring Your Own Device
1 - 12 of 12
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf